function WSDeleteUserFromGroup($params) { if (!WSHelperVerifyKey($params['secret_key'])) { return return_error(WS_ERROR_SECRET_KEY); } $userGroup = new UserGroup(); return $userGroup->delete_user_rel_group($params['user_id'], $params['group_id']); }
/** * Delete a user from the platform, and all its belongings. This is a * very dangerous function that should only be accessible by * super-admins. Other roles should only be able to disable a user, * which removes access to the platform but doesn't delete anything. * @param int The ID of th user to be deleted * @return boolean true if user is successfully deleted, false otherwise * @assert (null) === false * @assert ('abc') === false */ public static function delete_user($user_id) { if ($user_id != strval(intval($user_id))) { return false; } if ($user_id === false) { return false; } if (!self::can_delete_user($user_id)) { return false; } $table_user = Database::get_main_table(TABLE_MAIN_USER); $usergroup_rel_user = Database::get_main_table(TABLE_USERGROUP_REL_USER); $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER); $table_course = Database::get_main_table(TABLE_MAIN_COURSE); $table_session = Database::get_main_table(TABLE_MAIN_SESSION); $table_admin = Database::get_main_table(TABLE_MAIN_ADMIN); $table_session_user = Database::get_main_table(TABLE_MAIN_SESSION_USER); $table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER); $table_group = Database::get_course_table(TABLE_GROUP_USER); $table_work = Database::get_course_table(TABLE_STUDENT_PUBLICATION); // Unsubscribe the user from all groups in all his courses $sql = "SELECT c.id FROM {$table_course} c, {$table_course_user} cu\n WHERE\n cu.user_id = '" . $user_id . "' AND\n relation_type<>" . COURSE_RELATION_TYPE_RRHH . " AND\n c.id = cu.c_id"; $res = Database::query($sql); while ($course = Database::fetch_object($res)) { $sql = "DELETE FROM {$table_group}\n WHERE c_id = {$course->id} AND user_id = {$user_id}"; Database::query($sql); } // Unsubscribe user from all classes //Classes are not longer supported /* $sql = "DELETE FROM $table_class_user WHERE user_id = '".$user_id."'"; Database::query($sql); */ // Unsubscribe user from usergroup_rel_user $sql = "DELETE FROM {$usergroup_rel_user} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // Unsubscribe user from all courses $sql = "DELETE FROM {$table_course_user} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // Unsubscribe user from all courses in sessions $sql = "DELETE FROM {$table_session_course_user} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // If the user was added as a id_coach then set the current admin as coach see BT# $currentUserId = api_get_user_id(); $sql = "UPDATE {$table_session} SET id_coach = {$currentUserId} WHERE id_coach = '" . $user_id . "'"; Database::query($sql); $sql = "UPDATE {$table_session} SET id_coach = {$currentUserId} WHERE session_admin_id = '" . $user_id . "'"; Database::query($sql); // Unsubscribe user from all sessions $sql = "DELETE FROM {$table_session_user} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // Delete user picture /* TODO: Logic about api_get_setting('split_users_upload_directory') == 'true' a user has 4 different sized photos to be deleted. */ $user_info = api_get_user_info($user_id); if (strlen($user_info['picture_uri']) > 0) { $path = self::getUserPathById($user_id, 'system'); $img_path = $path . $user_info['picture_uri']; if (file_exists($img_path)) { unlink($img_path); } } // Delete the personal course categories $course_cat_table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY); $sql = "DELETE FROM {$course_cat_table} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // Delete user from database $sql = "DELETE FROM {$table_user} WHERE id = '" . $user_id . "'"; Database::query($sql); // Delete user from the admin table $sql = "DELETE FROM {$table_admin} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // Delete the personal agenda-items from this user $agenda_table = Database::get_main_table(TABLE_PERSONAL_AGENDA); $sql = "DELETE FROM {$agenda_table} WHERE user = '******'"; Database::query($sql); $gradebook_results_table = Database::get_main_table(TABLE_MAIN_GRADEBOOK_RESULT); $sql = 'DELETE FROM ' . $gradebook_results_table . ' WHERE user_id = ' . $user_id; Database::query($sql); $extraFieldValue = new ExtraFieldValue('user'); $extraFieldValue->deleteValuesByItem($user_id); if (api_get_multiple_access_url()) { $url_id = api_get_current_access_url_id(); UrlManager::delete_url_rel_user($user_id, $url_id); } else { //we delete the user from the url_id =1 UrlManager::delete_url_rel_user($user_id, 1); } if (api_get_setting('allow_social_tool') == 'true') { $userGroup = new UserGroup(); //Delete user from portal groups $group_list = $userGroup->get_groups_by_user($user_id); if (!empty($group_list)) { foreach ($group_list as $group_id => $data) { $userGroup->delete_user_rel_group($user_id, $group_id); } } // Delete user from friend lists SocialManager::remove_user_rel_user($user_id, true); } // Removing survey invitation SurveyManager::delete_all_survey_invitations_by_user($user_id); // Delete students works $sql = "DELETE FROM {$table_work} WHERE user_id = {$user_id} AND c_id <> 0"; Database::query($sql); // Add event to system log $user_id_manager = api_get_user_id(); Event::addEvent(LOG_USER_DELETE, LOG_USER_ID, $user_id, api_get_utc_datetime(), $user_id_manager); Event::addEvent(LOG_USER_DELETE, LOG_USER_OBJECT, $user_info, api_get_utc_datetime(), $user_id_manager); return true; }
//if i'm a moderator if (isset($_GET['action']) && $_GET['action'] == 'add') { // we add a user only if is a open group $user_join = intval($_GET['u']); //if i'm a moderator if ($usergroup->is_group_moderator($group_id)) { $usergroup->update_user_role($user_join, $group_id); $show_message = get_lang('UserAdded'); } } if (isset($_GET['action']) && $_GET['action'] == 'delete') { // we add a user only if is a open group $user_join = intval($_GET['u']); //if i'm a moderator if ($usergroup->is_group_moderator($group_id)) { $usergroup->delete_user_rel_group($user_join, $group_id); $show_message = Display::return_message(get_lang('UserDeleted')); } } if (isset($_GET['action']) && $_GET['action'] == 'set_moderator') { // we add a user only if is a open group $user_moderator = intval($_GET['u']); //if i'm the admin if ($usergroup->is_group_admin($group_id)) { $usergroup->update_user_role($user_moderator, $group_id, GROUP_USER_PERMISSION_MODERATOR); $show_message = Display::return_message(get_lang('UserChangeToModerator')); } } if (isset($_GET['action']) && $_GET['action'] == 'delete_moderator') { // we add a user only if is a open group $user_moderator = intval($_GET['u']);
foreach ($_GET as $key => $value) { switch ($key) { case 'accept': $user_role = $usergroup->get_user_group_role(api_get_user_id(), $value); if (in_array($user_role, array(GROUP_USER_PERMISSION_PENDING_INVITATION_SENT_BY_USER, GROUP_USER_PERMISSION_PENDING_INVITATION))) { $usergroup->update_user_role(api_get_user_id(), $value, GROUP_USER_PERMISSION_READER); $show_message = Display::return_message(get_lang('UserIsSubscribedToThisGroup'), 'success'); } elseif (in_array($user_role, array(GROUP_USER_PERMISSION_READER, GROUP_USER_PERMISSION_ADMIN, GROUP_USER_PERMISSION_MODERATOR))) { $show_message = Display::return_message(get_lang('UserIsAlreadySubscribedToThisGroup'), 'warning'); } else { $show_message = Display::return_message(get_lang('UserIsNotSubscribedToThisGroup'), 'warning'); } break 2; case 'deny': // delete invitation $usergroup->delete_user_rel_group(api_get_user_id(), $value); $show_message = Display::return_message(get_lang('GroupInvitationWasDeny')); break 2; } } } $social_left_content = SocialManager::show_social_menu('invitations'); $social_right_content = '<div id="id_response" align="center"></div>'; $user_id = api_get_user_id(); $list_get_invitation = SocialManager::get_list_invitation_of_friends_by_user_id($user_id); $list_get_invitation_sent = SocialManager::get_list_invitation_sent_by_user_id($user_id); $pending_invitations = $usergroup->get_groups_by_user($user_id, GROUP_USER_PERMISSION_PENDING_INVITATION); $number_loop = count($list_get_invitation); $total_invitations = $number_loop + count($list_get_invitation_sent) + count($pending_invitations); if ($total_invitations == 0 && count($_GET) <= 0) { $social_right_content .= '<div class="span8"><a class="btn" href="search.php">' . get_lang('TryAndFindSomeFriends') . '</a></div>';
//$interbreadcrumb[]= array ('url' =>'#','name' => get_lang('Group')); } } // getting group information $group_id = isset($_GET['id']) ? intval($_GET['id']) : null; $relation_group_title = ''; $role = 0; $usergroup = new UserGroup(); if ($group_id != 0) { $group_info = $usergroup->get($group_id); $interbreadcrumb[] = array('url' => '#', 'name' => $group_info['name']); if (isset($_GET['action']) && $_GET['action'] == 'leave') { $user_leaved = intval($_GET['u']); //I can "leave me myself" if (api_get_user_id() == $user_leaved) { $usergroup->delete_user_rel_group($user_leaved, $group_id); Display::addFlash(Display::return_message(get_lang('UserIsNotSubscribedToThisGroup'), 'confirmation', false)); } } // add a user to a group if its open if (isset($_GET['action']) && $_GET['action'] == 'join') { // we add a user only if is a open group $user_join = intval($_GET['u']); if (api_get_user_id() == $user_join && !empty($group_id)) { if ($group_info['visibility'] == GROUP_PERMISSION_OPEN) { $usergroup->add_user_to_group($user_join, $group_id); Display::addFlash(Display::return_message(get_lang('UserIsSubscribedToThisGroup'), 'confirmation', false)); } else { $usergroup->add_user_to_group($user_join, $group_id, GROUP_USER_PERMISSION_PENDING_INVITATION_SENT_BY_USER); Display::addFlash(Display::return_message(get_lang('InvitationSent'), 'confirmation', false)); }
/** * Delete a user from the platform, and all its belongings. This is a * very dangerous function that should only be accessible by * super-admins. Other roles should only be able to disable a user, * which removes access to the platform but doesn't delete anything. * @param int The ID of th user to be deleted * @return boolean true if user is succesfully deleted, false otherwise * @assert (null) === false * @assert ('abc') === false */ public static function delete_user($user_id) { if ($user_id != strval(intval($user_id))) { return false; } if ($user_id === false) { return false; } if (!self::can_delete_user($user_id)) { return false; } $user_info = api_get_user_info($user_id); $table_user = Database::get_main_table(TABLE_MAIN_USER); $usergroup_rel_user = Database::get_main_table(TABLE_USERGROUP_REL_USER); $table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER); $table_course = Database::get_main_table(TABLE_MAIN_COURSE); $table_admin = Database::get_main_table(TABLE_MAIN_ADMIN); $table_session_user = Database::get_main_table(TABLE_MAIN_SESSION_USER); $table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER); $table_group = Database::get_course_table(TABLE_GROUP_USER); $table_work = Database::get_course_table(TABLE_STUDENT_PUBLICATION); // Unsubscribe the user from all groups in all his courses $sql = "SELECT c.id FROM {$table_course} c, {$table_course_user} cu\n WHERE cu.user_id = '" . $user_id . "' AND relation_type<>" . COURSE_RELATION_TYPE_RRHH . " AND c.id = cu.c_id"; $res = Database::query($sql); while ($course = Database::fetch_object($res)) { $sql = "DELETE FROM {$table_group} WHERE c_id = {$course->id} AND user_id = {$user_id}"; Database::query($sql); } // Unsubscribe user from all classes //Classes are not longer supported /*$sql = "DELETE FROM $table_class_user WHERE user_id = '".$user_id."'"; Database::query($sql);*/ // Unsubscribe user from usergroup_rel_user $sql = "DELETE FROM {$usergroup_rel_user} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // Unsubscribe user from all courses $sql = "DELETE FROM {$table_course_user} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // Unsubscribe user from all courses in sessions $sql = "DELETE FROM {$table_session_course_user} WHERE id_user = '******'"; Database::query($sql); // Unsubscribe user from all sessions $sql = "DELETE FROM {$table_session_user} WHERE id_user = '******'"; Database::query($sql); // Delete user picture // TODO: Logic about api_get_setting('split_users_upload_directory') === 'true' , a user has 4 differnt sized photos to be deleted. if (strlen($user_info['picture_uri']) > 0) { $img_path = api_get_path(SYS_DATA_PATH) . 'upload/users/' . $user_id . '/' . $user_info['picture_uri']; if (file_exists($img_path)) { unlink($img_path); } } // Delete the personal course categories $course_cat_table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY); $sql = "DELETE FROM {$course_cat_table} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // Delete user from database $sql = "DELETE FROM {$table_user} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // Delete user from the admin table $sql = "DELETE FROM {$table_admin} WHERE user_id = '" . $user_id . "'"; Database::query($sql); // Delete the personal agenda-items from this user $agenda_table = Database::get_main_table(TABLE_PERSONAL_AGENDA); $sql = "DELETE FROM {$agenda_table} WHERE user = '******'"; Database::query($sql); $gradebook_results_table = Database::get_main_table(TABLE_MAIN_GRADEBOOK_RESULT); $sql = 'DELETE FROM ' . $gradebook_results_table . ' WHERE user_id = ' . $user_id; Database::query($sql); $t_ufv = Database::get_main_table(TABLE_MAIN_USER_FIELD_VALUES); $sqlv = "DELETE FROM {$t_ufv} WHERE user_id = {$user_id}"; Database::query($sqlv); if (api_get_multiple_access_url()) { $url_id = api_get_current_access_url_id(); UrlManager::delete_url_rel_user($user_id, $url_id); } else { //we delete the user from the url_id =1 UrlManager::delete_url_rel_user($user_id, 1); } if (api_get_setting('allow_social_tool') == 'true') { $usergroup = new UserGroup(); //Delete user from portal groups $group_list = $usergroup->get_groups_by_user($user_id); if (!empty($group_list)) { foreach ($group_list as $group_id => $data) { $usergroup->delete_user_rel_group($user_id, $group_id); } } // Delete user from friend lists SocialManager::remove_user_rel_user($user_id, true); } survey_manager::delete_all_survey_invitations_by_user($user_id); // Delete students works $sqlw = "DELETE FROM {$table_work} WHERE user_id = {$user_id} AND c_id <> 0"; Database::query($sqlw); unset($sqlw); // Add event to system log $user_id_manager = api_get_user_id(); event_system(LOG_USER_DELETE, LOG_USER_ID, $user_id, api_get_utc_datetime(), $user_id_manager, null, $user_info); event_system(LOG_USER_DELETE, LOG_USER_OBJECT, implode(';', $user_info), api_get_utc_datetime(), $user_id_manager, null, $user_info); return true; }