PHP LockRulesの例

コード例 #1

ファイル: details.php プロジェクト: ratbird/hope

 /**
  * Display a user's details.
  */
 public function index_action()
 {
     //add the free administrable datafields
     $userEntries = DataFieldEntry::getDataFieldEntries($this->user->user_id);
     $userEntries = array_filter($userEntries, function ($entry) {
         return $entry->isVisible();
     });
     $this->locked_info = LockRules::CheckLockRulePermission($this->user->user_id) ? LockRules::getObjectRule($this->user->user_id)->description : false;
     $this->is_dozent = $this->user->perms == 'dozent';
     $this->user_entries = $userEntries;
     $this->invalid_entries = $invalidEntries;
 }

コード例 #2

ファイル: dates.php プロジェクト: ratbird/hope

 public function details_action($termin_id)
 {
     Navigation::activateItem('/course/schedule/dates');
     $this->date = new CourseDate($termin_id);
     $this->cancelled_dates_locked = LockRules::Check($this->date->range_id, 'cancelled_dates');
     $this->dates_locked = LockRules::Check($this->date->range_id, 'room_time');
     if (Request::isXhr()) {
         $this->set_layout(null);
         $this->set_content_type('text/html;Charset=windows-1252');
         $this->response->add_header('X-Title', $this->date->getTypeName() . ": " . $this->date->getFullname());
     }
 }

コード例 #3

ファイル: CoreParticipants.class.php プロジェクト: ratbird/hope

 function getTabNavigation($course_id)
 {
     #$navigation = new AutoNavigation(_('Teilnehmende'));
     $navigation = new Navigation(_('Teilnehmende'));
     $navigation->setImage(Icon::create('persons', 'info_alt'));
     $navigation->setActiveImage(Icon::create('persons', 'info'));
     $navigation->addSubNavigation('view', new Navigation(_('Teilnehmende'), 'dispatch.php/course/members'));
     if (Course::find($course_id)->aux_lock_rule) {
         $navigation->addSubNavigation('additional', new Navigation(_('Zusatzangaben'), 'dispatch.php/course/members/additional'));
     }
     $navigation->addSubNavigation('view_groups', new Navigation(_('Funktionen / Gruppen'), 'statusgruppen.php?view=statusgruppe_sem'));
     if ($GLOBALS['perm']->have_studip_perm('tutor', $course_id) && !LockRules::check($course_id, 'groups')) {
         $navigation->addSubNavigation('edit_groups', new Navigation(_('Funktionen / Gruppen verwalten'), 'admin_statusgruppe.php?new_sem=TRUE&range_id=' . $course_id));
     }
     return array('members' => $navigation);
 }

コード例 #4

ファイル: management.php プロジェクト: ratbird/hope

 /**
  * change the visibility of a course
  *
  * @return void
  */
 function change_visibility_action()
 {
     if ((Config::get()->ALLOW_DOZENT_VISIBILITY || $GLOBALS['perm']->have_perm('admin')) && !LockRules::Check($GLOBALS['SessionSeminar'], 'seminar_visibility') && Seminar_Session::check_ticket(Request::option('studip_ticket'))) {
         $course = Course::findCurrent();
         if (!$course->visible) {
             StudipLog::log('SEM_VISIBLE', $course->id);
             $course->visible = 1;
             $msg = _("Die Veranstaltung wurde sichtbar gemacht.");
         } else {
             StudipLog::log('SEM_INVISIBLE', $course->id);
             $course->visible = 0;
             $msg = _("Die Veranstaltung wurde versteckt.");
         }
         if ($course->store()) {
             PageLayout::postMessage(MessageBox::success($msg));
         }
     }
     $this->redirect($this->url_for('/index'));
 }

コード例 #5

ファイル: admin_statusgruppe.php プロジェクト: ratbird/hope

    // set the options for the box
    list($self_assign_all, $self_assign_exclusive) = CheckSelfAssignAll($range_id);
    $template->set_attribute('self_assign_all', $self_assign_all);
    $template->set_attribute('self_assign_exclusive', $self_assign_exclusive);

    $template->set_attribute('seminar_class', SeminarCategories::GetBySeminarId($range_id)->id);

    if (Request::option('cmd') == 'editRole') {
        $role = new Statusgruppe(Request::option('role_id'));
        $template->set_attribute('role_data', $role->getData());
        $template->set_attribute('edit_role', $role->getId());
    } else if (Request::submitted('choosePreset')) {
        $template->set_attribute('role_data', array('name' => Request::quoted('presetName')));
    }
    $template->set_attribute('show_search_and_members_form', !LockRules::Check($range_id, 'participants'));

    // quickfilters
    foreach (getPersons($range_id, 'sem') as $k=>$v) {
        $quickfilter_sem[] = $k;
    }
    $template->set_attribute('quickfilter_sem', $quickfilter_sem);
    foreach (getPersons($range_id, 'sem_no_group') as $k=>$v) {
        $quickfilter_sem_no_group[] = $k;
    }
    $template->set_attribute('quickfilter_sem_no_group', $quickfilter_sem_no_group);
    foreach (getPersons($range_id, 'inst') as $k=>$v) {
        $quickfilter_inst[] = $k;
    }
    $template->set_attribute('quickfilter_inst', $quickfilter_inst);
    // search

コード例 #6

ファイル: index.php プロジェクト: ratbird/hope

        <?php 
echo $table_content;
?>
    </table>
<?
}
$sidebar = Sidebar::get();
$sidebar->setImage('sidebar/person-sidebar.png');
$widget = new ViewsWidget();
$widget->addLink(_('Standard'), URLHelper::getURL('?extend=no'))->setActive($extend != 'yes');
$widget->addLink(_('Erweitert'), URLHelper::getURL('?extend=yes'))->setActive($extend == 'yes');
$sidebar->addWidget($widget);

if ($admin_view) {

    if (!LockRules::Check($inst_id, 'participants')) {

        $edit = new SidebarWidget();
        $edit->setTitle(_('Personenverwaltung'));
        $edit->addElement(new WidgetElement($mp));
        $sidebar->addWidget($edit);
    }


    if (!empty($mail_list)) {
        $actions = new ActionsWidget();
        $actions->addLink(_('Stud.IP Rundmail'), $controller->url_for('messages/write', array('inst_id' => $inst_id, 'emailrequest' => 1)), Icon::create('mail', 'clickable'), array('data-dialog' => 'size=50%'));
        $sidebar->addWidget($actions);
    }
}

コード例 #7

ファイル: statusgroups.php プロジェクト: ratbird/hope

 private function types()
 {
     return array('inst' => array('name' => _('Institut'), 'after_user_add' => function ($user_id) {
         $newInstUser = new InstituteMember(array($user_id, $_SESSION['SessionSeminar']));
         if ($newInstUser->isNew()) {
             $user = new User($user_id);
             $newInstUser->inst_perms = $user->perms;
             if ($newInstUser->store()) {
                 StudipLog::INST_USER_ADD($_SESSION['SessionSeminar'], $user->id, $user->perms);
             }
         }
     }, 'after_user_delete' => function ($user_id) {
         null;
     }, 'after_user_move' => function ($user_id) {
         null;
     }, 'view' => function ($user_id) {
         return true;
     }, 'needs_size' => false, 'needs_self_assign' => false, 'edit' => function ($user_id) {
         return $GLOBALS['perm']->have_studip_perm('admin', $_SESSION['SessionSeminar']) && !LockRules::Check($_SESSION['SessionSeminar'], 'groups');
     }, 'redirect' => function () {
         require_once 'lib/admin_search.inc.php';
         die;
         //must not return
     }, 'groups' => array('members' => array('name' => _('Mitglieder')))));
 }

コード例 #8

ファイル: my_courses.php プロジェクト: ratbird/hope

 /**
  * This action remove a user from course
  * @param $course_id
  */
 public function decline_action($course_id, $waiting = null)
 {
     $current_seminar = Seminar::getInstance($course_id);
     $ticket_check = Seminar_Session::check_ticket(Request::option('studipticket'));
     if (LockRules::Check($course_id, 'participants')) {
         $lockdata = LockRules::getObjectRule($course_id);
         PageLayout::postMessage(MessageBox::error(sprintf(_("Sie können sich nicht von der Veranstaltung <b>%s</b> abmelden."), htmlReady($current_seminar->name))));
         if ($lockdata['description']) {
             PageLayout::postMessage(MessageBox::info(formatLinks($lockdata['description'])));
         }
         $this->redirect('my_courses/index');
         return;
     }
     if (Request::option('cmd') == 'back') {
         $this->redirect('my_courses/index');
         return;
     }
     if (Request::option('cmd') != 'kill' && Request::option('cmd') != 'kill_admission') {
         if ($current_seminar->admission_binding && Request::get('cmd') != 'suppose_to_kill_admission' && !LockRules::Check($current_seminar->getId(), 'participants')) {
             PageLayout::postMessage(MessageBox::error(sprintf(_("Die Veranstaltung <b>%s</b> ist als <b>bindend</b> angelegt.\n                    Wenn Sie sich abmelden wollen, müssen Sie sich an die Lehrende der Veranstaltung wenden."), htmlReady($current_seminar->name))));
             $this->redirect('my_courses/index');
             return;
         }
         if (Request::get('cmd') == 'suppose_to_kill') {
             // check course admission
             list(, $admission_end_time) = @array_values($current_seminar->getAdmissionTimeFrame());
             $admission_enabled = $current_seminar->isAdmissionEnabled();
             $admission_locked = $current_seminar->isAdmissionLocked();
             if ($admission_enabled || $admission_locked || (int) $current_seminar->admission_prelim == 1) {
                 $message = sprintf(_('Wollen Sie sich von der teilnahmebeschränkten Veranstaltung "%s" wirklich abmelden? Sie verlieren damit die Berechtigung für die Veranstaltung und müssen sich ggf. neu anmelden!'), $current_seminar->name);
             } else {
                 if (isset($admission_end_time) && $admission_end_time < time()) {
                     $message = sprintf(_('Wollen Sie sich von der teilnahmebeschränkten Veranstaltung "%s" wirklich abmelden? Der Anmeldzeitraum ist abgelaufen und Sie können sich nicht wieder anmelden!'), $current_seminar->name);
                 } else {
                     $message = sprintf(_('Wollen Sie sich von der Veranstaltung "%s" wirklich abmelden?'), $current_seminar->name);
                 }
             }
             $this->flash['cmd'] = 'kill';
         } else {
             if (admission_seminar_user_get_position($GLOBALS['user']->id, $course_id) === false) {
                 $message = sprintf(_('Wollen Sie sich von der Anmeldeliste der Veranstaltung "%s" wirklich abmelden?'), $current_seminar->name);
             } else {
                 $message = sprintf(_('Wollen Sie sich von der Warteliste der Veranstaltung "%s" wirklich abmelden? Sie verlieren damit die bereits erreichte Position und müssen sich ggf. neu anmelden!'), $current_seminar->name);
             }
             $this->flash['cmd'] = 'kill_admission';
         }
         $this->flash['decline_course'] = true;
         $this->flash['course_id'] = $course_id;
         $this->flash['message'] = $message;
         $this->flash['studipticket'] = Seminar_Session::get_ticket();
         $this->redirect('my_courses/index');
         return;
     } else {
         if (!LockRules::Check($course_id, 'participants') && $ticket_check && Request::option('cmd') != 'back' && Request::get('cmd') != 'kill_admission') {
             $query = "DELETE FROM seminar_user WHERE user_id = ? AND Seminar_id = ?";
             $statement = DBManager::get()->prepare($query);
             $statement->execute(array($GLOBALS['user']->id, $course_id));
             if ($statement->rowCount() == 0) {
                 PageLayout::postMessage(MessageBox::error(_('In der ausgewählten Veranstaltung wurde die gesuchten Personen nicht gefunden und konnte daher nicht ausgetragen werden.')));
             } else {
                 // LOGGING
                 StudipLog::log('SEM_USER_DEL', $course_id, $GLOBALS['user']->id, 'Hat sich selbst ausgetragen');
                 // enable others to do something after the user has been deleted
                 NotificationCenter::postNotification('UserDidLeaveCourse', $course_id, $GLOBALS['user']->id);
                 // Delete from statusgroups
                 RemovePersonStatusgruppeComplete(get_username(), $course_id);
                 // Are successor available
                 update_admission($course_id);
                 PageLayout::postMessage(MessageBox::success(sprintf(_("Erfolgreich von Veranstaltung <b>%s</b> abgemeldet."), htmlReady($current_seminar->name))));
             }
         } else {
             // LOGGING
             StudipLog::log('SEM_USER_DEL', $course_id, $GLOBALS['user']->id, 'Hat sich selbst aus der Warteliste ausgetragen');
             if ($current_seminar->isAdmissionEnabled()) {
                 $prio_delete = AdmissionPriority::unsetPriority($current_seminar->getCourseSet()->getId(), $GLOBALS['user']->id, $course_id);
             }
             $query = "DELETE FROM admission_seminar_user WHERE user_id = ? AND seminar_id = ?";
             $statement = DBManager::get()->prepare($query);
             $statement->execute(array($GLOBALS['user']->id, $course_id));
             if ($statement->rowCount() || $prio_delete) {
                 //Warteliste neu sortieren
                 renumber_admission($course_id);
                 //Pruefen, ob es Nachruecker gibt
                 update_admission($course_id);
                 PageLayout::postMessage(MessageBox::success(sprintf(_("Der Eintrag in der Anmelde- bzw. Warteliste der Veranstaltung <b>%s</b> wurde aufgehoben.\n                    Wenn Sie an der Veranstaltung teilnehmen wollen, müssen Sie sich erneut bewerben."), htmlReady($current_seminar->name))));
             }
         }
         $this->redirect('my_courses/index');
         return;
     }
 }

コード例 #9

ファイル: archiv_assi.php プロジェクト: ratbird/hope

            $_SESSION['archiv_assi_data']["pos"] = $_SESSION['archiv_assi_data']["pos"] + $i;
    }

// dec if we have lectures left in the lower
if (Request::option('dec'))
    if ($_SESSION['archiv_assi_data']["pos"] > 0) {
        $d = -1;
        while ((!$_SESSION['archiv_assi_data']["sem_check"][$_SESSION['archiv_assi_data']["sems"][$_SESSION['archiv_assi_data']["pos"] + $d]["id"]]) && ($_SESSION['archiv_assi_data']["pos"] + $d > 0))
            $d--;
        if ((sizeof($_SESSION['archiv_assi_data']["sem_check"]) > 1) && ($_SESSION['archiv_assi_data']["sem_check"][$_SESSION['archiv_assi_data']["sems"][$_SESSION['archiv_assi_data']["pos"] + $d]["id"]]))
            $_SESSION['archiv_assi_data']["pos"] = $_SESSION['archiv_assi_data']["pos"] + $d;
    }


if (LockRules::Check($_SESSION['archiv_assi_data']["sems"][$_SESSION['archiv_assi_data']["pos"]]["id"], 'seminar_archive')) {
    $lockdata = LockRules::getObjectRule($_SESSION['archiv_assi_data']["sems"][$_SESSION['archiv_assi_data']["pos"]]["id"]);
    if ($lockdata['description']) {
        $details = formatLinks($lockdata['description']);
    } else {
        $details = _("Die Veranstaltung kann nicht archiviert werden.");
    }
    throw new AccessDeniedException($details);
}

// Delete (and archive) the lecture
if (Request::option('archive_kill')) {
    $run = TRUE;
    $s_id = $_SESSION['archiv_assi_data']["sems"][$_SESSION['archiv_assi_data']["pos"]]["id"];
    // # Do we have permission to do so?

    if (!$perm->have_perm($check_perm)) {

コード例 #10

ファイル: topics.php プロジェクト: ratbird/hope

 public function index_action()
 {
     if (Request::isPost() && Request::get("edit") && $GLOBALS['perm']->have_studip_perm("tutor", $_SESSION['SessionSeminar'])) {
         $topic = new CourseTopic(Request::option("issue_id"));
         if ($topic['seminar_id'] && $topic['seminar_id'] !== $_SESSION['SessionSeminar']) {
             throw new AccessDeniedException();
         }
         if (Request::submitted("delete_topic")) {
             $topic->delete();
             PageLayout::postMessage(MessageBox::success(_("Thema gelöscht.")));
         } else {
             $topic['title'] = Request::get("title");
             $topic['description'] = Studip\Markup::purifyHtml(Request::get("description"));
             if ($topic->isNew()) {
                 $topic['seminar_id'] = $_SESSION['SessionSeminar'];
             }
             $topic->store();
             //change dates for this topic
             $former_date_ids = $topic->dates->pluck("termin_id");
             $new_date_ids = array_keys(Request::getArray("date"));
             foreach (array_diff($former_date_ids, $new_date_ids) as $delete_termin_id) {
                 $topic->dates->unsetByPk($delete_termin_id);
             }
             foreach (array_diff($new_date_ids, $former_date_ids) as $add_termin_id) {
                 $date = CourseDate::find($add_termin_id);
                 if ($date) {
                     $topic->dates[] = $date;
                 }
             }
             $topic->store();
             if (Request::get("folder") && !$topic->folder) {
                 $topic->connectWithDocumentFolder();
             }
             // create a connection to the module forum (can be anything)
             // will update title and description automagically
             if (Request::get("forumthread")) {
                 $topic->connectWithForumThread();
             }
             if (Request::option("issue_id") === "new") {
                 Request::set("open", $topic->getId());
             }
             PageLayout::postMessage(MessageBox::success(_("Thema gespeichert.")));
             $this->redirect("course/topics/index");
         }
     }
     if (Request::isPost() && Request::option("move_down")) {
         $topics = CourseTopic::findBySeminar_id($_SESSION['SessionSeminar']);
         $mainkey = null;
         foreach ($topics as $key => $topic) {
             if ($topic->getId() === Request::option("move_down")) {
                 $mainkey = $key;
             }
             $topic['priority'] = $key + 1;
         }
         if ($mainkey !== null && $mainkey < count($topics)) {
             $topics[$mainkey]->priority++;
             $topics[$mainkey + 1]->priority--;
         }
         foreach ($topics as $key => $topic) {
             $topic->store();
         }
     }
     if (Request::isPost() && Request::option("move_up")) {
         $topics = CourseTopic::findBySeminar_id($_SESSION['SessionSeminar']);
         foreach ($topics as $key => $topic) {
             if ($topic->getId() === Request::option("move_up") && $key > 0) {
                 $topic['priority'] = $key;
                 $topics[$key - 1]->priority = $key + 1;
                 $topics[$key - 1]->store();
             } else {
                 $topic['priority'] = $key + 1;
             }
             $topic->store();
         }
     }
     Navigation::activateItem('/course/schedule/topics');
     $this->topics = CourseTopic::findBySeminar_id($_SESSION['SessionSeminar']);
     $this->cancelled_dates_locked = LockRules::Check($_SESSION['SessionSeminar'], 'cancelled_dates');
 }

コード例 #11

ファイル: settings.php プロジェクト: ratbird/hope

 /**
  * Determines whether a user is permitted to change a certain value
  * and if provided, whether the value has actually changed.
  *
  * @param String $field Which db field shall change
  * @param mixed $attribute Which attribute is related (optional,
  *                         automatically guessedif missing)
  * @param mixed $value Optional new value of the field (used to determine
  *                     whether the value has actually changed)
  * @return bool Indicates whether the value shall actually change
  */
 public function shallChange($field, $attribute = null, $value = null)
 {
     $column = end(explode('.', $field));
     $attribute = $attribute ?: strtolower($column);
     $global_mapping = array('email' => 'ALLOW_CHANGE_EMAIL', 'name' => 'ALLOW_CHANGE_NAME', 'title' => 'ALLOW_CHANGE_TITLE', 'username' => 'ALLOW_CHANGE_USERNAME');
     if (isset($global_mapping[$attribute]) and !$GLOBALS[$global_mapping[$attribute]]) {
         return false;
     }
     return !($field && StudipAuthAbstract::CheckField($field, $this->user->auth_plugin)) && !LockRules::check($this->user->user_id, $attribute) && ($value === null || $this->user->{$column} != $value);
 }

コード例 #12

ファイル: CoreAdmin.class.php プロジェクト: ratbird/hope

 function getTabNavigation($course_id)
 {
     $sem_create_perm = in_array(get_config('SEM_CREATE_PERM'), array('root', 'admin', 'dozent')) ? get_config('SEM_CREATE_PERM') : 'dozent';
     if ($GLOBALS['perm']->have_studip_perm('tutor', $course_id)) {
         $navigation = new Navigation(_('Verwaltung'));
         $navigation->setImage(Icon::create('admin', 'info_alt'));
         $navigation->setActiveImage(Icon::create('admin', 'info'));
         $main = new Navigation(_('Verwaltung'), 'dispatch.php/course/management');
         $navigation->addSubNavigation('main', $main);
         if ($GLOBALS['SessSemName']['class'] !== "inst") {
             $item = new Navigation(_('Grunddaten'), 'dispatch.php/course/basicdata/view/' . $course_id);
             $item->setImage(Icon::create('edit', 'clickable'));
             $item->setDescription(_('Bearbeiten der Grundeinstellungen dieser Veranstaltung.'));
             $navigation->addSubNavigation('details', $item);
             $item = new Navigation(_('Infobild'), 'dispatch.php/course/avatar/update/' . $course_id);
             $item->setImage(Icon::create('file-pic', 'clickable'));
             $item->setDescription(_('Infobild dieser Veranstaltung bearbeiten oder löschen.'));
             $navigation->addSubNavigation('avatar', $item);
             $item = new Navigation(_('Studienbereiche'), 'dispatch.php/course/study_areas/show/' . $course_id);
             $item->setImage(Icon::create('module', 'clickable'));
             $item->setDescription(_('Zuordnung dieser Veranstaltung zu Studienbereichen für die Darstellung im Verzeichnis aller Veranstaltungen.'));
             $navigation->addSubNavigation('study_areas', $item);
             $item = new Navigation(_('Zeiten/Räume'), 'dispatch.php/course/timesrooms');
             $item->setImage(Icon::create('date', 'clickable'));
             $item->setDescription(_('Regelmäßige Veranstaltungszeiten, Einzeltermine und Ortsangaben ändern.'));
             $navigation->addSubNavigation('dates', $item);
             if (get_config('RESOURCES_ENABLE') && get_config('RESOURCES_ALLOW_ROOM_REQUESTS')) {
                 $item = new Navigation(_('Raumanfragen'), 'dispatch.php/course/room_requests/index/' . $course_id);
                 $item->setImage(Icon::create('resources', 'clickable'));
                 $item->setDescription(_('Raumanfragen zu Veranstaltungszeiten verwalten.'));
                 $navigation->addSubNavigation('room_requests', $item);
             }
             $item = new Navigation(_('Zugangsberechtigungen'), 'dispatch.php/course/admission');
             $item->setImage(Icon::create('lock-locked', 'clickable'));
             $item->setDescription(_('Zugangsbeschränkungen, Anmeldeverfahren oder einen Passwortschutz für diese Veranstaltung einrichten.'));
             $navigation->addSubNavigation('admission', $item);
             $item = new AutoNavigation(_('Zusatzangaben'), 'dispatch.php/admin/additional');
             $item->setImage(Icon::create('add', 'clickable'));
             $item->setDescription(_('Vorlagen zur Erhebung weiterer Angaben von Teilnehmenden auswählen.'));
             $navigation->addSubNavigation('additional_data', $item);
             if ($GLOBALS['perm']->have_perm($sem_create_perm)) {
                 if (!LockRules::check($course_id, 'seminar_copy')) {
                     $item = new Navigation(_('Veranstaltung kopieren'), 'dispatch.php/course/wizard/copy/' . $course_id);
                     $item->setImage(Icon::create('seminar+add', 'clickable'));
                     $main->addSubNavigation('copy', $item);
                 }
                 if (get_config('ALLOW_DOZENT_ARCHIV') || $GLOBALS['perm']->have_perm('admin')) {
                     $item = new Navigation(_('Veranstaltung archivieren'), 'archiv_assi.php');
                     $item->setImage(Icon::create('seminar+remove', 'clickable'));
                     $main->addSubNavigation('archive', $item);
                 }
                 if ((get_config('ALLOW_DOZENT_VISIBILITY') || $GLOBALS['perm']->have_perm('admin')) && !LockRules::Check($course_id, 'seminar_visibility')) {
                     $is_visible = Course::findCurrent()->visible;
                     $item = new Navigation(_('Sichtbarkeit ändern') . ' (' . ($is_visible ? _('sichtbar') : _('unsichtbar')) . ')', 'dispatch.php/course/management/change_visibility');
                     $item->setImage(Icon::create('visibility-' . ($is_visible ? 'visible' : 'invisible'), 'clickable'));
                     $main->addSubNavigation('visibility', $item);
                 }
                 if ($GLOBALS['perm']->have_perm('admin')) {
                     $is_locked = Course::findCurrent()->lock_rule;
                     $item = new Navigation(_('Sperrebene ändern') . ' (' . ($is_locked ? _('gesperrt') : _('nicht gesperrt')) . ')', 'dispatch.php/course/management/lock');
                     $item->setImage(Icon::create('lock-' . ($is_locked ? 'locked' : 'unlocked'), 'clickable'), ['data-dialog' => 'size=auto']);
                     $main->addSubNavigation('lock', $item);
                 }
             }
             // show entry for simulated participant view
             if (in_array($GLOBALS['perm']->get_studip_perm($course_id), words('tutor dozent'))) {
                 $item = new Navigation('Studierendenansicht simulieren', 'dispatch.php/course/change_view?cid=' . Request::option('cid'));
                 $item->setDescription(_('Hier können Sie sich die Veranstaltung aus der Sicht von Studierenden sehen.'));
                 $item->setImage(Icon::create('visibility-invisible', 'clickable'));
                 $main->addSubNavigation('change_view', $item);
             }
         }
         // endif modules only seminars
         if ($GLOBALS['perm']->have_studip_perm('tutor', $course_id)) {
             if (get_config('VOTE_ENABLE')) {
                 $item = new Navigation(_('Umfragen und Tests'), 'admin_vote.php?view=vote_sem');
                 $item->setImage(Icon::create('vote', 'clickable'));
                 $item->setDescription(_('Erstellen und bearbeiten von einfachen Umfragen und Tests.'));
                 $navigation->addSubNavigation('vote', $item);
                 $item = new Navigation(_('Evaluationen'), 'admin_evaluation.php?view=eval_sem');
                 $item->setImage(Icon::create('evaluation', 'clickable'));
                 $item->setDescription(_('Richten Sie fragebogenbasierte Umfragen und Lehrevaluationen ein.'));
                 $navigation->addSubNavigation('evaluation', $item);
             }
         }
         return array('admin' => $navigation);
     } else {
         return array();
     }
 }

コード例 #13

ファイル: admission.php プロジェクト: ratbird/hope

 function change_course_set_action()
 {
     CSRFProtection::verifyUnsafeRequest();
     if (Request::submitted('change_course_set_assign') && Request::get('course_set_assign') && !LockRules::Check($this->course_id, 'admission_type')) {
         $cs = new CourseSet(Request::option('course_set_assign'));
         if ($cs->isUserAllowedToAssignCourse($this->user_id, $this->course_id)) {
             CourseSet::addCourseToSet($cs->getId(), $this->course_id);
             $cs->load();
             if (in_array($this->course_id, $cs->getCourses())) {
                 PageLayout::postMessage(MessageBox::success(sprintf(_("Die Zuordnung zum Anmeldeset %s wurde durchgeführt."), htmlReady($cs->getName()))));
             }
         }
     }
     if (Request::submitted('change_course_set_unassign') && !LockRules::Check($this->course_id, 'admission_type')) {
         $this->response->add_header('X-Title', _('Anmelderegeln aufheben'));
         if ($this->course->getNumWaiting() && !Request::submitted('change_course_set_unassign_yes')) {
             $question = sprintf(_("In dieser Veranstaltung existiert eine Warteliste. Die bestehende Warteliste mit %s Einträgen wird gelöscht. Sind sie sicher?"), $this->course->getNumWaiting());
         }
         $cs = CourseSet::getSetForCourse($this->course_id);
         if ($cs) {
             $priorities = AdmissionPriority::getPrioritiesByCourse($cs->getId(), $this->course_id);
             if (count($priorities) && !Request::submitted('change_course_set_unassign_yes')) {
                 $question = sprintf(_("In dieser Veranstaltung existiert eine Anmeldeliste (Losverfahren am %s). Die bestehende Anmeldeliste mit %s Einträgen wird gelöscht. Sind sie sicher?"), strftime('%x %R', $cs->getSeatDistributionTime()), count($priorities));
             }
         }
         if (!$question && $cs) {
             CourseSet::removeCourseFromSet($cs->getId(), $this->course_id);
             $cs->load();
             if (!in_array($this->course_id, $cs->getCourses())) {
                 PageLayout::postMessage(MessageBox::success(sprintf(_("Die Zuordnung zum Anmeldeset %s wurde aufgehoben."), htmlReady($cs->getName()))));
             }
             if (!count($cs->getCourses()) && $cs->isGlobal() && $cs->getUserid() != '') {
                 $cs->delete();
             }
             if ($this->course->getNumWaiting()) {
                 $num_moved = 0;
                 foreach ($this->course->admission_applicants->findBy('status', 'awaiting') as $applicant) {
                     setTempLanguage($applicant->user_id);
                     $message_body = sprintf(_('Die Warteliste der Veranstaltung **%s** wurde deaktiviert, Sie sind damit __nicht__ zugelassen worden.'), $this->course->name);
                     $message_title = sprintf(_("Statusänderung %s"), $this->course->name);
                     messaging::sendSystemMessage($applicant->user_id, $message_title, $message_body);
                     restoreLanguage();
                     $num_moved += $applicant->delete();
                 }
                 if ($num_moved) {
                     PageLayout::postMessage(MessageBox::success(sprintf(_("%s Wartende wurden entfernt."), $num_moved)));
                 }
             }
         }
     }
     if (!$question) {
         $this->redirect($this->url_for('/index'));
     } else {
         $this->request = array('change_course_set_unassign' => 1);
         $this->button_yes = 'change_course_set_unassign_yes';
         PageLayout::postMessage(MessageBox::info($question));
         $this->render_template('course/admission/_change_admission.php');
     }
 }

コード例 #14

ファイル: edit_about.inc.php プロジェクト: ratbird/hope

function edit_email($user, $email, $force = False)
{
    $msg = '';
    $query = "SELECT email, username, auth_plugin\n              FROM auth_user_md5\n              WHERE user_id = ?";
    $statement = DBManager::get()->prepare($query);
    $statement->execute(array($user->user_id));
    $row = $statement->fetch(PDO::FETCH_ASSOC);
    $email_cur = $row['email'];
    $username = $row['username'];
    $auth_plugin = $row['auth_plugin'];
    if ($email_cur == $email && !$force) {
        return array(True, $msg);
    }
    if (StudipAuthAbstract::CheckField("auth_user_md5.Email", $auth_plugin) || LockRules::check($user->user_id, 'email')) {
        return array(False, $msg);
    }
    if (!$GLOBALS['ALLOW_CHANGE_EMAIL']) {
        return array(False, $msg);
    }
    $validator = new email_validation_class();
    ## Klasse zum Ueberpruefen der Eingaben
    $validator->timeout = 10;
    $REMOTE_ADDR = $_SERVER["REMOTE_ADDR"];
    $Zeit = date("H:i:s, d.m.Y", time());
    // accept only registered domains if set
    $email_restriction = trim(get_config('EMAIL_DOMAIN_RESTRICTION'));
    if (!$validator->ValidateEmailAddress($email, $email_restriction)) {
        if ($email_restriction) {
            $email_restriction_msg_part = '';
            $email_restriction_parts = explode(',', $email_restriction);
            for ($email_restriction_count = 0; $email_restriction_count < count($email_restriction_parts); $email_restriction_count++) {
                if ($email_restriction_count == count($email_restriction_parts) - 1) {
                    $email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . '<br>';
                } else {
                    if (($email_restriction_count + 1) % 3) {
                        $email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ', ';
                    } else {
                        $email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ',<br>';
                    }
                }
            }
            $msg .= 'error§' . sprintf(_("Die E-Mail-Adresse fehlt, ist falsch geschrieben oder gehört nicht zu folgenden Domains:%s"), '<br>' . $email_restriction_msg_part);
        } else {
            $msg .= "error§" . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "§";
        }
        return array(False, $msg);
        // E-Mail syntaktisch nicht korrekt oder fehlend
    }
    if (!$validator->ValidateEmailHost($email)) {
        // Mailserver nicht erreichbar, ablehnen
        $msg .= "error§" . _("Der Mailserver ist nicht erreichbar. Bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken können!") . "§";
        return array(False, $msg);
    } else {
        // Server ereichbar
        if (!$validator->ValidateEmailBox($email)) {
            // aber user unbekannt. Mail an abuse!
            StudipMail::sendAbuseMessage("edit_about", "Emailbox unbekannt\n\nUser: "******"\nEmail: {$email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n");
            $msg .= "error§" . _("Die angegebene E-Mail-Adresse ist nicht erreichbar. Bitte überprüfen Sie Ihre Angaben!") . "§";
            return array(False, $msg);
        }
    }
    $query = "SELECT Vorname, Nachname\n              FROM auth_user_md5\n              WHERE Email = ? AND user_id != ?";
    $statement = DBManager::get()->prepare($query);
    $statement->execute(array($email, $user->user_id));
    $row = $statement->fetch(PDO::FETCH_ASSOC);
    if ($row) {
        $msg .= "error§" . sprintf(_("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer (%s %s) verwendet. Bitte geben Sie eine andere E-Mail-Adresse an."), htmlReady($row['Vorname']), htmlReady($row['Nachname'])) . "§";
        return array(False, $msg);
    }
    // This already moved to the controller
    //    $query = "UPDATE auth_user_md5 SET Email = ? WHERE user_id = ?";
    //    $statement = DBManager::get()->prepare($query);
    //    $statement->execute(array($email, $uid));
    if (StudipAuthAbstract::CheckField("auth_user_md5.validation_key", $auth_plugin)) {
        $msg .= "msg§" . _("Ihre E-Mail-Adresse wurde geändert!") . "§";
        return array(True, $msg);
    } else {
        // auth_plugin does not map validation_key (what if...?)
        // generate 10 char activation key
        $key = '';
        mt_srand((double) microtime() * 1000000);
        for ($i = 1; $i <= 10; $i++) {
            $temp = mt_rand() % 36;
            if ($temp < 10) {
                $temp += 48;
            } else {
                $temp += 87;
            }
            // a = chr(97), z = chr(122)
            $key .= chr($temp);
        }
        $user->validation_key = $key;
        $activatation_url = $GLOBALS['ABSOLUTE_URI_STUDIP'] . 'activate_email.php?uid=' . $user->user_id . '&key=' . $user->validation_key;
        // include language-specific subject and mailbody with fallback to german
        $lang = $GLOBALS['_language_path'];
        // workaround
        if ($lang == '') {
            $lang = 'de';
        }
        include_once "locale/{$lang}/LC_MAILS/change_self_mail.inc.php";
        $mail = StudipMail::sendMessage($email, $subject, $mailbody);
        if (!$mail) {
            return array(True, $msg);
        }
        $query = "UPDATE auth_user_md5 SET validation_key = ? WHERE user_id = ?";
        $statement = DBManager::get()->prepare($query);
        $statement->execute(array($user->validation_key, $user->user_id));
        $msg .= "info§<b>" . sprintf(_('An Ihre neue E-Mail-Adresse <b>%s</b> wurde ein Aktivierungslink geschickt, dem Sie folgen müssen bevor Sie sich das nächste mal einloggen können.'), $email) . '</b>§';
        log_event("USER_NEWPWD", $user->user_id);
        // logging
    }
    return array(True, $msg);
}

コード例 #15

ファイル: _table_body.php プロジェクト: ratbird/hope

                            if (in_array($e_id, $dview) === TRUE) {
                                echo '<td><font size="-1">';
                                if ($entry->getValue() == 'default_value') {
                                    echo $default_entries[$e_id]->getDisplayValue();
                                } else {
                                    echo $entry->getDisplayValue();
                                }
                                echo '</font></td>';
                            }
                        }
                    } else {
                        for ($i = 0; $i < sizeof($struct); $i++) {
                            echo '<td>&nbsp;</td>';
                        }
                    }
                    if ($admin_view && !LockRules::Check($range_id, 'participants')) {
                        echo '<td>';
                        echo '<a href="'.URLHelper::getLink('dispatch.php/settings/statusgruppen/switch/' . $id . '?username='******'username']).'"><font size="-1">';
                        echo Icon::create('edit', 'clickable')->asImg();
                        echo '</font></a></td>';

                        echo '<td>';
                        echo '&nbsp;<a href="'.URLHelper::getLink('?cmd=removeFromGroup&username='******'username'].'&role_id='.$id).'">';
                        echo Icon::create('trash', 'clickable')->asImg(['class' => 'text-top']);
                        echo '</a>&nbsp</td>';
                    }
                    elseif ($structure["nachricht"]) {
                        echo '<td colspan=\"2\">&nbsp;</td>';
                    }
                    echo '</tr>', "\n";
                }

コード例 #16

ファイル: account.php プロジェクト: ratbird/hope

 /**
  * Display the account information of a user
  */
 public function index_action()
 {
     $this->locked_info = LockRules::CheckLockRulePermission($this->user['user_id']) ? LockRules::getObjectRule($this->user['user_id'])->description : false;
     $auth = StudipAuthAbstract::GetInstance($this->user->auth_plugin ?: 'standard');
     $this->is_sso = $auth instanceof StudipAuthSSO;
 }

コード例 #17

ファイル: basicdata.php プロジェクト: ratbird/hope

 /**
  * Ändert alle Grunddaten der Veranstaltung (bis auf Personal) und leitet
  * danach weiter auf View.
  */
 public function set_action($course_id)
 {
     global $perm;
     $sem = Seminar::getInstance($course_id);
     $this->msg = array();
     $old_settings = $sem->getSettings();
     //Seminar-Daten:
     if ($perm->have_studip_perm("tutor", $sem->getId())) {
         $changemade = false;
         foreach (Request::getInstance() as $req_name => $req_value) {
             if (substr($req_name, 0, 7) === "course_") {
                 $varname = substr($req_name, 7);
                 if ($varname === "name" && !$req_value) {
                     $this->msg[] = array("error", _("Name der Veranstaltung darf nicht leer sein."));
                 } elseif ($sem->{$varname} != $req_value) {
                     $sem->{$varname} = $req_value;
                     $changemade = true;
                 }
             }
         }
         //seminar_inst:
         if (!LockRules::Check($course_id, 'seminar_inst') && $sem->setInstitutes(Request::optionArray('related_institutes'))) {
             $changemade = true;
         }
         //Datenfelder:
         $invalid_datafields = array();
         $all_fields_types = DataFieldEntry::getDataFieldEntries($sem->id, 'sem', $sem->status);
         foreach (Request::getArray('datafields') as $datafield_id => $datafield_value) {
             $datafield = $all_fields_types[$datafield_id];
             $valueBefore = $datafield->getValue();
             $datafield->setValueFromSubmit($datafield_value);
             if ($valueBefore != $datafield->getValue()) {
                 if ($datafield->isValid()) {
                     $datafield->store();
                     $changemade = true;
                 } else {
                     $invalid_datafields[] = $datafield->getName();
                 }
             }
         }
         if (count($invalid_datafields)) {
             $message = ngettext('%s der Veranstaltung wurde falsch angegeben', '%s der Veranstaltung wurden falsch angegeben', count($invalid_datafields));
             $message .= ', ' . _('bitte korrigieren Sie dies unter "Beschreibungen"') . '.';
             $message = sprintf($message, join(', ', array_map('htmlReady', $invalid_datafields)));
             $this->msg[] = array('error', $message);
         }
         $sem->store();
         // Logging
         $before = array_diff_assoc($old_settings, $sem->getSettings());
         $after = array_diff_assoc($sem->getSettings(), $old_settings);
         //update admission, if turnout was raised
         if ($after['admission_turnout'] > $before['admission_turnout'] && $sem->isAdmissionEnabled()) {
             update_admission($sem->getId());
         }
         if (sizeof($before) && sizeof($after)) {
             foreach ($before as $k => $v) {
                 $log_message .= "{$k}: {$v} => " . $after[$k] . " \n";
             }
             log_event('CHANGE_BASIC_DATA', $sem->getId(), " ", $log_message);
         }
         // end of logging
         if ($changemade) {
             $this->msg[] = array("msg", _("Die Grunddaten der Veranstaltung wurden verändert."));
         }
     } else {
         $this->msg[] = array("error", _("Sie haben keine Berechtigung diese Veranstaltung zu verändern."));
     }
     //Labels/Funktionen für Dozenten und Tutoren
     if ($perm->have_studip_perm("dozent", $sem->getId())) {
         foreach (Request::getArray("label") as $user_id => $label) {
             $sem->setLabel($user_id, $label);
         }
     }
     foreach ($sem->getStackedMessages() as $key => $messages) {
         foreach ($messages['details'] as $message) {
             $this->msg[] = array($key !== "success" ? $key : "msg", $message);
         }
     }
     $this->flash['msg'] = $this->msg;
     $this->flash['open'] = Request::get("open");
     $this->redirect($this->url_for('course/basicdata/view/' . $sem->getId()));
 }

コード例 #18

ファイル: basicdata.php プロジェクト: ratbird/hope

 /**
  * show institute basicdata page
  *
  * @param mixed $i_id Optional institute id 
  * @throws AccessDeniedException
  */
 public function index_action($i_id = false)
 {
     PageLayout::setTitle(_('Verwaltung der Grunddaten'));
     Navigation::activateItem('/admin/institute/details');
     //get ID from an open Institut
     $i_view = $i_id ?: Request::option('i_view', $GLOBALS['SessSemName'][1]);
     if (!$i_view) {
         require_once 'lib/admin_search.inc.php';
         // This search just died a little inside, so it should be safe to
         // continue here but we nevertheless return just to be sure
         return;
     } elseif ($i_view === 'new') {
         closeObject();
     }
     //  allow only inst-admin and root to view / edit
     if ($i_view && !$GLOBALS['perm']->have_studip_perm('admin', $i_view) && $i_view !== 'new') {
         throw new AccessDeniedException();
     }
     //Change header_line if open object
     $header_line = getHeaderLine($i_view);
     if ($header_line) {
         PageLayout::setTitle($header_line . ' - ' . PageLayout::getTitle());
     }
     if (Request::get('i_trykill')) {
         $message = _('Sind Sie sicher, dass Sie diese Einrichtung löschen wollen?');
         $post['i_kill'] = 1;
         $post['studipticket'] = get_ticket();
         $this->question = createQuestion2($message, $post, array(), $this->url_for('institute/basicdata/delete/' . $i_view));
     }
     $lockrule = LockRules::getObjectRule($i_view);
     if ($lockrule->description && LockRules::CheckLockRulePermission($i_view, $lockrule['permission'])) {
         PageLayout::postMessage(MessageBox::info(formatLinks($lockrule->description)));
     }
     // Load institute data
     $institute = new Institute($i_view === 'new' ? null : $i_view);
     //add the free administrable datafields
     $datafields = array();
     $localEntries = DataFieldEntry::getDataFieldEntries($institute->id, 'inst');
     if ($localEntries) {
         $invalidEntries = $this->flash['invalid_entries'] ?: array();
         foreach ($localEntries as $entry) {
             if (!$entry->isVisible()) {
                 continue;
             }
             $color = '#000000';
             if (in_array($entry->getId(), $invalidEntries)) {
                 $color = '#ff0000';
             }
             $datafields[] = array('color' => $color, 'title' => $entry->getName(), 'value' => $GLOBALS['perm']->have_perm($entry->isEditable()) && !LockRules::Check($institute['Institut_id'], $entry->getId()) ? $entry->getHTML('datafields') : $entry->getDisplayValue());
         }
     }
     // Read faculties if neccessary
     if (count($institute->sub_institutes) === 0) {
         if ($GLOBALS['perm']->have_perm('root')) {
             $this->faculties = Institute::findBySQL('Institut_id = fakultaets_id ORDER BY Name ASC', array($i_view));
         } else {
             $temp = User::find($GLOBALS['user']->id)->institute_memberships->findBy('inst_perms', 'admin')->pluck('institute');
             $institutes = SimpleORMapCollection::createFromArray($temp);
             $faculties = $institutes->filter(function ($institute) {
                 return $institute->is_fak;
             });
             $this->faculties = $faculties;
         }
     }
     // Indicates whether the current user is allowed to delete the institute
     $this->may_delete = $i_view !== 'new' && !(count($institute->home_courses) || count($institute->sub_institutes)) && ($GLOBALS['perm']->have_perm('root') || $GLOBALS['perm']->is_fak_admin() && get_config('INST_FAK_ADMIN_PERMS') == 'all');
     if (!$this->may_delete) {
         //Set infotext for disabled delete-button
         $reason_txt = _('Löschen nicht möglich.');
         if (count($institute->home_courses) > 0) {
             $reason_txt .= ' ';
             $reason_txt .= sprintf(ngettext('Es ist eine Veranstaltung zugeordnet.', 'Es sind %u Veranstaltungen zugeordnet.', count($institute->home_courses)), count($institute->home_courses));
         }
         if (count($institute->sub_institutes) > 0) {
             $reason_txt .= ' ';
             $reason_txt .= sprintf(ngettext('Es ist eine Einrichtung zugeordnet.', 'Es sind %u Einrichtungen zugeordnet.', count($institute->sub_institutes)), count($institute->sub_institutes));
         }
     }
     // Indicates whether the current user is allowed to change the faculty
     $this->may_edit_faculty = $GLOBALS['perm']->is_fak_admin() && !LockRules::Check($institute['Institut_id'], 'fakultaets_id') && ($GLOBALS['perm']->have_studip_perm('admin', $institute['fakultaets_id']) || $i_view === 'new');
     // Prepare template
     $this->institute = $institute;
     $this->i_view = $i_view;
     $this->datafields = $datafields;
     $this->reason_txt = $reason_txt;
 }

コード例 #19

ファイル: lockrules.php プロジェクト: ratbird/hope

 function new_action()
 {
     $this->lock_rule = new LockRule();
     $this->lock_config = LockRules::getLockRuleConfig($this->lock_rule_type);
     if (Request::submitted('ok')) {
         $this->lock_rule->user_id = $GLOBALS['user']->id;
         $this->lock_rule->object_type = $this->lock_rule_type;
         if (!$this->handle_form_data()) {
             PageLayout::postMessage(MessageBox::error(_('Die neue Sperrebene konnte nicht gespeichert werden.'), $this->msg['error']));
         } else {
             PageLayout::postMessage(MessageBox::success(_('Die neue Sperrebene wurde gespeichert')));
             $this->redirect($this->url_for('admin/lockrules/edit/' . $this->lock_rule->getid()));
         }
     }
     $actions = new ActionsWidget();
     $actions->addLink(_('Bearbeiten abbrechen'), $this->url_for('admin/lockrules'), Icon::create('decline', 'clickable'));
     $this->sidebar->addWidget($actions);
 }

コード例 #20

ファイル: members.php プロジェクト: ratbird/hope

 public function index_action()
 {
     global $perm, $PATH_EXPORT;
     $sem = Seminar::getInstance($this->course_id);
     // old message style
     if ($_SESSION['sms_msg']) {
         $this->msg = $_SESSION['sms_msg'];
         unset($_SESSION['sms_msg']);
     }
     $this->sort_by = Request::option('sortby', 'nachname');
     $this->order = Request::option('order', 'desc');
     $this->sort_status = Request::get('sort_status');
     Navigation::activateItem('/course/members/view');
     if (Request::int('toggle')) {
         $this->order = $this->order == 'desc' ? 'asc' : 'desc';
     }
     $filtered_members = $this->members->getMembers($this->sort_status, $this->sort_by . ' ' . $this->order, !$this->is_tutor ? $this->user_id : null);
     if ($this->is_tutor) {
         $filtered_members = array_merge($filtered_members, $this->members->getAdmissionMembers($this->sort_status, $this->sort_by . ' ' . $this->order));
         $this->awaiting = $filtered_members['awaiting']->toArray('user_id username vorname nachname visible mkdate');
         $this->accepted = $filtered_members['accepted']->toArray('user_id username vorname nachname visible mkdate');
         $this->claiming = $filtered_members['claiming']->toArray('user_id username vorname nachname visible mkdate');
     }
     // Check autor-perms
     if (!$this->is_tutor) {
         SkipLinks::addIndex(_("Sichtbarkeit ändern"), 'change_visibility');
         // filter invisible user
         $this->invisibles = count($filtered_members['autor']->findBy('visible', 'no')) + count($filtered_members['user']->findBy('visible', 'no'));
         $current_user_id = $this->user_id;
         $exclude_invisibles = function ($user) use($current_user_id) {
             return $user['visible'] != 'no' || $user['user_id'] == $current_user_id;
         };
         $filtered_members['autor'] = $filtered_members['autor']->filter($exclude_invisibles);
         $filtered_members['user'] = $filtered_members['user']->filter($exclude_invisibles);
         $this->my_visibility = $this->getUserVisibility();
         if (!$this->my_visibility['iam_visible']) {
             $this->invisibles--;
         }
     }
     // get member informations
     $this->dozenten = $filtered_members['dozent']->toArray('user_id username vorname nachname');
     $this->tutoren = $filtered_members['tutor']->toArray('user_id username vorname nachname mkdate');
     $this->autoren = $filtered_members['autor']->toArray('user_id username vorname nachname visible mkdate');
     $this->users = $filtered_members['user']->toArray('user_id username vorname nachname visible mkdate');
     $this->studipticket = Seminar_Session::get_ticket();
     $this->subject = $this->getSubject();
     $this->groups = $this->status_groups;
     // Check Seminar
     if ($this->is_tutor && $sem->isAdmissionEnabled()) {
         $this->course = $sem;
         $distribution_time = $sem->getCourseSet()->getSeatDistributionTime();
         if ($sem->getCourseSet()->hasAlgorithmRun()) {
             $this->waitingTitle = _("Warteliste");
             if (!$sem->admission_disable_waitlist_move) {
                 $this->waitingTitle .= ' (' . _("automatisches Nachrücken ist eingeschaltet") . ')';
             } else {
                 $this->waitingTitle .= ' (' . _("automatisches Nachrücken ist ausgeschaltet") . ')';
             }
             $this->semAdmissionEnabled = 2;
             $this->waiting_type = 'awaiting';
         } else {
             $this->waitingTitle = sprintf(_("Anmeldeliste (Losverfahren am %s)"), strftime('%x %R', $distribution_time));
             $this->semAdmissionEnabled = 1;
             $this->awaiting = $this->claiming;
             $this->waiting_type = 'claiming';
         }
     }
     // Set the infobox
     $this->createSidebar($filtered_members, $course);
     if ($this->is_locked && $this->is_tutor) {
         $lockdata = LockRules::getObjectRule($this->course_id);
         if ($lockdata['description']) {
             PageLayout::postMessage(MessageBox::info(formatLinks($lockdata['description'])));
         }
     }
     // Check for waitlist availability (influences available actions)
     // People can be moved to waitlist if waitlist available and no automatic moving up.
     if (!$sem->admission_disable_waitlist && $sem->admission_disable_waitlist_move) {
         $this->to_waitlist_actions = true;
     }
 }

コード例 #21

ファイル: statusgruppen.php プロジェクト: ratbird/hope

 /**
  * Displays the statusgruppen of a user.
  *
  * @param mixed $verify_action Optional name of an action to be verified
  * @param mixed $verify_id     Optional id that belongs to the action to
  *                             be verified
  */
 public function index_action($verify_action = null, $verify_id = null)
 {
     $all_rights = false;
     if ($this->user->username != $GLOBALS['user']->username) {
         $query = "SELECT Institut_id\n                      FROM Institute\n                      WHERE fakultaets_id = ? AND fakultaets_id != Institut_id\n                      ORDER BY Name";
         $inner_statement = DBManager::get()->prepare($query);
         $parameters = array();
         if ($GLOBALS['perm']->have_perm('root')) {
             $all_rights = true;
             $query = "SELECT Institut_id, Name, 1 AS is_fak\n                          FROM Institute\n                          WHERE Institut_id = fakultaets_id\n                          ORDER BY Name";
         } elseif ($GLOBALS['perm']->have_perm('admin')) {
             $query = "SELECT Institut_id, Name, b.Institut_id = b.fakultaets_id AS is_fak\n                          FROM user_inst AS a\n                          LEFT JOIN Institute AS b USING (Institut_id)\n                          WHERE a.user_id = ? AND a.inst_perms = 'admin'\n                          ORDER BY is_fak, Name";
             $parameters[] = $GLOBALS['user']->id;
         } else {
             $query = "SELECT a.Institut_id, Name\n                          FROM user_inst AS a\n                          LEFT JOIN Institute AS b USING (Institut_id)\n                          WHERE inst_perms IN ('tutor', 'dozent') AND user_id = ?\n                          ORDER BY Name";
             $parameters[] = $GLOBALS['user']->id;
         }
         $statement = DBManager::get()->prepare($query);
         $statement->execute($parameters);
         $institutes = $statement->fetchAll(PDO::FETCH_ASSOC);
         $admin_insts = array();
         foreach ($institutes as $institute) {
             $institute['groups'] = GetAllStatusgruppen($institute['Institut_id']) ?: array();
             if ($institute['is_fak']) {
                 $stmt = DBManager::get()->prepare("SELECT Institut_id, Name FROM Institute WHERE fakultaets_id = ? AND Institut_id != fakultaets_id ORDER BY Name");
                 $stmt->execute(array($institute['Institut_id']));
                 $institute['sub'] = $stmt->fetchGrouped(PDO::FETCH_ASSOC);
                 foreach ($institute['sub'] as $id => $sub) {
                     $sub['groups'] = GetAllStatusgruppen($id) ?: array();
                     $institute['sub'][$id] = $sub;
                 }
             }
             $admin_insts[] = $institute;
         }
     } else {
         $all_rights = true;
     }
     // get the roles the user is in
     $institutes = array();
     foreach ($this->about->user_inst as $inst_id => $details) {
         if ($details['inst_perms'] != 'user') {
             $institutes[$inst_id] = $details;
             $roles = GetAllStatusgruppen($inst_id, $this->user->user_id, true);
             $institutes[$inst_id]['roles'] = $roles ?: array();
             $institutes[$inst_id]['flattened'] = array_filter(Statusgruppe::getFlattenedRoles($roles), function ($role) {
                 return $role['user_there'];
             });
             $user_id = $this->user->user_id;
             $datafields = array();
             foreach ($institutes[$inst_id]['flattened'] as $role_id => $role) {
                 $datafields[$role_id] = DataFieldEntry::getDataFieldEntries(array($this->user->user_id, $role_id)) ?: array();
             }
             $institutes[$inst_id]['datafields'] = $datafields;
         }
     }
     // template for tree-view of roles, layout for infobox-location and content-variables
     $this->open = $_SESSION['edit_about_data']['open'];
     // the ids of the currently opened statusgroups
     $this->institutes = $institutes;
     $this->verify_action = $verify_action;
     $this->verify_id = $verify_id;
     // data for edit_about_add_person_to_role
     $this->admin_insts = $admin_insts;
     $this->locked = !$this->shallChange('', 'institute_data');
     if ($this->locked) {
         $message = LockRules::getObjectRule($this->user->user_id)->description;
         if ($message) {
             $this->reportInfo($message);
         }
     }
 }

コード例 #22

ファイル: edit.php プロジェクト: ratbird/hope

echo $entry->getID();
?>
">
                    <?php 
echo htmlReady($entry->getName());
?>
:
                </label>
            <? if (!$entry->isVisible($user['perms'])): ?>
                <?php 
echo tooltipIcon(_('Systemfeld (für die Person selbst nicht sichtbar)'), true);
?>
            <? endif; ?>
            </td>
            <td colspan="2">
            <? if ($entry->isEditable() && !LockRules::Check($user['user_id'], $entry->getId())) : ?>
                <?php 
echo $entry->getHTML("datafields");
?>
            <? else : ?>
                <?php 
echo $entry->getDisplayValue();
?>
            <? endif ?>
        </td>
    </tr>
    <? endif ?>
<? endforeach ?>
</tbody>
<? endif ?>
<tbody>

コード例 #23

ファイル: index.php プロジェクト: ratbird/hope

            <input type="text" size="80" <?php 
echo LockRules::Check($institute->id, 'email') ? 'readonly disabled' : '';
?>
 id="email" name="email"
                   value="<?php 
echo htmlReady(Request::get('email', $institute->email));
?>
">
        </label>

        <label>
            <?php 
echo _('Homepage');
?>
            <input type="text" size="80" <?php 
echo LockRules::Check($institute->id, 'url') ? 'readonly disabled' : '';
?>
 id="home" name="home"
                   value="<?php 
echo htmlReady(Request::get('home', $institute->url));
?>
">
        </label>

    <? if (get_config('LITERATURE_ENABLE') && $institute->is_fak): // choose preferred lit plugin ?>
        <label>
            <?php 
echo _('Bevorzugter Bibliothekskatalog');
?>
            <select id="lit_plugin_name" name="lit_plugin_name">
            <? foreach (StudipLitSearch::GetAvailablePlugins() as $name => $title): ?>

コード例 #24

ファイル: Seminar.class.php プロジェクト: ratbird/hope

 /**
  * returns array with information about enrolment to this course for given user_id
  * ['enrolment_allowed'] : true or false
  * ['cause']: keyword to describe the cause
  * ['description'] : readable description of the cause
  *
  * @param string $user_id
  * @return array
  */
 public function getEnrolmentInfo($user_id)
 {
     $info = array();
     $user = User::find($user_id);
     if ($this->read_level == 0 && get_config('ENABLE_FREE_ACCESS') && !$GLOBALS['perm']->get_studip_perm($this->getId(), $user_id)) {
         $info['enrolment_allowed'] = true;
         $info['cause'] = 'free_access';
         $info['description'] = _("Für die Veranstaltung ist keine Anmeldung erforderlich.");
         return $info;
     }
     if (!$user) {
         $info['enrolment_allowed'] = false;
         $info['cause'] = 'nobody';
         $info['description'] = _("Sie sind nicht angemeldet.");
         return $info;
     }
     if ($GLOBALS['perm']->have_perm('root', $user_id)) {
         $info['enrolment_allowed'] = true;
         $info['cause'] = 'root';
         $info['description'] = _("Sie dürfen ALLES.");
         return $info;
     }
     if ($GLOBALS['perm']->have_studip_perm('admin', $this->getId(), $user_id)) {
         $info['enrolment_allowed'] = true;
         $info['cause'] = 'courseadmin';
         $info['description'] = _("Sie sind Administrator_in der Veranstaltung.");
         return $info;
     }
     if ($GLOBALS['perm']->have_perm('admin', $user_id)) {
         $info['enrolment_allowed'] = false;
         $info['cause'] = 'admin';
         $info['description'] = _("Als Administrator_in können Sie sich nicht für eine Veranstaltung anmelden.");
         return $info;
     }
     //Ist bereits Teilnehmer
     if ($GLOBALS['perm']->have_studip_perm('user', $this->getId(), $user_id)) {
         $info['enrolment_allowed'] = true;
         $info['cause'] = 'member';
         $info['description'] = _("Sie sind für die Veranstaltung angemeldet.");
         return $info;
     }
     $admission_status = $user->admission_applications->findBy('seminar_id', $this->getId())->val('status');
     if ($admission_status == 'accepted') {
         $info['enrolment_allowed'] = false;
         $info['cause'] = 'accepted';
         $info['description'] = _("Sie wurden für diese Veranstaltung vorläufig akzeptiert.");
         return $info;
     }
     if ($admission_status == 'awaiting') {
         $info['enrolment_allowed'] = false;
         $info['cause'] = 'awaiting';
         $info['description'] = _("Sie stehen auf der Warteliste für diese Veranstaltung.");
         return $info;
     }
     if ($GLOBALS['perm']->get_perm($user_id) == 'user') {
         $info['enrolment_allowed'] = false;
         $info['cause'] = 'user';
         $info['description'] = _("Sie haben nicht die erforderliche Berechtigung sich für eine Veranstaltung anzumelden.");
         return $info;
     }
     //falsche Nutzerdomäne
     $same_domain = true;
     $user_domains = UserDomain::getUserDomainsForUser($user_id);
     if (count($user_domains) > 0) {
         $seminar_domains = UserDomain::getUserDomainsForSeminar($this->getId());
         $same_domain = count(array_intersect($seminar_domains, $user_domains)) > 0;
     }
     if (!$same_domain && !$this->isStudygroup()) {
         $info['enrolment_allowed'] = false;
         $info['cause'] = 'domain';
         $info['description'] = _("Sie sind nicht in einer zugelassenenen Nutzerdomäne, Sie können sich nicht eintragen!");
         return $info;
     }
     //Teilnehmerverwaltung mit Sperregel belegt
     if (LockRules::Check($this->getId(), 'participants')) {
         $info['enrolment_allowed'] = false;
         $info['cause'] = 'locked';
         $lockdata = LockRules::getObjectRule($this->getId());
         $info['description'] = _("In diese Veranstaltung können Sie sich nicht eintragen!") . ($lockdata['description'] ? '<br>' . formatLinks($lockdata['description']) : '');
         return $info;
     }
     //Veranstaltung unsichtbar für aktuellen Nutzer
     if (!$this->visible && !$this->isStudygroup() && !$GLOBALS['perm']->have_perm(get_config('SEM_VISIBILITY_PERM'), $user_id)) {
         $info['enrolment_allowed'] = false;
         $info['cause'] = 'invisible';
         $info['description'] = _("Die Veranstaltung ist gesperrt, Sie können sich nicht eintragen!");
         return $info;
     }
     if ($courseset = $this->getCourseSet()) {
         $info['enrolment_allowed'] = true;
         $info['cause'] = 'courseset';
         $info['description'] = _("Die Anmeldung zu dieser Veranstaltung folgt speziellen Regeln. Lesen Sie den Hinweistext.");
         $user_prio = AdmissionPriority::getPrioritiesByUser($courseset->getId(), $user_id);
         if (isset($user_prio[$this->getId()])) {
             $info['description'] .= ' ' . sprintf(_("(Sie stehen auf der Anmeldeliste für die automatische Platzverteilung mit der Priorität %s.)"), $user_prio[$this->getId()]);
         }
         return $info;
     }
     $info['enrolment_allowed'] = true;
     $info['cause'] = 'normal';
     $info['description'] = '';
     return $info;
 }

コード例 #25

ファイル: ProfileNavigation.php プロジェクト: ratbird/hope

 /**
  * Initialize the subnavigation of this item. This method
  * is called once before the first item is added or removed.
  */
 public function initSubNavigation()
 {
     global $user, $perm;
     parent::initSubNavigation();
     $username = Request::username('username', $user->username);
     $current_user = $username == $user->username ? $user : User::findByUsername($username);
     // profile
     $navigation = new Navigation(_('Profil'), 'dispatch.php/profile/index');
     $this->addSubNavigation('index', $navigation);
     if ($perm->have_profile_perm('user', $current_user->user_id)) {
         // avatar
         $navigation = new Navigation(_('Bild'), 'dispatch.php/settings/avatar');
         $this->addSubNavigation('avatar', $navigation);
         // profile data
         $navigation = new Navigation(_('Nutzerdaten'));
         $navigation->addSubNavigation('profile', new Navigation(_('Grunddaten'), 'dispatch.php/settings/account'));
         if (($perm->get_profile_perm($current_user->user_id) == 'user' || $perm->have_perm('root') && Config::get()->ALLOW_ADMIN_USERACCESS) && !StudipAuthAbstract::CheckField('auth_user_md5.password', $current_user->auth_plugin) && !LockRules::check($current_user->user_id, 'password')) {
             $navigation->addSubNavigation('password', new Navigation(_('Passwort ändern'), 'dispatch.php/settings/password'));
         }
         $navigation->addSubNavigation('details', new Navigation(_('Weitere Daten'), 'dispatch.php/settings/details'));
         if (!in_array($current_user->perms, words('user admin root'))) {
             $navigation->addSubNavigation('studies', new Navigation(_('Studiendaten'), 'dispatch.php/settings/studies'));
         }
         if ($current_user->perms != 'root') {
             if (count(UserDomain::getUserDomains())) {
                 $navigation->addSubNavigation('userdomains', new Navigation(_('Nutzerdomänen'), 'dispatch.php/settings/userdomains'));
             }
             if ($perm->is_staff_member($current_user->user_id)) {
                 $navigation->addSubNavigation('statusgruppen', new Navigation(_('Einrichtungsdaten'), 'dispatch.php/settings/statusgruppen'));
             }
         }
         $this->addSubNavigation('edit', $navigation);
         if ($perm->have_perm('autor')) {
             $navigation = new Navigation(_('Einstellungen'));
             $navigation->addSubNavigation('general', new Navigation(_('Allgemeines'), 'dispatch.php/settings/general'));
             $navigation->addSubNavigation('privacy', new Navigation(_('Privatsphäre'), 'dispatch.php/settings/privacy'));
             $navigation->addSubNavigation('messaging', new Navigation(_('Nachrichten'), 'dispatch.php/settings/messaging'));
             if (get_config('CALENDAR_ENABLE')) {
                 $navigation->addSubNavigation('calendar_new', new Navigation(_('Terminkalender'), 'dispatch.php/settings/calendar'));
             }
             if (!$perm->have_perm('admin') and get_config('MAIL_NOTIFICATION_ENABLE')) {
                 $navigation->addSubNavigation('notification', new Navigation(_('Benachrichtigung'), 'dispatch.php/settings/notification'));
             }
             if (isDefaultDeputyActivated() && $perm->get_perm() == 'dozent') {
                 $navigation->addSubNavigation('deputies', new Navigation(_('Standardvertretung'), 'dispatch.php/settings/deputies'));
             }
             if (Config::Get()->API_ENABLED) {
                 $navigation->addSubNavigation('api', new Navigation(_('API-Berechtigungen'), 'dispatch.php/api/authorizations'));
             }
             $this->addSubNavigation('settings', $navigation);
         }
         // user defined sections
         $navigation = new Navigation(_('Kategorien'), 'dispatch.php/settings/categories');
         $this->addSubNavigation('categories', $navigation);
     }
     // user documents page
     if (Config::get()->PERSONALDOCUMENT_ENABLE && ($perm->have_profile_perm('user', $current_user->user_id) || Config::get()->PERSONALDOCUMENT_OPEN_ACCESS)) {
         $title = _('Meine Dateien');
         if (Config::get()->PERSONALDOCUMENT_OPEN_ACCESS && $current_user->id !== $user->id) {
             $title = _('Dateibereich');
         }
         $navigation = new Navigation($title, 'dispatch.php/document/files');
         $this->addSubNavigation('files', $navigation);
     }
 }

コード例 #26

ファイル: adminSearchForm.php プロジェクト: anantace/Kursadministration

                case "admin_visibility.php":
                    if ($perm->have_perm("admin") || (get_config('ALLOW_DOZENT_VISIBILITY') && $perm->have_perm('dozent'))) {
                        if(!LockRules::check($seminar_id, 'seminar_visibility')){
                            ?>
                            <input type="hidden" name="all_sem[]" value="<? echo $seminar_id ?>">
                            <input type="CHECKBOX" name="visibility_sem[<? echo $seminar_id ?>]" <? if (!Request::get('select_none') && (Request::get('select_all') || $result['visible'])) echo ' checked'; ?>>
                            <?
                        } else {
                            echo $result['visible'] ? _("sichtbar") : _("versteckt");
                        }
                    }
                    break;
                case "archiv_assi.php":
                    if ($perm->have_perm("admin") || (get_config('ALLOW_DOZENT_ARCHIV') && $perm->have_perm('dozent'))) {
                        if(!LockRules::check($seminar_id, 'seminar_visibility')){
                            ?>
                            <input type="hidden" name="archiv_sem[]" value="_id_<? echo $seminar_id ?>">
                            <input type="CHECKBOX" name="archiv_sem[]" <? if (Request::get('select_all')) echo ' checked'; ?>>
                            <?
                        } else {
                            echo "&nbsp;";
                        }
                    }
                    break;
                case "dispatch.php":
                    if ($this instanceof Course_StudyAreasController){
                        echo _("Studienbereiche") . '<br>',
                            LinkButton::create(_("Bearbeiten"), $this->url_for('course/study_areas/show/' . $seminar_id));
                    } elseif ($this instanceof Course_BasicdataController){
                        echo _("Veranstaltung") . '<br>',

コード例 #27

ファイル: roles.php プロジェクト: ratbird/hope

        <? if ($role['role']->hasFolder()) :
            echo Icon::create('files', 'clickable')->asImg();
        endif; ?>

        &nbsp;
    </td>
</tr>
<?

    // if the current $role has followers, we need to display a straight line later
    $new_followers = $followers;
    $new_followers[$indent] = (sizeof($roles) > $pos);

    // if we have opened an entry, we show edit fields
    if ($open == $id) :
        $partial = LockRules::Check($range_id, 'groups') ?
                   'statusgruppen/role_administration_locked.php' :
                   'statusgruppen/role_administration.php';
        echo $this->render_partial($partial,
            array('indent' => $indent, 'followers' => $new_followers,
                'persons' => getPersonsForRole($id), 'role_id' => $id, 'editRole' => ($editRole == $id), 'role' => $role['role'],
                'role_size' => sizeof($roles), 'role_pos' => $pos, 'has_child' => ($role['child']) ? true : false, 'all_roles' => $all_roles)
        );
    endif;

    // if we have childs, we display them with the same template and some indention
    if($role['child']) {
        echo $this->render_partial('statusgruppen/roles.php',
            array('indent' => $indent + 1, 'roles' => $role['child'], 'followers' => $new_followers, 'all_roles' => $all_roles));
    }

コード例 #28

ファイル: wizard.php プロジェクト: ratbird/hope

 /**
  * Copy an existing course.
  */
 public function copy_action($id)
 {
     if (!$GLOBALS['perm']->have_studip_perm('dozent', $id) || LockRules::Check($id, 'seminar_copy')) {
         throw new AccessDeniedException(_("Sie dürfen diese Veranstaltung nicht kopieren"));
     }
     $course = Course::find($id);
     $values = array();
     for ($i = 0; $i < sizeof($this->steps); $i++) {
         $step = $this->getStep($i);
         $values = $step->copy($course, $values);
     }
     $values['source_id'] = $course->id;
     $this->initialize();
     $_SESSION['coursewizard'][$this->temp_id] = $values;
     $this->redirect($this->url_for('course/wizard/step/0/' . $this->temp_id, array('cid' => '')));
 }

コード例 #29

ファイル: infobox.php プロジェクト: ratbird/hope

            <?php 
echo Icon::create('info', 'info')->asImg();
?>
        </td>
        <td width="99%" align="left">
            <a href="<?php 
echo $help_url = format_help_url("Basis.EinrichtungenVerwaltenGruppen");
?>
" target="_blank">
                <?php 
echo _("Bedienungshinweise in der Hilfe");
?>
            </a>
        </td>
      </tr>
      <? if (!LockRules::Check($range_id, 'groups')) :?>
      <tr>
          <td align="center" width="1%" valign="top">
            <?php 
echo Icon::create('community+add', 'info')->asImg();
?>
          </td>
          <td width="99%" align="left">

                <a href="<?php 
echo URLHelper::getLink('?cmd=newRole&range_id=' . $range_id);
?>
"><?php 
echo _("neue Gruppe anlegen");
?>
</a>

コード例 #30

ファイル: details.php プロジェクト: ratbird/hope

">
                <? endif ?>
                    <?php 
echo htmlReady($entry->getName());
?>
                <? if ($entry->isEditable() && !LockRules::check($user->user_id, $entry->getId()) && $entry->numberOfHTMLFields() == 1) : ?>
                    </label>
                <? endif ?>
                <? if (!$entry->isVisible($user->perms)): ?>
                    <?php 
echo tooltipIcon(_('Systemfeld (für die Person selbst nicht sichtbar)'), true);
?>
                <? endif; ?>
                </td>
                <td colspan="2">
                <? if ($entry->isEditable() && !LockRules::check($user->user_id, $entry->getId())): ?>
                    <?php 
echo $entry->getHTML('datafields');
?>
                <? else: ?>
                    <?php 
echo formatReady($entry->getDisplayValue(false));
?>
<br>
                    <hr style="background: #888; border: 0; color: #888; height: 1px; ">
                    <?php 
echo _('(Das Feld ist für die Bearbeitung gesperrt und kann ' . 'nur durch einen Administrator verändert werden.)');
?>
                <? endif; ?>
                </td>
            </tr>