Skip to content

GitLab

Commit c812a32a authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Fix copying of institution views during sso new user creation (bug 3248)

parent b95c05c9
Hide whitespace changes
Inline Side-by-side
htdocs/auth/user.php
View file @ c812a32a
......@@ -708,7 +708,7 @@ class User {
*
* @param array $templateids A list of viewids to copy.
*/
public function copy_views($templateids) {
public function copy_views($templateids, $checkviewaccess=true) {
if (!$templateids) {
// Nothing to do
return;
......@@ -729,7 +729,7 @@ class User {
'owner' => $this->get('id'),
'title' => $views[$tid]->title,
'description' => $views[$tid]->description,
), $tid, $this->get('id'));
), $tid, $this->get('id'), $checkviewaccess);
}
db_commit();
}
......
htdocs/lib/institution.php
View file @ c812a32a
......@@ -215,6 +215,7 @@ class Institution {
}
public function addUserAsMember($user) {
global $USER;
if ($this->isFull()) {
throw new SystemException('Trying to add a user to an institution that already has a full quota of members');
}
......@@ -260,9 +261,10 @@ class Institution {
insert_record('usr_institution', $userinst);
delete_records('usr_institution_request', 'usr', $userinst->usr, 'institution', $this->name);
// Copy institution views to the user's portfolio
$checkviewaccess = empty($user->newuser) && !$USER->get('admin');
$userobj = new User();
$userobj->find_by_id($user->id);
$userobj->copy_views(get_column('view', 'id', 'institution', $this->name, 'copynewuser', 1));
$userobj->copy_views(get_column('view', 'id', 'institution', $this->name, 'copynewuser', 1), $checkviewaccess);
require_once('activity.php');
activity_occurred('maharamessage', $message);
handle_event('updateuser', $userinst->usr);
......
htdocs/lib/user.php
View file @ c812a32a
......@@ -1236,6 +1236,8 @@ function create_user($user, $profile=array(), $institution=null, $remoteauth=nul
else {
$user->id = insert_record('usr', $user, 'id', true);
}
// Bypass access check for 'copynewuser' institution/site views, because this user may not be logged in yet
$user->newuser = true;
set_profile_field($user->id, 'email', $user->email);
set_profile_field($user->id, 'firstname', $user->firstname);
......@@ -1252,7 +1254,7 @@ function create_user($user, $profile=array(), $institution=null, $remoteauth=nul
$institution = new Institution($institution);
}
if ($institution->name != 'mahara') {
$institution->addUserAsMember($user);
$institution->addUserAsMember($user); // uses $user->newuser
}
}
......@@ -1272,9 +1274,10 @@ function create_user($user, $profile=array(), $institution=null, $remoteauth=nul
}
// Copy site views to the new user's profile
$checkviewaccess = !$user->newuser;
$userobj = new User();
$userobj->find_by_id($user->id);
$userobj->copy_views(get_column('view', 'id', 'institution', 'mahara', 'copynewuser', 1));
$userobj->copy_views(get_column('view', 'id', 'institution', 'mahara', 'copynewuser', 1), $checkviewaccess);
handle_event('createuser', $user);
db_commit();
......
htdocs/lib/view.php
View file @ c812a32a
......@@ -135,7 +135,7 @@ class View {
* @throws SystemException under various circumstances, see the source for
* more information
*/
public static function create_from_template($viewdata, $templateid, $userid=null) {
public static function create_from_template($viewdata, $templateid, $userid=null, $checkaccess=true) {
if (is_null($userid)) {
global $USER;
$userid = $USER->get('id');
......@@ -155,7 +155,7 @@ class View {
if (!$template->get('template') && !$user->can_edit_view($template)) {
throw new SystemException("View::create_from_template: Attempting to create a View from another View that is not marked as a template");
}
else if (!can_view_view($templateid, $userid)) {
else if ($checkaccess && !can_view_view($templateid, $userid)) {
throw new SystemException("View::create_from_template: User $userid is not permitted to copy View $templateid");
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment