/** * Return a link to go to the course, validating the visibility of the * course and the user status * @param int User ID * @param array Course details array * @param array List of courses to which the user is subscribed (if not provided, will be generated) * @return mixed 'enter' for a link to go to the course or 'register' for a link to subscribe, or false if no access */ static function get_access_link_by_user($uid, $course, $user_courses = array()) { if (empty($uid) or empty($course)) { return false; } if (empty($user_courses)) { // get the array of courses to which the user is subscribed $user_courses = CourseManager::get_courses_list_by_user_id($uid); foreach ($user_courses as $k => $v) { $user_courses[$k] = $v['real_id']; } } if (!isset($course['real_id']) && empty($course['real_id'])) { $course = api_get_course_info($course['code']); } if ($course['visibility'] == COURSE_VISIBILITY_HIDDEN) { return array(); } $is_admin = api_is_platform_admin_by_id($uid); $options = array(); // Register button if (!api_is_anonymous($uid) && ($course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD || $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM) && $course['subscribe'] == SUBSCRIBE_ALLOWED && (!in_array($course['real_id'], $user_courses) || empty($user_courses))) { $options[] = 'register'; } // Go To Course button (only if admin, if course public or if student already subscribed) if ($is_admin || $course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD && empty($course['registration_code']) || api_user_is_login($uid) && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM && empty($course['registration_code']) || in_array($course['real_id'], $user_courses) && $course['visibility'] != COURSE_VISIBILITY_CLOSED) { $options[] = 'enter'; } if ($is_admin || $course['visibility'] == COURSE_VISIBILITY_OPEN_WORLD && empty($course['registration_code']) || api_user_is_login($uid) && $course['visibility'] == COURSE_VISIBILITY_OPEN_PLATFORM && empty($course['registration_code']) || in_array($course['real_id'], $user_courses) && $course['visibility'] != COURSE_VISIBILITY_CLOSED) { $options[] = 'enter'; } if ($course['visibility'] != COURSE_VISIBILITY_HIDDEN && empty($course['registration_code']) && $course['unsubscribe'] == UNSUBSCRIBE_ALLOWED && api_user_is_login($uid) && in_array($course['real_id'], $user_courses)) { $options[] = 'unsubscribe'; } return $options; }
/** * Checks if user can login as another user * * @param int $loginAsUserId the user id to log in * @param int $userId my user id * @return bool */ function api_can_login_as($loginAsUserId, $userId = null) { if (empty($userId)) { $userId = api_get_user_id(); } if ($loginAsUserId == $userId) { return false; } if (empty($loginAsUserId)) { return false; } if ($loginAsUserId != strval(intval($loginAsUserId))) { return false; } // Check if the user to login is an admin if (api_is_platform_admin_by_id($loginAsUserId)) { // Only super admins can login to admin accounts if (!api_global_admin_can_edit_admin($loginAsUserId)) { return false; } } $userInfo = api_get_user_info($userId); $isDrh = function () use($loginAsUserId) { if (api_is_drh()) { if (api_drh_can_access_all_session_content()) { $users = SessionManager::getAllUsersFromCoursesFromAllSessionFromStatus('drh_all', api_get_user_id()); $userList = array(); foreach ($users as $user) { $userList[] = $user['user_id']; } if (in_array($loginAsUserId, $userList)) { return true; } } else { if (api_is_drh() && UserManager::is_user_followed_by_drh($loginAsUserId, api_get_user_id())) { return true; } } } return false; }; return api_is_platform_admin() || api_is_session_admin() && $userInfo['status'] == 5 || $isDrh(); }
/** * @param array $userSessionList format see self::importSessionDrhCSV() */ public static function checkSubscribeDrhToSessionList($userSessionList) { $message = null; if (!empty($userSessionList)) { if (!empty($userSessionList)) { foreach ($userSessionList as $userId => $data) { $userInfo = $data['user_info']; $sessionListSubscribed = self::get_sessions_followed_by_drh($userId); if (!empty($sessionListSubscribed)) { $sessionListSubscribed = array_keys($sessionListSubscribed); } $sessionList = array(); if (!empty($data['session_list'])) { foreach ($data['session_list'] as $sessionInfo) { if (in_array($sessionInfo['session_id'], $sessionListSubscribed)) { $sessionList[] = $sessionInfo['session_info']['name']; } } } $message .= '<strong>' . get_lang('User') . '</strong> ' . $userInfo['complete_name'] . ' <br />'; if (!in_array($userInfo['status'], array(DRH)) && !api_is_platform_admin_by_id($userInfo['user_id'])) { $message .= get_lang('UserMustHaveTheDrhRole') . '<br />'; continue; } if (!empty($sessionList)) { $message .= '<strong>' . get_lang('Sessions') . ':</strong> <br />'; $message .= implode(', ', $sessionList) . '<br /><br />'; } else { $message .= get_lang('NoSessionProvided') . ' <br /><br />'; } } } } return $message; }
/** * Redirect to the current session's "request uri" if it is defined, or * check sso_referer, user's role and page_after_login settings to send * the user to some predefined URL * @param bool Whether the user just logged in (in this case, use page_after_login rules) * @param int The user_id, if defined. Otherwise just send to where the page_after_login setting says */ public static function session_request_uri($logging_in = false, $user_id = null) { $no_redirection = isset($_SESSION['noredirection']) ? $_SESSION['noredirection'] : false; if ($no_redirection) { unset($_SESSION['noredirection']); return; } $url = isset($_SESSION['request_uri']) ? Security::remove_XSS($_SESSION['request_uri']) : ''; unset($_SESSION['request_uri']); if (!empty($url)) { self::navigate($url); } elseif ($logging_in || isset($_REQUEST['sso_referer']) && !empty($_REQUEST['sso_referer'])) { if (isset($user_id)) { // Make sure we use the appropriate role redirection in case one has been defined $user_status = api_get_user_status($user_id); switch ($user_status) { case COURSEMANAGER: $redir = api_get_setting('teacher_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; case STUDENT: $redir = api_get_setting('student_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; case DRH: $redir = api_get_setting('drh_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; case SESSIONADMIN: $redir = api_get_setting('sessionadmin_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; default: break; } } $redirect = api_get_setting('redirect_admin_to_courses_list'); if ($redirect !== 'true') { // If the user is a platform admin, redirect to the main admin page if (api_is_multiple_url_enabled()) { // if multiple URLs are enabled, make sure he's admin of the // current URL before redirecting $url = api_get_current_access_url_id(); if (api_is_platform_admin_by_id($user_id, $url)) { self::navigate(api_get_path(WEB_CODE_PATH) . 'admin/index.php'); } } else { // if no multiple URL, then it's enough to be platform admin if (api_is_platform_admin_by_id($user_id)) { self::navigate(api_get_path(WEB_CODE_PATH) . 'admin/index.php'); } } } $page_after_login = api_get_setting('page_after_login'); if (!empty($page_after_login)) { self::navigate(api_get_path(WEB_PATH) . $page_after_login); } } }
function api_detect_user_roles($user_id, $courseId, $session_id = 0) { $user_roles = array(); /*$user_info = api_get_user_info($user_id); $user_roles[] = $user_info['status'];*/ $url_id = api_get_current_access_url_id(); if (api_is_platform_admin_by_id($user_id, $url_id)) { $user_roles[] = PLATFORM_ADMIN; } /*if (api_is_drh()) { $user_roles[] = DRH; }*/ if (!empty($session_id)) { if (SessionManager::user_is_general_coach($user_id, $session_id)) { $user_roles[] = SESSION_GENERAL_COACH; } } if (!empty($course_code)) { if (empty($session_id)) { if (CourseManager::is_course_teacher($user_id, $courseId)) { $user_roles[] = COURSEMANAGER; } if (CourseManager::get_tutor_in_course_status($user_id, $courseId)) { $user_roles[] = COURSE_TUTOR; } if (CourseManager::is_user_subscribed_in_course($user_id, $courseId)) { $user_roles[] = COURSE_STUDENT; } } else { $user_status_in_session = SessionManager::get_user_status_in_course_session($user_id, $courseId, $session_id); if (!empty($user_status_in_session)) { if ($user_status_in_session == 0) { $user_roles[] = SESSION_STUDENT; } if ($user_status_in_session == 2) { $user_roles[] = SESSION_COURSE_COACH; } } } } return $user_roles; }
/* For licensing terms, see /license.txt */ /** * @package chamilo.admin */ use Chamilo\CoreBundle\Framework\Container; use Chamilo\UserBundle\Entity\User; use Chamilo\UserBundle\Form\UserType; $user_id = isset($_GET['user_id']) ? intval($_GET['user_id']) : intval($_POST['user_id']); api_protect_super_admin($user_id, null, true); $is_platform_admin = api_is_platform_admin() ? 1 : 0; $tool_name = get_lang('ModifyUserInfo'); $interbreadcrumb[] = array('url' => 'index.php', "name" => get_lang('PlatformAdmin')); $interbreadcrumb[] = array('url' => "user_list.php", "name" => get_lang('UserList')); //$user = Container::getEntityManager()->getRepository('ChamiloUserBundle:User')->find($user_id); $user_data = api_get_user_info($user_id, false, true); $user_data['platform_admin'] = api_is_platform_admin_by_id($user_id); $user_data['send_mail'] = 0; $user_data['old_password'] = $user_data['password']; //Convert the registration date of the user //@todo remove the date_default_timezone_get() see UserManager::create_user function $user_data['registration_date'] = api_get_local_time($user_data['registration_date'], null, date_default_timezone_get()); unset($user_data['password']); $extra_data = UserManager::get_extra_user_data($user_id, true); $user_data = array_merge($user_data, $extra_data); // Create the form $form = new FormValidator('user_edit', 'post', api_get_self() . '?user_id=' . $user_id); $form->addElement('header', '', $tool_name); $form->addElement('hidden', 'user_id', $user_id); if (api_is_western_name_order()) { // First name $form->addElement('text', 'firstname', get_lang('FirstName'));