Commit ee9ace6f authored by Nigel McNie's avatar Nigel McNie
Browse files

Tell people when we're preventing them from acessing the admin section.



Also make the admin user search results output links to the user profile
instead of the admin section when the logged in user can't edit that
person. Saves a redirect.
Signed-off-by: default avatarNigel McNie <nigel@catalyst.net.nz>
parent 52f4db9c
......@@ -40,7 +40,8 @@ $user = new User;
$user->find_by_id($id);
if (!$USER->is_admin_for_user($user)) {
redirect(get_config('wwwroot').'user/view.php?id='.$id);
$SESSION->add_error_msg(get_string('youcannotadministerthisuser', 'admin'));
redirect('/user/view.php?id=' . $id);
}
......
......@@ -381,6 +381,7 @@ $string['usereditdescription'] = 'Here you can view and set details for this use
$string['suspenddeleteuser'] = 'Suspend/Delete User';
$string['suspenddeleteuserdescription'] = 'Here you may suspend or entirely delete a user account. Suspended users are unable to log in until their account is unsuspended. Please note that while a suspension can be undone, deletion <strong>cannot</strong> be undone.';
$string['deleteusernote'] = 'Please note that this operation <strong>cannot be undone</strong>.';
$string['youcannotadministerthisuser'] = 'You cannot administer this user';
// Add User
$string['adduser'] = 'Add User';
......
......@@ -286,15 +286,8 @@ function build_admin_user_search_results($search, $offset, $limit, $sortby, $sor
$searchurl = get_config('wwwroot') . 'admin/users/search.php?' . join('&amp;', $params)
. '&amp;limit=' . $limit;
$usernametemplate = '<a href="' . get_config('wwwroot') . 'admin/users/edit.php?id={$r.id}">{$r.username|escape}</a>';
if (!$USER->get('admin')) {
// Only create the edit link if the returned user belongs to an institution that the viewer administers
$cond = array();
foreach ($USER->get('admininstitutions') as $i) {
$cond[] = 'isset($r.institutions.' . $i . ')';
}
$usernametemplate = '{if ' . join('||', $cond) . '}' . $usernametemplate . '{else}{$r.username}{/if}';
}
$usernametemplate = '<a href="' . get_config('wwwroot')
. '{if $USER->is_admin_for_user($r.id)}admin/users/edit.php?id={$r.id}{else}user/view.php?id={$r.id}{/if}">{$r.username|escape}</a>';
$cols = array(
'icon' => array('name' => '',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment