/**
* update one or more groups
*
* @param array $groups
*/
public static function update_groups($groups)
{
global $USER, $WEBSERVICE_INSTITUTION;
// Do basic automatic PARAM checks on incoming data, using params description
$params = self::validate_parameters(self::update_groups_parameters(), array('groups' => $groups));
db_begin();
$groupids = array();
foreach ($params['groups'] as $group) {
// Make sure that the group doesn't already exist
if (!empty($group['id'])) {
if (!($dbgroup = get_record('group', 'id', $group['id'], 'deleted', 0))) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('groupnotexist', 'auth.webservice', $group['id']));
}
} else {
if (!empty($group['shortname'])) {
if (empty($group['institution'])) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('instmustset', 'auth.webservice', $group['shortname']));
}
if (!($dbgroup = get_record('group', 'shortname', $group['shortname'], 'institution', $group['institution'], 'deleted', 0))) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('groupnotexist', 'auth.webservice', $group['shortname'] . '/' . $group['institution']));
}
} else {
if (!empty($group['name'])) {
if (!($dbgroup = get_record('group', 'name', $group['name'], 'deleted', 0))) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('groupnotexist', 'auth.webservice', $group['name']));
}
} else {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('nogroup', 'auth.webservice'));
}
}
}
// are we allowed to delete for this institution
if ($WEBSERVICE_INSTITUTION != $dbgroup->institution) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('accessdeniedforinstgroup', 'auth.webservice', $group['institution'], $group['name']));
}
if (!$USER->can_edit_institution($dbgroup->institution)) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('accessdeniedforinstgroup', 'auth.webservice', $group['institution'], $group['shortname']));
}
// convert the category
if (!empty($group['category'])) {
$groupcategory = get_record('group_category', 'title', $group['category']);
if (empty($groupcategory)) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('catinvalid', 'auth.webservice', $group['category']));
}
$group['category'] = $groupcategory->id;
}
// validate the join type combinations
if (isset($group['open']) || isset($group['request']) || isset($group['controlled'])) {
foreach (array('open', 'request', 'controlled') as $membertype) {
if (!isset($group[$membertype]) || empty($group[$membertype])) {
$group[$membertype] = 0;
}
}
if ($group['open'] && $group['request']) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('invalidjointype', 'auth.webservice', 'open+request'));
}
if ($group['open'] && $group['controlled']) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('invalidjointype', 'auth.webservice', 'open+controlled'));
}
if (!$group['open'] && !$group['request'] && !$group['controlled']) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('correctjointype', 'auth.webservice'));
}
}
if (isset($group['editroles']) && !in_array($group['editroles'], array_keys(group_get_editroles_options()))) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('groupeditroles', 'auth.webservice', $group['editroles'], implode(', ', array_keys(group_get_editroles_options()))));
}
// check that the members exist and we are allowed to administer them
$members = array($USER->get('id') => 'admin');
foreach ($group['members'] as $member) {
if (!empty($member['id'])) {
$dbuser = get_record('usr', 'id', $member['id'], 'deleted', 0);
} else {
if (!empty($member['username'])) {
$dbuser = get_record('usr', 'username', $member['username'], 'deleted', 0);
} else {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('nousernameoridgroup', 'auth.webservice', $group['name']));
}
}
if (empty($dbuser)) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('invalidusergroup', 'auth.webservice', $member['id'] . '/' . $member['username'], $group['name']));
}
// check user is in this institution if this is an institution controlled group
if (!empty($dbgroup->shortname) && !empty($dbgroup->institution)) {
if (!mahara_external_in_institution($dbuser, $WEBSERVICE_INSTITUTION)) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('notauthforuseridinstitutiongroup', 'auth.webservice', $dbuser->id, $WEBSERVICE_INSTITUTION, $group['shortname']));
}
} else {
// Make sure auth is valid
if (!($authinstance = get_record('auth_instance', 'id', $dbuser->authinstance))) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('invalidauthtype', 'auth.webservice', $dbuser->authinstance));
}
// check the institution is allowed
// basic check authorisation to edit for the current institution of the user
if (!$USER->can_edit_institution($authinstance->institution)) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('accessdeniedforinstuser', 'auth.webservice', $authinstance->institution, $dbuser->username));
}
}
// check the specified role
if (!in_array($member['role'], self::$member_roles)) {
throw new WebserviceInvalidParameterException('update_groups | ' . get_string('invalidmemroles', 'auth.webservice', $member['role'], $dbuser->username));
}
$members[$dbuser->id] = $member['role'];
}
// build up the changes
// not allowed to change these
$newvalues = (object) array('id' => $dbgroup->id);
foreach (array('name', 'description', 'grouptype', 'category', 'editroles', 'open', 'controlled', 'request', 'submitpages', 'quota', 'hidemembers', 'invitefriends', 'suggestfriends', 'hidden', 'hidemembersfrommembers', 'usersautoadded', 'public', 'viewnotify') as $attr) {
if (isset($group[$attr]) && $group[$attr] !== false && $group[$attr] !== null && strlen("" . $group[$attr])) {
$newvalues->{$attr} = $group[$attr];
}
}
group_update($newvalues);
// now update the group membership
group_update_members($dbgroup->id, $members);
}
db_commit();
return null;
}
function editgroup_submit(Pieform $form, $values)
{
global $USER, $SESSION, $group_data, $publicallowed;
$values['public'] = isset($values['public']) ? $values['public'] : 0;
$values['usersautoadded'] = isset($values['usersautoadded']) ? $values['usersautoadded'] : 0;
$newvalues = array('name' => $group_data->name == $values['name'] ? $values['name'] : trim($values['name']), 'description' => $values['description'], 'grouptype' => $values['grouptype'], 'category' => empty($values['category']) ? null : intval($values['category']), 'open' => intval($values['open']), 'controlled' => intval($values['controlled']), 'request' => intval($values['request']), 'usersautoadded' => intval($values['usersautoadded']), 'public' => $publicallowed ? intval($values['public']) : 0, 'viewnotify' => intval($values['viewnotify']), 'submittableto' => intval($values['submittableto']), 'allowarchives' => intval(!empty($values['allowarchives']) ? $values['allowarchives'] : 0), 'editroles' => $values['editroles'], 'hidden' => intval($values['hidden']), 'hidemembers' => intval(!empty($values['hidemembersfrommembers']) || !empty($values['hidemembers'])), 'hidemembersfrommembers' => intval($values['hidemembersfrommembers']), 'groupparticipationreports' => intval($values['groupparticipationreports']), 'invitefriends' => intval($values['invitefriends']), 'suggestfriends' => intval($values['suggestfriends']), 'editwindowstart' => db_format_timestamp($values['editwindowstart']), 'editwindowend' => db_format_timestamp($values['editwindowend']), 'sendnow' => intval($values['sendnow']), 'feedbacknotify' => intval($values['feedbacknotify']));
if (get_config('cleanurls') && isset($values['urlid']) && '' !== (string) $values['urlid']) {
$newvalues['urlid'] = $values['urlid'];
}
db_begin();
if (!$group_data->id) {
$newvalues['members'] = array($USER->get('id') => 'admin');
$group_data->id = group_create($newvalues);
$USER->reset_grouproles();
}
// Now update the description with any embedded image info
$newvalues['description'] = EmbeddedImage::prepare_embedded_images($newvalues['description'], 'group', $group_data->id, $group_data->id);
$newvalues['id'] = $group_data->id;
unset($newvalues['members']);
group_update((object) $newvalues);
$SESSION->add_ok_msg(get_string('groupsaved', 'group'));
db_commit();
// Reload $group_data->urlid or else the redirect will fail
if (get_config('cleanurls') && (!isset($values['urlid']) || $group_data->urlid != $values['urlid'])) {
$group_data->urlid = get_field('group', 'urlid', 'id', $group_data->id);
}
redirect(group_homepage_url($group_data));
}
}
global $DOCUMENT_ROOT, $action, $id;
include $DOCUMENT_ROOT . '/admin/inc/menu.php';
include '../menu.php';
$manage_menu->SetActive('usergroup');
$usergroup_menu->SetActive('group');
if ($action == 'create') {
group_received_create();
}
/* Printing da page */
print $manage_menu->InnerHTML();
print $usergroup_menu->InnerHTML();
print '${information}';
/* Print the create form */
if ($action == 'edit') {
include 'edit.php';
} else {
if ($action == 'save') {
group_update($id);
} else {
if ($action == 'delete') {
group_delete($id);
}
}
$list = group_list();
if (count($list) > 0) {
include 'list.php';
}
/* Print the create form */
include 'create_form.php';
}
/**
* Add the users to the system. Make sure that they have to change their
* password on next login also.
*/
function uploadcsv_submit(Pieform $form, $values)
{
global $SESSION, $CSVDATA, $FORMAT, $UPDATES, $USER;
$formatkeylookup = array_flip($FORMAT);
$institution = $values['institution'];
if ($values['updategroups']) {
log_info('Updating groups from the CSV file');
} else {
log_info('Inserting groups from the CSV file');
}
db_begin();
$addedgroups = array();
foreach ($CSVDATA as $record) {
$group = new StdClass();
$group->name = $record[$formatkeylookup['displayname']];
$group->shortname = $record[$formatkeylookup['shortname']];
$group->institution = $institution;
$group->grouptype = $record[$formatkeylookup['roles']];
foreach ($FORMAT as $field) {
if ($field == 'displayname' || $field == 'shortname' || $field == 'roles') {
continue;
}
if ($field == 'submitpages') {
$group->submittableto = $record[$formatkeylookup[$field]];
continue;
}
$group->{$field} = $record[$formatkeylookup[$field]];
}
if (!$values['updategroups'] || !isset($UPDATES[$group->shortname])) {
$group->members = array($USER->id => 'admin');
$group->id = group_create((array) $group);
$addedgroups[] = $group;
log_debug('added group ' . $group->name);
} else {
if (isset($UPDATES[$group->shortname])) {
$shortname = $group->shortname;
$updates = group_update($group);
if (empty($updates)) {
unset($UPDATES[$shortname]);
} else {
if (isset($updates['name'])) {
$updates['displayname'] = $updates['name'];
unset($updates['name']);
}
$UPDATES[$shortname] = $updates;
log_debug('updated group ' . $group->name . ' (' . implode(', ', array_keys((array) $updates)) . ')');
}
}
}
}
db_commit();
$SESSION->add_ok_msg(get_string('csvfileprocessedsuccessfully', 'admin'));
if ($UPDATES) {
$updatemsg = smarty_core();
$updatemsg->assign('added', count($addedgroups));
$updatemsg->assign('updates', $UPDATES);
$SESSION->add_info_msg($updatemsg->fetch('admin/groups/csvupdatemessage.tpl'), false);
} else {
$SESSION->add_ok_msg(get_string('numbernewgroupsadded', 'admin', count($addedgroups)));
}
redirect('/admin/groups/uploadcsv.php');
}
$allowthread = param('allowthread', 0);
$allowpost = param('allowpost', 0);
$allowattach = param('allowattach', 0);
$allowdown = param('allowdown', 0);
$allowagree = param('allowagree', 0);
$allowtop = param('allowtop', 0);
$allowupdate = param('allowupdate', 0);
$allowdelete = param('allowdelete', 0);
$allowmove = param('allowmove', 0);
$allowbanuser = param('allowbanuser', 0);
$allowdeleteuser = param('allowdeleteuser', 0);
$allowviewip = param('allowviewip', 0);
$allowcustomurl = param('allowcustomurl', 0);
$arr2 = array('allowread' => $allowread, 'allowthread' => $allowthread, 'allowpost' => $allowpost, 'allowattach' => $allowattach, 'allowdown' => $allowdown, 'allowagree' => $allowagree, 'allowtop' => $allowtop, 'allowupdate' => $allowupdate, 'allowdelete' => $allowdelete, 'allowmove' => $allowmove, 'allowbanuser' => $allowbanuser, 'allowdeleteuser' => $allowdeleteuser, 'allowviewip' => $allowviewip, 'allowcustomurl' => $allowcustomurl);
$arr += $arr2;
}
// 更新
$r = group_update($gid, $arr);
$r !== FALSE ? message(0, '更新成功') : message(-1, '更新失败');
}
} elseif ($action == 'delete') {
if ($method != 'POST') {
message(-1, 'Method Error.');
}
$gid = param(2, 0);
$group = group_read($gid);
empty($group) and message(1, '用户组不存在');
$gid <= 101 and message(-1, '该用户组不允许删除!');
$r = group_delete($gid);
$r !== FALSE ? message(0, '删除成功') : message(1, '删除失败');
}
