Commit fc76f3db authored by Eugene Venter's avatar Eugene Venter Committed by Francois Marier
Browse files

Sharing of views/collections with institutions



Part of bug #807278

Enable the ability for users to share their views/collections with
the institutions they are members of.

Change-Id: Id647672141610cced579dbf199690292a249e7b7
Signed-off-by: default avatarEugene Venter <eugene@catalyst.net.nz>
parent 7f2b345b
......@@ -131,6 +131,7 @@ if ($institution || $add) {
delete_records('host', 'institution', $values['i']);
delete_records('institution_locked_profile_field', 'name', $values['i']);
delete_records('usr_institution_request', 'institution', $values['i']);
delete_records('view_access', 'institution', $values['i']);
delete_records('institution', 'name', $values['i']);
db_commit();
......
......@@ -143,10 +143,12 @@ $string['share'] = 'Share';
$string['sharewith'] = 'Share with';
$string['accesslist'] = 'Access list';
$string['sharewithmygroups'] = 'Share with My Groups';
$string['sharewithmyinstitutions'] = 'Share with my institutions';
$string['sharewithusers'] = 'Share with users';
$string['shareview'] = 'Share page';
$string['otherusersandgroups'] = 'Share with other users and groups';
$string['moreoptions'] = 'Advanced Options';
$string['moreinstitutions'] = 'More Institutions';
$string['allviews'] = 'All pages';
$string['submitviewconfirm'] = 'If you submit \'%s\' to \'%s\' for assessment, you will not be able to edit the page until your tutor has finished marking it. Are you sure you want to submit this page now?';
......
......@@ -741,6 +741,7 @@
<FIELD NAME="group" TYPE="int" LENGTH="10" NOTNULL="false" />
<FIELD NAME="role" TYPE="char" LENGTH="255" NOTNULL="false" />
<FIELD NAME="usr" TYPE="int" LENGTH="10" NOTNULL="false" />
<FIELD NAME="institution" TYPE="char" LENGTH="255" NOTNULL="false" />
<FIELD NAME="token" TYPE="char" LENGTH="100" NOTNULL="false" />
<FIELD NAME="visible" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="1" />
<FIELD NAME="startdate" TYPE="datetime" NOTNULL="false" />
......@@ -753,6 +754,7 @@
<KEY NAME="viewfk" TYPE="foreign" FIELDS="view" REFTABLE="view" REFFIELDS="id" />
<KEY NAME="groupfk" TYPE="foreign" FIELDS="group" REFTABLE="group" REFFIELDS="id" />
<KEY NAME="usrfk" TYPE="foreign" FIELDS="usr" REFTABLE="usr" REFFIELDS="id" />
<KEY NAME="institutionfk" TYPE="foreign" FIELDS="institution" REFTABLE="institution" REFFIELDS="name" />
</KEYS>
<INDEXES>
<INDEX NAME="tokenix" UNIQUE="false" FIELDS="token"/>
......
......@@ -2585,5 +2585,35 @@ function xmldb_core_upgrade($oldversion=0) {
}
}
if ($oldversion < 2011082300) {
// Add institution to view_access table
$table = new XMLDBTable('view_access');
$field = new XMLDBField('institution');
$field->setAttributes(XMLDB_TYPE_CHAR, 255, null, null);
if (!field_exists($table, $field)) {
add_field($table, $field);
// Add foreign key
$key = new XMLDBKey('institutionfk');
$key->setAttributes(XMLDB_KEY_FOREIGN, array('institution'), 'institution', array('name'));
add_key($table, $key);
if (is_postgres()) {
// Update constraint checks
execute_sql('ALTER TABLE {view_access} DROP CONSTRAINT {view_access_check}');
execute_sql('ALTER TABLE {view_access} ADD CHECK (
(accesstype IS NOT NULL AND "group" IS NULL AND usr IS NULL AND token IS NULL AND institution IS NULL ) OR
(accesstype IS NULL AND "group" IS NOT NULL AND usr IS NULL AND token IS NULL AND institution IS NULL ) OR
(accesstype IS NULL AND "group" IS NULL AND usr IS NOT NULL AND token IS NULL AND institution IS NULL ) OR
(accesstype IS NULL AND "group" IS NULL AND usr IS NULL AND token IS NOT NULL AND institution IS NULL ) OR
(accesstype IS NULL AND "group" IS NULL AND usr IS NULL AND token IS NULL AND institution IS NOT NULL))');
}
else {
// MySQL doesn't support these types of constraints
}
}
}
return $status;
}
......@@ -80,6 +80,18 @@ function pieform_element_viewacl(Pieform $form, $element) {
}
}
$myinstitutions = array();
foreach ($USER->get('institutions') as $i) {
$myinstitutions[] = array(
'type' => 'institution',
'id' => $i->institution,
'start' => null,
'end' => null,
'name' => hsc($i->displayname),
'preset' => false
);
}
$potentialpresets = $presets;
foreach ($potentialpresets as &$preset) {
$preset = array(
......@@ -135,6 +147,7 @@ function pieform_element_viewacl(Pieform $form, $element) {
$smarty->assign('accesslist', json_encode($value));
$smarty->assign('viewid', $form->get_property('viewid'));
$smarty->assign('formname', $form->get_property('name'));
$smarty->assign('myinstitutions', json_encode($myinstitutions));
$smarty->assign('allowcomments', $element['allowcomments']);
$smarty->assign('allgroups', json_encode($allgroups));
$smarty->assign('mygroups', json_encode($mygroups));
......@@ -151,6 +164,9 @@ function pieform_render_viewacl_getvaluebytype($type, $id) {
case 'group':
return get_field('group', 'name', 'id', $id);
break;
case 'institution':
return get_string('institution', 'admin') . ': ' . get_field('institution', 'displayname', 'name', $id);
break;
}
return sprintf("%s: %s", ucfirst($type), $id);
}
......
......@@ -771,3 +771,7 @@ function build_institutions_html($filter, $showdefault, $query, $limit, $offset,
return $data;
}
function institution_display_name($name) {
return get_field('institution', 'displayname', 'name', $name);
}
......@@ -1730,6 +1730,12 @@ function can_view_view($view_id, $user_id=null) {
continue;
}
}
else if ($a->institution) {
// Check if user belongs to the allowed institution
if (!in_array($a->institution, array_keys($user->get('institutions')))) {
continue;
}
}
else if ($a->accesstype == 'objectionable') {
if ($owner = $view->get('owner')) {
if ($user->is_admin_for_user($owner)) {
......
......@@ -634,10 +634,11 @@ function core_postinst() {
(author IS NULL AND authorname IS NOT NULL)
)');
execute_sql('ALTER TABLE {view_access} ADD CHECK (
(accesstype IS NOT NULL AND "group" IS NULL AND usr IS NULL AND token IS NULL) OR
(accesstype IS NULL AND "group" IS NOT NULL AND usr IS NULL AND token IS NULL) OR
(accesstype IS NULL AND "group" IS NULL AND usr IS NOT NULL AND token IS NULL) OR
(accesstype IS NULL AND "group" IS NULL AND usr IS NULL AND token IS NOT NULL)
(accesstype IS NOT NULL AND "group" IS NULL AND usr IS NULL AND token IS NULL AND institution IS NULL) OR
(accesstype IS NULL AND "group" IS NOT NULL AND usr IS NULL AND token IS NULL AND institution IS NULL) OR
(accesstype IS NULL AND "group" IS NULL AND usr IS NOT NULL AND token IS NULL AND institution IS NULL) OR
(accesstype IS NULL AND "group" IS NULL AND usr IS NULL AND token IS NOT NULL AND institution IS NULL) OR
(accesstype IS NULL AND "group" IS NULL AND usr IS NULL AND token IS NULL AND institution IS NOT NULL)
)');
set_antispam_defaults();
......
......@@ -1378,7 +1378,7 @@ function load_user_institutions($userid) {
throw new InvalidArgumentException("couldn't load institutions, no user id specified");
}
if ($institutions = get_records_sql_assoc('
SELECT u.institution,'.db_format_tsfield('ctime').','.db_format_tsfield('u.expiry', 'membership_expiry').',u.studentid,u.staff,u.admin,i.theme,i.registerallowed, i.showonlineusers,i.allowinstitutionpublicviews, i.logo, i.style
SELECT u.institution,'.db_format_tsfield('ctime').','.db_format_tsfield('u.expiry', 'membership_expiry').',u.studentid,u.staff,u.admin,i.displayname,i.theme,i.registerallowed, i.showonlineusers,i.allowinstitutionpublicviews, i.logo, i.style
FROM {usr_institution} u INNER JOIN {institution} i ON u.institution = i.name
WHERE u.usr = ? ORDER BY i.priority DESC', array($userid))) {
return $institutions;
......
......@@ -28,7 +28,7 @@
defined('INTERNAL') || die();
$config = new StdClass;
$config->version = 2011082200;
$config->version = 2011082300;
$config->release = '1.5.0dev';
$config->minupgradefrom = 2008040200;
$config->minupgraderelease = '1.0.0 (release tag 1.0.0_RELEASE)';
......
......@@ -613,13 +613,13 @@ class View {
public function get_access_records() {
$data = get_records_sql_array("
SELECT accesstype, va.group, role, usr, startdate, stopdate, allowcomments, approvecomments
SELECT accesstype, va.group, institution, role, usr, startdate, stopdate, allowcomments, approvecomments
FROM {view_access} va
WHERE view = ? AND visible = 1 AND token IS NULL
ORDER BY
accesstype IS NULL, accesstype DESC,
va.group, role IS NOT NULL, role,
usr,
institution, usr,
startdate IS NOT NULL, startdate, stopdate IS NOT NULL, stopdate,
allowcomments, approvecomments",
array($this->id)
......@@ -654,6 +654,10 @@ class View {
$item['type'] = 'group';
$item['id'] = $item['group'];
}
else if ($item['institution']) {
$item['type'] = 'institution';
$item['id'] = $item['institution'];
}
else {
$item['type'] = $item['accesstype'];
$item['id'] = null;
......@@ -682,6 +686,8 @@ class View {
|| ($c = $a->group - $b->group)
|| ($c = !empty($a->role) - !empty($b->role))
|| ($c = strcmp($a->role, $b->role))
|| ($c = !empty($a->institution) - !empty($b->institution))
|| ($c = strcmp($a->institution, $b->institution))
|| ($c = $a->usr - $b->usr)
|| ($c = !empty($a->startdate) - !empty($b->startdate))
|| ($c = strcmp($a->startdate, $b->startdate))
......@@ -755,6 +761,7 @@ class View {
global $USER;
require_once('activity.php');
require_once('group.php');
require_once('institution.php');
$beforeusers = activity_get_viewaccess_users($this->get('id'), $USER->get('id'), 'viewaccess');
......@@ -795,6 +802,7 @@ class View {
'accesstype' => null,
'group' => null,
'role' => null,
'institution' => null,
'usr' => null,
'token' => null,
'startdate' => null,
......@@ -819,6 +827,9 @@ class View {
$accessrecord->role = $item['role'];
}
break;
case 'institution':
$accessrecord->institution = $item['id'];
break;
case 'friends':
if (!$this->owner) {
continue; // Don't add friend access to group, institution or system views
......@@ -2639,6 +2650,7 @@ class View {
* - v is publically visible at t (in view_access)
* - v is visible to logged in users at t (in view_access)
* - v is visible to friends at t, and u is a friend of the view owner (in view_access)
* - v is visible to institution at t, and u is a member of the institution (in view_access)
* - v is visible to u at t (in view_access_usr)
* - v is visible to all roles of group g at t, and u is a member of g (view_access_group)
* - v is visible to users with role r of group g at t, and u is a member of g with role r (view_access_group)
......@@ -2754,6 +2766,13 @@ class View {
AND vagm.member = ?
) AS ag ON (
ag.view = v.id
)
LEFT OUTER JOIN (
SELECT vai.view, ui.usr
FROM {view_access} vai
INNER JOIN {usr_institution} ui ON (vai.institution = ui.institution AND ui.usr = ?)
) AS vaui ON (
vaui.view = v.id
)';
$where .= "
AND (
......@@ -2766,13 +2785,14 @@ class View {
OR (va.accesstype = 'friends' AND f.usr2 = ?)
OR (vau.usr = ?)
OR (ag.member = ?)
OR (vaui.usr = ?)
)
)
)
AND (
v.group IS NULL OR gd.deleted = 0
)";
$ph = array_merge(array($viewerid,$viewerid,$viewerid,$viewerid), $ph, array($viewerid,$viewerid,$viewerid,$viewerid));
$ph = array_merge(array($viewerid,$viewerid,$viewerid,$viewerid,$viewerid), $ph, array($viewerid,$viewerid,$viewerid,$viewerid, $viewerid));
}
if (!$ownedby && $ownerquery) {
......@@ -2886,9 +2906,10 @@ class View {
$select .= "
LEFT JOIN {usr_friend} f1 ON (v.owner = f1.usr1 AND f1.usr2 = ?)
LEFT JOIN {usr_friend} f2 ON (v.owner = f2.usr2 AND f2.usr1 = ?)
LEFT JOIN {group_member} gm ON (va.group = gm.group AND (va.role IS NULL OR va.role = gm.role) AND gm.member = ?)";
LEFT JOIN {group_member} gm ON (va.group = gm.group AND (va.role IS NULL OR va.role = gm.role) AND gm.member = ?)
LEFT JOIN {usr_institution} ui ON (va.institution = ui.institution AND ui.usr = ?)";
array_push($values, $viewerid, $viewerid, $viewerid);
array_push($values, $viewerid, $viewerid, $viewerid, $viewerid);
$where = "
WHERE
......@@ -2901,6 +2922,7 @@ class View {
AND (va.usr = ?
OR (va.accesstype = 'friends' AND (f1.usr2 IS NOT NULL OR f2.usr1 IS NOT NULL))
OR gm.member IS NOT NULL
OR ui.institution IS NOT NULL
)";
array_push($values, $viewerid, $viewerid);
......@@ -3486,7 +3508,7 @@ class View {
AND (va.startdate IS NULL OR va.startdate < current_timestamp)
AND (va.stopdate IS NULL OR va.stopdate > current_timestamp)
AND (va.accesstype IN ('public', 'loggedin', 'friends', 'objectionable')
OR va.usr = ? OR va.token IS NOT NULL OR gm.member IS NOT NULL)
OR va.usr = ? OR va.token IS NOT NULL OR gm.member IS NOT NULL OR va.institution IS NOT NULL)
ORDER BY va.token IS NULL DESC, va.accesstype != 'friends' DESC",
array($userid, $viewid, $userid)
);
......@@ -3734,6 +3756,8 @@ class View {
* @return array
*/
public static function get_accesslists($owner=null, $group=null, $institution=null) {
require_once('institution.php');
if (!is_null($owner) && $owner > 0) {
$ownerobj = new User();
$ownerobj->find_by_id($owner);
......@@ -3807,6 +3831,11 @@ class View {
$access->roledisplay = get_string($access->role, 'grouptype.' . $access->grouptype);
}
}
else if ($access->institution) {
$access->accesstype = 'institution';
$access->id = $access->institution;
$access->name = institution_display_name($access->institution);
}
else {
$key = $access->accesstype;
}
......
......@@ -258,6 +258,28 @@ var potentialPresets = {{$potentialpresets|safe}};
forEach(potentialPresets, function(preset) {
renderPotentialPresetItem(preset);
});
var myInstitutions = {{$myinstitutions|safe}};
if (myInstitutions.length) {
appendChildNodes('potentialpresetitems', H6(null, '{{str tag=sharewithmyinstitutions section=view}}'));
var i = 0;
var maxInstitutions = 5;
forEach(myInstitutions, function(preset) {
if (i == maxInstitutions) {
var more = A({'href':''}, '{{str tag=moreinstitutions section=view}} »');
connect(more, 'onclick', function(e) {
e.stop();
forEach(getElementsByTagAndClassName('div', 'moreinstitutions', 'potentialpresetitems'), partial(toggleElementClass, 'hidden'));
});
appendChildNodes('potentialpresetitems', DIV(null, ' ', more));
}
if (i >= maxInstitutions) {
preset['class'] = 'hidden moreinstitutions';
}
renderPotentialPresetItem(preset);
i++;
});
}
var allGroups = {{$allgroups|safe}};
var myGroups = {{$mygroups|safe}};
if (myGroups) {
......
......@@ -13,6 +13,8 @@
<a href="{$WWWROOT}user/myfriends.php" id="link-myfriends">{str tag="friends" section="view"}</a>
{elseif $accessgroup.accesstype == 'group'}
<a href="{$WWWROOT}group/view.php?id={$accessgroup.id}">{$accessgroup.name}</a>{if $accessgroup.role} ({$accessgroup.roledisplay}){/if}
{elseif $accessgroup.accesstype == 'institution'}
<a href="{$WWWROOT}account/institutions.php">{$accessgroup.id|institution_display_name}</a>
{elseif $accessgroup.accesstype == 'user'}
<a href="{$WWWROOT}user/view.php?id={$accessgroup.id}">{$accessgroup.id|display_name}</a>
{/if}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment