/** * update one or more groups * * @param array $groups */ public static function update_groups($groups) { global $USER, $WEBSERVICE_INSTITUTION; // Do basic automatic PARAM checks on incoming data, using params description $params = self::validate_parameters(self::update_groups_parameters(), array('groups' => $groups)); db_begin(); $groupids = array(); foreach ($params['groups'] as $group) { // Make sure that the group doesn't already exist if (!empty($group['id'])) { if (!($dbgroup = get_record('group', 'id', $group['id'], 'deleted', 0))) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('groupnotexist', 'auth.webservice', $group['id'])); } } else { if (!empty($group['shortname'])) { if (empty($group['institution'])) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('instmustset', 'auth.webservice', $group['shortname'])); } if (!($dbgroup = get_record('group', 'shortname', $group['shortname'], 'institution', $group['institution'], 'deleted', 0))) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('groupnotexist', 'auth.webservice', $group['shortname'] . '/' . $group['institution'])); } } else { if (!empty($group['name'])) { if (!($dbgroup = get_record('group', 'name', $group['name'], 'deleted', 0))) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('groupnotexist', 'auth.webservice', $group['name'])); } } else { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('nogroup', 'auth.webservice')); } } } // are we allowed to delete for this institution if ($WEBSERVICE_INSTITUTION != $dbgroup->institution) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('accessdeniedforinstgroup', 'auth.webservice', $group['institution'], $group['name'])); } if (!$USER->can_edit_institution($dbgroup->institution)) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('accessdeniedforinstgroup', 'auth.webservice', $group['institution'], $group['shortname'])); } // convert the category if (!empty($group['category'])) { $groupcategory = get_record('group_category', 'title', $group['category']); if (empty($groupcategory)) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('catinvalid', 'auth.webservice', $group['category'])); } $group['category'] = $groupcategory->id; } // validate the join type combinations if (isset($group['open']) || isset($group['request']) || isset($group['controlled'])) { foreach (array('open', 'request', 'controlled') as $membertype) { if (!isset($group[$membertype]) || empty($group[$membertype])) { $group[$membertype] = 0; } } if ($group['open'] && $group['request']) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('invalidjointype', 'auth.webservice', 'open+request')); } if ($group['open'] && $group['controlled']) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('invalidjointype', 'auth.webservice', 'open+controlled')); } if (!$group['open'] && !$group['request'] && !$group['controlled']) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('correctjointype', 'auth.webservice')); } } if (isset($group['editroles']) && !in_array($group['editroles'], array_keys(group_get_editroles_options()))) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('groupeditroles', 'auth.webservice', $group['editroles'], implode(', ', array_keys(group_get_editroles_options())))); } // check that the members exist and we are allowed to administer them $members = array($USER->get('id') => 'admin'); foreach ($group['members'] as $member) { if (!empty($member['id'])) { $dbuser = get_record('usr', 'id', $member['id'], 'deleted', 0); } else { if (!empty($member['username'])) { $dbuser = get_record('usr', 'username', $member['username'], 'deleted', 0); } else { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('nousernameoridgroup', 'auth.webservice', $group['name'])); } } if (empty($dbuser)) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('invalidusergroup', 'auth.webservice', $member['id'] . '/' . $member['username'], $group['name'])); } // check user is in this institution if this is an institution controlled group if (!empty($dbgroup->shortname) && !empty($dbgroup->institution)) { if (!mahara_external_in_institution($dbuser, $WEBSERVICE_INSTITUTION)) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('notauthforuseridinstitutiongroup', 'auth.webservice', $dbuser->id, $WEBSERVICE_INSTITUTION, $group['shortname'])); } } else { // Make sure auth is valid if (!($authinstance = get_record('auth_instance', 'id', $dbuser->authinstance))) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('invalidauthtype', 'auth.webservice', $dbuser->authinstance)); } // check the institution is allowed // basic check authorisation to edit for the current institution of the user if (!$USER->can_edit_institution($authinstance->institution)) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('accessdeniedforinstuser', 'auth.webservice', $authinstance->institution, $dbuser->username)); } } // check the specified role if (!in_array($member['role'], self::$member_roles)) { throw new WebserviceInvalidParameterException('update_groups | ' . get_string('invalidmemroles', 'auth.webservice', $member['role'], $dbuser->username)); } $members[$dbuser->id] = $member['role']; } // build up the changes // not allowed to change these $newvalues = (object) array('id' => $dbgroup->id); foreach (array('name', 'description', 'grouptype', 'category', 'editroles', 'open', 'controlled', 'request', 'submitpages', 'quota', 'hidemembers', 'invitefriends', 'suggestfriends', 'hidden', 'hidemembersfrommembers', 'usersautoadded', 'public', 'viewnotify') as $attr) { if (isset($group[$attr]) && $group[$attr] !== false && $group[$attr] !== null && strlen("" . $group[$attr])) { $newvalues->{$attr} = $group[$attr]; } } group_update($newvalues); // now update the group membership group_update_members($dbgroup->id, $members); } db_commit(); return null; }
function editgroup_submit(Pieform $form, $values) { global $USER, $SESSION, $group_data, $publicallowed; $values['public'] = isset($values['public']) ? $values['public'] : 0; $values['usersautoadded'] = isset($values['usersautoadded']) ? $values['usersautoadded'] : 0; $newvalues = array('name' => $group_data->name == $values['name'] ? $values['name'] : trim($values['name']), 'description' => $values['description'], 'grouptype' => $values['grouptype'], 'category' => empty($values['category']) ? null : intval($values['category']), 'open' => intval($values['open']), 'controlled' => intval($values['controlled']), 'request' => intval($values['request']), 'usersautoadded' => intval($values['usersautoadded']), 'public' => $publicallowed ? intval($values['public']) : 0, 'viewnotify' => intval($values['viewnotify']), 'submittableto' => intval($values['submittableto']), 'allowarchives' => intval(!empty($values['allowarchives']) ? $values['allowarchives'] : 0), 'editroles' => $values['editroles'], 'hidden' => intval($values['hidden']), 'hidemembers' => intval(!empty($values['hidemembersfrommembers']) || !empty($values['hidemembers'])), 'hidemembersfrommembers' => intval($values['hidemembersfrommembers']), 'groupparticipationreports' => intval($values['groupparticipationreports']), 'invitefriends' => intval($values['invitefriends']), 'suggestfriends' => intval($values['suggestfriends']), 'editwindowstart' => db_format_timestamp($values['editwindowstart']), 'editwindowend' => db_format_timestamp($values['editwindowend']), 'sendnow' => intval($values['sendnow']), 'feedbacknotify' => intval($values['feedbacknotify'])); if (get_config('cleanurls') && isset($values['urlid']) && '' !== (string) $values['urlid']) { $newvalues['urlid'] = $values['urlid']; } db_begin(); if (!$group_data->id) { $newvalues['members'] = array($USER->get('id') => 'admin'); $group_data->id = group_create($newvalues); $USER->reset_grouproles(); } // Now update the description with any embedded image info $newvalues['description'] = EmbeddedImage::prepare_embedded_images($newvalues['description'], 'group', $group_data->id, $group_data->id); $newvalues['id'] = $group_data->id; unset($newvalues['members']); group_update((object) $newvalues); $SESSION->add_ok_msg(get_string('groupsaved', 'group')); db_commit(); // Reload $group_data->urlid or else the redirect will fail if (get_config('cleanurls') && (!isset($values['urlid']) || $group_data->urlid != $values['urlid'])) { $group_data->urlid = get_field('group', 'urlid', 'id', $group_data->id); } redirect(group_homepage_url($group_data)); }
} global $DOCUMENT_ROOT, $action, $id; include $DOCUMENT_ROOT . '/admin/inc/menu.php'; include '../menu.php'; $manage_menu->SetActive('usergroup'); $usergroup_menu->SetActive('group'); if ($action == 'create') { group_received_create(); } /* Printing da page */ print $manage_menu->InnerHTML(); print $usergroup_menu->InnerHTML(); print '${information}'; /* Print the create form */ if ($action == 'edit') { include 'edit.php'; } else { if ($action == 'save') { group_update($id); } else { if ($action == 'delete') { group_delete($id); } } $list = group_list(); if (count($list) > 0) { include 'list.php'; } /* Print the create form */ include 'create_form.php'; }
/** * Add the users to the system. Make sure that they have to change their * password on next login also. */ function uploadcsv_submit(Pieform $form, $values) { global $SESSION, $CSVDATA, $FORMAT, $UPDATES, $USER; $formatkeylookup = array_flip($FORMAT); $institution = $values['institution']; if ($values['updategroups']) { log_info('Updating groups from the CSV file'); } else { log_info('Inserting groups from the CSV file'); } db_begin(); $addedgroups = array(); foreach ($CSVDATA as $record) { $group = new StdClass(); $group->name = $record[$formatkeylookup['displayname']]; $group->shortname = $record[$formatkeylookup['shortname']]; $group->institution = $institution; $group->grouptype = $record[$formatkeylookup['roles']]; foreach ($FORMAT as $field) { if ($field == 'displayname' || $field == 'shortname' || $field == 'roles') { continue; } if ($field == 'submitpages') { $group->submittableto = $record[$formatkeylookup[$field]]; continue; } $group->{$field} = $record[$formatkeylookup[$field]]; } if (!$values['updategroups'] || !isset($UPDATES[$group->shortname])) { $group->members = array($USER->id => 'admin'); $group->id = group_create((array) $group); $addedgroups[] = $group; log_debug('added group ' . $group->name); } else { if (isset($UPDATES[$group->shortname])) { $shortname = $group->shortname; $updates = group_update($group); if (empty($updates)) { unset($UPDATES[$shortname]); } else { if (isset($updates['name'])) { $updates['displayname'] = $updates['name']; unset($updates['name']); } $UPDATES[$shortname] = $updates; log_debug('updated group ' . $group->name . ' (' . implode(', ', array_keys((array) $updates)) . ')'); } } } } db_commit(); $SESSION->add_ok_msg(get_string('csvfileprocessedsuccessfully', 'admin')); if ($UPDATES) { $updatemsg = smarty_core(); $updatemsg->assign('added', count($addedgroups)); $updatemsg->assign('updates', $UPDATES); $SESSION->add_info_msg($updatemsg->fetch('admin/groups/csvupdatemessage.tpl'), false); } else { $SESSION->add_ok_msg(get_string('numbernewgroupsadded', 'admin', count($addedgroups))); } redirect('/admin/groups/uploadcsv.php'); }
$allowthread = param('allowthread', 0); $allowpost = param('allowpost', 0); $allowattach = param('allowattach', 0); $allowdown = param('allowdown', 0); $allowagree = param('allowagree', 0); $allowtop = param('allowtop', 0); $allowupdate = param('allowupdate', 0); $allowdelete = param('allowdelete', 0); $allowmove = param('allowmove', 0); $allowbanuser = param('allowbanuser', 0); $allowdeleteuser = param('allowdeleteuser', 0); $allowviewip = param('allowviewip', 0); $allowcustomurl = param('allowcustomurl', 0); $arr2 = array('allowread' => $allowread, 'allowthread' => $allowthread, 'allowpost' => $allowpost, 'allowattach' => $allowattach, 'allowdown' => $allowdown, 'allowagree' => $allowagree, 'allowtop' => $allowtop, 'allowupdate' => $allowupdate, 'allowdelete' => $allowdelete, 'allowmove' => $allowmove, 'allowbanuser' => $allowbanuser, 'allowdeleteuser' => $allowdeleteuser, 'allowviewip' => $allowviewip, 'allowcustomurl' => $allowcustomurl); $arr += $arr2; } // 更新 $r = group_update($gid, $arr); $r !== FALSE ? message(0, '更新成功') : message(-1, '更新失败'); } } elseif ($action == 'delete') { if ($method != 'POST') { message(-1, 'Method Error.'); } $gid = param(2, 0); $group = group_read($gid); empty($group) and message(1, '用户组不存在'); $gid <= 101 and message(-1, '该用户组不允许删除!'); $r = group_delete($gid); $r !== FALSE ? message(0, '删除成功') : message(1, '删除失败'); }