$image_path = UserManager::get_user_picture_path_by_id($user_id, 'web'); $image_dir = $image_path['dir']; $image = $image_path['file']; $image_file = $image != '' ? $image_dir . $image : api_get_path(WEB_IMG_PATH) . 'unknown.jpg'; $image_size = api_getimagesize($image_file); // get the path,width and height from original picture $big_image = $image_dir . 'big_' . $image; $big_image_size = api_getimagesize($big_image); $big_image_width = $big_image_size['width']; $big_image_height = $big_image_size['height']; $url_big_image = $big_image . '?rnd=' . time(); // Display form $content = $form->return_form(); $em = Container::getEntityManager(); $request = Container::getRequest(); $user = new User(); if (!empty($user_id)) { $user = $em->getRepository('ChamiloUserBundle:User')->find($user_id); } $builder = Container::getFormFactory()->createBuilder(new UserType(Container::getSecurity()), $user); $form = $builder->getForm(); $form->handleRequest($request); if ($form->isValid()) { $em->flush(); Container::addFlash(get_lang('Updated')); $url = Container::getRouter()->generate('main', array('name' => 'admin/user_list.php')); header('Location: ' . $url); exit; } $urlAction = api_get_self() . '?user_id=' . $user_id; echo Container::getTemplate()->render('ChamiloCoreBundle:User:create.html.twig', array('form' => $form->createView(), 'url' => $urlAction));
/** * Checks whether the user given as user id is in the admin table. * @param int User ID. If none provided, will use current user * @param int URL ID. If provided, also check if the user is active on given URL * @result bool True if the user is admin, false otherwise */ function api_is_platform_admin_by_id($user_id = null, $url = null) { $user_id = intval($user_id); if (!Container::getSecurity()->isGranted('IS_AUTHENTICATED_FULLY')) { return false; } if (empty($user_id)) { $user = Container::getSecurity()->getToken()->getUser(); } else { $user = Container::getEntityManager()->getRepository('ChamiloUserBundle:User')->find($user_id); } $admin = Container::getEntityManager()->getRepository('ChamiloUserBundle:Group')->findOneBy(array('name' => 'admins')); $is_admin = $user->getGroups()->contains($admin); /* $admin_table = Database::get_main_table(TABLE_MAIN_ADMIN); $sql = "SELECT * FROM $admin_table WHERE user_id = $user_id"; $res = Database::query($sql); $is_admin = Database::num_rows($res) === 1;*/ if (!$is_admin or !isset($url)) { return $is_admin; } $portal = Container::getEntityManager()->getRepository('ChamiloCoreBundle:AccessUrl')->find($url); return $user->getPortals()->contains($portal); /* // We get here only if $url is set $url = intval($url); $url_user_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); $sql = "SELCT * FROM $url_user_table WHERE access_url_id = $url AND user_id = $user_id"; $res = Database::query($sql); $is_on_url = Database::num_rows($res) === 1; return $is_on_url;*/ }
/** * Build the modify-column of the table * @param int The user id * @param string URL params to add to table links * @param array Row of elements to alter * @return string Some HTML-code with modify-buttons */ function modify_filter($user_id, $url_params, $row) { global $delete_user_available; $userId = api_get_user_id(); $is_admin = $row['is_admin']; $user_is_anonymous = $row['is_anonymous']; $result = ''; if (!$user_is_anonymous) { $icon = Display::return_icon('course.png', get_lang('Courses'), array('onmouseout' => 'clear_course_list (\'div_' . $user_id . '\')')); $result .= '<a href="javascript:void(0)" onclick="load_course_list(\'div_' . $user_id . '\',' . $user_id . ')" > ' . $icon . ' <div class="blackboard_hide" id="div_' . $user_id . '"> </div> </a>'; $icon = Display::return_icon('session.png', get_lang('Sessions'), array('onmouseout' => 'clear_session_list (\'div_s_' . $user_id . '\')')); $result .= '<a href="javascript:void(0)" onclick="load_session_list(\'div_s_' . $user_id . '\',' . $user_id . ')" > ' . $icon . ' <div class="blackboard_hide" id="div_s_' . $user_id . '"> </div> </a>'; } else { $result .= Display::return_icon('course_na.png', get_lang('Courses')) . ' '; $result .= Display::return_icon('course_na.png', get_lang('Sessions')) . ' '; } if (api_is_platform_admin()) { if (!$user_is_anonymous) { $result .= '<a href="user_information.php?user_id=' . $user_id . '">' . Display::return_icon('synthese_view.gif', get_lang('Info')) . '</a> '; } else { $result .= Display::return_icon('synthese_view_na.gif', get_lang('Info')) . ' '; } } //only allow platform admins to login_as, or session admins only for // students (not teachers nor other admins), and only if all options // match to say this user has the permission to do so // $_configuration['login_as_forbidden_globally'], defined in // configuration.php, is the master key to these conditions if (Container::getSecurity()->isGranted('ROLE_GLOBAL_ADMIN')) { // everything looks good, show "login as" link if ($user_id != $userId) { $result .= '<a href="' . api_get_path(WEB_PUBLIC_PATH) . '?_switch_user='******'">' . Display::return_icon('login_as.gif', get_lang('LoginAs')) . '</a> '; } else { $result .= Display::return_icon('login_as_na.gif', get_lang('LoginAs')) . ' '; } } else { // if this user in particular can't be edited, show disabled $result .= Display::return_icon('login_as_na.gif', get_lang('LoginAs')) . ' '; } if (api_is_platform_admin(true)) { if (!$user_is_anonymous && api_global_admin_can_edit_admin($user_id, null, true)) { $result .= '<a href="user_edit.php?user_id=' . $user_id . '">' . Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a> '; } else { $result .= Display::return_icon('edit_na.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a> '; } } if ($is_admin) { $result .= Display::return_icon('admin_star.png', get_lang('IsAdministrator'), array('width' => ICON_SIZE_SMALL, 'heigth' => ICON_SIZE_SMALL)); } else { $result .= Display::return_icon('admin_star_na.png', get_lang('IsNotAdministrator')); } // actions for assigning sessions, courses or users if (api_is_session_admin()) { /*if ($row[0] == api_get_user_id()) { $result .= '<a href="dashboard_add_sessions_to_user.php?user='******'">'.Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')).'</a> '; }*/ } //var_dump($row['groups']); if (api_is_platform_admin()) { if ($row['groups']->containsKey('drh') || $is_admin) { $result .= '<a href="dashboard_add_users_to_user.php?user='******'">' . Display::return_icon('user_subscribe_course.png', get_lang('AssignUsers'), '', ICON_SIZE_SMALL) . '</a>'; $result .= '<a href="dashboard_add_courses_to_user.php?user='******'">' . Display::return_icon('course_add.gif', get_lang('AssignCourses')) . '</a> '; $result .= '<a href="dashboard_add_sessions_to_user.php?user='******'">' . Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')) . '</a> '; } else { if ($row['groups']->containsKey('session_admin')) { $result .= '<a href="dashboard_add_sessions_to_user.php?user='******'">' . Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')) . '</a> '; } } } if (api_is_platform_admin()) { $result .= ' <a href="' . api_get_path(WEB_AJAX_PATH) . 'agenda.ajax.php?a=get_user_agenda&user_id=' . $user_id . '" class="agenda_opener">' . Display::return_icon('month.png', get_lang('FreeBusyCalendar'), array(), ICON_SIZE_SMALL) . '</a>'; if ($delete_user_available) { if ($user_id != api_get_user_id() && !$user_is_anonymous && api_global_admin_can_edit_admin($user_id)) { // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore. $result .= ' <a href="user_list.php?action=delete_user&user_id=' . $user_id . '&' . $url_params . '&sec_token=' . Security::getCurrentToken() . '" onclick="javascript:if(!confirm(' . "'" . addslashes(get_lang("ConfirmYourChoice")) . "'" . ')) return false;">' . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>'; } else { $result .= Display::return_icon('delete_na.png', get_lang('Delete'), array(), ICON_SIZE_SMALL); } } } return $result; }