Commit 07788736 authored by Robert Lyon's avatar Robert Lyon

Bug 1574941: Adding bulk delete validation

To avoid:
1) Bulk deleting all users - by checking if you
   are deleting yourself.
2) Bulk deleting all the site admins - which can happen if you are an
institutional admin and the site admin(s) are in the same institution

behatnotneeded

Change-Id: I4c33d9e54f14e688897275066d2ee128557d4465
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 2bac8857)
parent 0b05116a
......@@ -298,6 +298,21 @@ function suspend_submit(Pieform $form, $values) {
redirect('/admin/users/suspended.php');
}
function delete_validate(Pieform $form, $values) {
global $SESSION, $USER;
$users = $values['users'];
// Not allowed to bulk delete yourself
if (is_array($users) && in_array($USER->get('id'), $users)) {
$form->set_error(null, get_string('unabletodeleteself', 'admin'));
}
// Not allowed to remove all site admins
$siteadmins = count_records_sql("SELECT COUNT(admin) FROM {usr}
WHERE id NOT IN (" . join(',', array_map('db_quote', $users)) . ") AND admin = 1", array());
if (!$siteadmins) {
$form->set_error(null, get_string('unabletodeletealladmins', 'admin'));
}
}
function delete_submit(Pieform $form, $values) {
global $users, $editable, $SESSION;
......
......@@ -1147,6 +1147,8 @@ $string['selectedusers'] = 'Selected users';
$string['remoteuser'] = 'Remote username';
$string['userreports'] = 'User reports';
$string['userreportsdescription'] = 'View or download information about the users you selected on the search page.';
$string['unabletodeleteself'] = 'Unable to bulk delete yourself';
$string['unabletodeletealladmins'] = 'Not allowed to bulk delete all the site admins';
// general stuff
$string['notificationssaved'] = 'Notification settings saved';
......
......@@ -13,7 +13,7 @@ Scenario: Meta test testing Behat's functionality (Bug #1387836)
| First name | test first name |
| Last name | test last name |
And I press "Save profile"
And I follow "Portfolio"
And I choose "Pages" in "Portfolio"
# Creating a page
And I press "Create page"
And I set the field "Page title" to "test page name 1"
......@@ -37,11 +37,11 @@ Scenario: Meta test testing Behat's functionality (Bug #1387836)
And I follow "Done"
And I hover "Delete collection" "link"
And I go to the homepage
And I go to "Export"
And I choose "Export" in "Portfolio"
And I move backward one page
And I wait "3" seconds
And I move forward one page
And I follow "Content"
And I choose "Profile" in "Content"
And the "First name" field should not contain "Jinelle"
And the "First name" field should contain "test first name"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment