$role = validateRequest($userid, $userval, $external); if (!$role) { failRequest("There was a problem validating your request"); } switch ($requestType) { case "ADDTOGROUP": if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) { failRequest("You are not authorised to complete that request"); } addToGroup($studentid, $groupid); break; case "REMOVEFROMGROUP": if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) { failRequest("You are not authorised to complete that request"); } removeFromGroup($studentid, $groupid); break; default: failRequest("There was a problem with your request, please try again."); break; } function addToGroup($studentid, $groupid) { $query1 = "SELECT `Link ID` FROM TUSERGROUPS WHERE `User ID` = {$studentid} AND `Group ID` = {$groupid};"; try { db_begin_transaction(); $links = db_select_exception($query1); if (count($links) == 0) { $query2 = "INSERT INTO `TUSERGROUPS`(`User ID`, `Group ID`, `Archived`) VALUES ({$studentid},{$groupid},0)"; db_insert_query_exception($query2); } else {
$sql = "UPDATE Groups SET owner='$_POST[newowner]' WHERE group=$_GET[group]'"; mysqli_query($conn, $sql); mysqli_error($conn); }*/ if (isset($_GET['group'])) { $group = $_GET['group']; //If submitted by group owner if ($_SESSION['username'] == getGroupOwner($group)) { //Add a user if (isset($_GET['add'])) { $user_to_add = mysqli_real_escape_string($_GET['add']); addToGroup($group, $user_to_add); } else { if (isset($_GET['remove'])) { $user_to_remove = mysqli_real_escape_string($_GET['remove']); removeFromGroup($group, $user_to_remove); } } //If group is private, add the "add/remove" user dialogue here. if (checkGroupPrivate($group)) { $output .= file_get_contents("templates/add-remove-users.html"); } $output .= "<form name='leave-group' method='post' action=''><label>Set new group admin:</label><input type='text' name='newowner'><input type='submit' value='Leave Group' name='setowner'></form>"; } else { if (getGroupMember($username, $group)) { //Everyone else then sees... $output .= "<form name='leave-group' method='post' action=''><input type='submit' text='Leave Group'></form>"; } } //Group is private? if (checkGroupPrivate($group) && $_SESSION['admin'] == false) {
case 'newPost': createNewPost($db, $group, $userId, $_POST['content'], canAnnounce($role)); break; case "register": include 'registerHandler.inc'; break; case "logout": if (session_status() === PHP_SESSION_NONE) { session_start(); } unset($_SESSION['id']); break; } } if (isset($_GET['action']) && $_GET['action'] == 'remove') { removeFromGroup($_GET['user'], $db, $group); echo "<meta http-equiv='REFRESH' content='0;url=/?page=group'>"; } else { if (isset($_GET['action']) && $_GET['action'] == 'add') { addToGroup($_GET['user'], $db, $group, false); } else { if (isset($_GET['action']) && $_GET['action'] == 'addMeToExisting') { if (addToGroup($userId, $db, $_GET['group'], false)) { echo "<meta http-equiv='REFRESH' content='0;url=/?page=group'>"; } } else { if (isset($_GET['action']) && $_GET['action'] == 'editGroup') { updateGroup($group, $_POST['name'], $_POST['description'], $_POST['type'], $db); } else { if (isset($_GET['action']) && $_GET['action'] == 'setLeader') { setLeader($group, $_GET['user'], $userId, $db);
function irods_modify_group_members($project_id, $members_to_add, $members_to_remove, $user, $result) { // error_log("irods asked to modify group members for project $project_id"); // Note this function must bail if result suggests an error of some kind // $result is a triple if (isset($result) and is_array($result) and array_key_exists(RESPONSE_ARGUMENT::CODE, $result) and $result[RESPONSE_ARGUMENT::CODE] != RESPONSE_ERROR::NONE) { error_log("iRODS: Result of modify_membership suggests an error. Nothing to do. Got result: " . print_r($result, true)); return; } if ((!isset($members_to_add) or !is_array($members_to_add) or count($members_to_add) == 0) and (!isset($members_to_remove) or !is_array($members_to_remove) or count($members_to_remove) == 0)) { error_log("iRODS: 0 members to add or remove. nothing to do."); return; } if (!isset($project_id) || $project_id == "-1" || !uuid_is_valid($project_id)) { error_log("irods_modify_group_members: not a valid project ID. Nothing to do. {$project_id}"); return; } global $disable_irods; if (isset($disable_irods)) { error_log("irodsModifyGroupMembers: disable_irods was set. Doing nothing."); return -1; } if (!isset($sa_url)) { $sa_url = get_first_service_of_type(SR_SERVICE_TYPE::SLICE_AUTHORITY); if (!isset($sa_url) || is_null($sa_url) || $sa_url == '') { error_log("iRODS Found no SA in SR!'"); } } // must get project name and then groupname $project = lookup_project($sa_url, $user, $project_id); $project_name = $project[PA_PROJECT_TABLE_FIELDNAME::PROJECT_NAME]; $group_name = group_name($project_name); // $members_to_add is a dictionary of {member_id => role, ....} if (isset($members_to_add)) { foreach (array_keys($members_to_add) as $member_id) { $added = addToGroup($project_id, $group_name, $member_id, $user); } } if (isset($members_to_remove)) { foreach ($members_to_remove as $member_id) { $removed = removeFromGroup($project_id, $group_name, $member_id, $user); } } }