public static function afterPurchaseEnroll($items, $idUser)
{
$isAdmin = GroupController::adminCheck($idUser);
foreach ($items as $key => $item) {
$sale = Price::find($item->id);
if (is_null($sale->length)) {
$end_at = Null;
} else {
$date = strtotime("+" . $sale->length . " day");
$end_at = date('Y-m-d H:i:s', $date);
}
if (!$isAdmin) {
self::enroll($item->course_id, $idUser, $end_at);
} else {
ManagerController::addToBin($item->id, $item->qty, $idUser, $end_at);
}
}
}
}
} else {
if ($_GET[KEY_PATH] == "manager") {
include CONTROLLER_PATH . "manager.php";
// path = manager
if ($_GET[KEY_TARGET] == "noticeboard") {
ManagerController::noticeboard();
} else {
if ($_GET[KEY_TARGET] == "loginrecord") {
ManagerController::loginrecord();
} else {
if ($_GET[KEY_TARGET] == "permission") {
ManagerController::permission();
} else {
if ($_GET[KEY_TARGET] == "googleanalytics") {
ManagerController::googleAnalytics();
}
}
}
}
} else {
if ($_GET[KEY_PATH] == "help") {
include CONTROLLER_PATH . "help.php";
HelpController::show();
} else {
if ($_GET[KEY_PATH] == "search") {
include CONTROLLER_PATH . "search.php";
SearchController::index();
}
}
}
/**
* @api {post} /groups/:id/users/:id/remove Remove User from Group
* @apiName Delete from Group by Admin
* @apiGroup Group
* @apiDescription Remove user from Group by group Admin or Owner.<br>
* <ul>
* <li>Only Owner can remove Admin.</li>
* <li>Owner cannot remove owner(himself). Owner has to use leave group function.</li>
* <li>Admin cannot be removed if he has content in his bin.</li>
* </ul>
* <p>Upcoming features: If remove user from company group? If user is owner of child group?</p>
* @apiHeader (Header) {String} X_Authorization Authorization value.
* @apiParam (url Parameter) {Number} idGroup Group unique ID.
* @apiParam (url Parameter) {Number} id Users unique ID. The operator's id, usually the admin of the group.
* @apiParam {Number} idUser User's unique ID. The change will apply to this user.
*
* @apiError 400 Input Invalid. This will happen if the param is missing or not the valid format.
* @apiError 404 Not found. This will happen if the role id/user id/group id is not in our system.
* @apiError 401 Not authorized. This will happen if the header value is not attached.
* @apiError 403 permission denied. The operater does not have right to make changes.
* @apiError 412 Precondition. There is unassigned content in your bin. The content in your bin must be assigned, or transferred to another manager user within the Company group, before you can leave the group.
*/
public static function removeUser($idGroup, $idUser)
{
$app = \Slim\Slim::getInstance();
$request = $app->request->post();
$validata = $app->validata;
$validator = $validata::key('idUser', $validata::digit()->notEmpty());
if (!$validator->validate($request)) {
$app->halt("400", json_encode("Input Invalid"));
}
$role = self::getRole($idGroup, $idUser);
if ($role->id < 3) {
$app->halt("403", json_encode("permission denied"));
}
if (!self::isMember($idGroup, $request['idUser'])) {
$app->halt("403", json_encode("user not enrolled yet"));
}
$user_role = self::getRole($idGroup, $request['idUser']);
if ($user_role->id >= 3 && $role->id != 3) {
$app->halt("403", json_encode("permission denied"));
}
if ($user_role->id == 3) {
//outside user cannot remove owner
$app->halt("403", json_encode("permission denied"));
}
if ($user_role->id >= 3) {
$contents = ManagerController::getBin($request['idUser']);
if (count($contents) > 0) {
$app->halt("412", json_encode("You have unassigned contents."));
}
}
Group::find($idGroup)->members()->detach($request['idUser']);
}
