예제 #1
0
 function do_updateGroups()
 {
     $old_search = KTUtil::arrayGet($_REQUEST, 'old_search');
     $user_id = KTUtil::arrayGet($_REQUEST, 'user_id');
     $oUser = User::get($user_id);
     if (PEAR::isError($oUser) || $oUser === false) {
         $this->errorRedirectToMain(_kt('Please select a user first.'), sprintf("old_search=%s&do_search=1", $old_search));
     }
     $groupAdded = KTUtil::arrayGet($_REQUEST, 'groups_items_added', '');
     $groupRemoved = KTUtil::arrayGet($_REQUEST, 'groups_items_removed', '');
     $aGroupToAddIDs = explode(",", $groupAdded);
     $aGroupToRemoveIDs = explode(",", $groupRemoved);
     // FIXME we need to ensure that only groups which are allocatable by the admin are added here.
     // FIXME what groups are _allocatable_?
     $this->startTransaction();
     $groupsAdded = array();
     $groupsRemoved = array();
     $addWarnings = array();
     $removeWarnings = array();
     foreach ($aGroupToAddIDs as $iGroupID) {
         if ($iGroupID > 0) {
             $oGroup = Group::get($iGroupID);
             $memberReason = GroupUtil::getMembershipReason($oUser, $oGroup);
             //var_dump($memberReason);
             if (!(PEAR::isError($memberReason) || is_null($memberReason))) {
                 $addWarnings[] = $memberReason;
             }
             $res = $oGroup->addMember($oUser);
             if (PEAR::isError($res) || $res == false) {
                 $this->errorRedirectToMain(sprintf(_kt('Unable to add user to group "%s"'), $oGroup->getName()), sprintf("old_search=%s&do_search=1", $old_search));
             } else {
                 $groupsAdded[] = $oGroup->getName();
             }
         }
     }
     // Remove groups
     foreach ($aGroupToRemoveIDs as $iGroupID) {
         if ($iGroupID > 0) {
             $oGroup = Group::get($iGroupID);
             $res = $oGroup->removeMember($oUser);
             if (PEAR::isError($res) || $res == false) {
                 $this->errorRedirectToMain(sprintf(_kt('Unable to remove user from group "%s"'), $oGroup->getName()), sprintf("old_search=%s&do_search=1", $old_search));
             } else {
                 $groupsRemoved[] = $oGroup->getName();
                 $memberReason = GroupUtil::getMembershipReason($oUser, $oGroup);
                 //var_dump($memberReason);
                 if (!(PEAR::isError($memberReason) || is_null($memberReason))) {
                     $removeWarnings[] = $memberReason;
                 }
             }
         }
     }
     if (!empty($addWarnings)) {
         $sWarnStr = _kt('Warning:  the user was already a member of some subgroups') . ' — ';
         $sWarnStr .= implode(', ', $addWarnings);
         $_SESSION['KTInfoMessage'][] = $sWarnStr;
     }
     if (!empty($removeWarnings)) {
         $sWarnStr = _kt('Warning:  the user is still a member of some subgroups') . ' — ';
         $sWarnStr .= implode(', ', $removeWarnings);
         $_SESSION['KTInfoMessage'][] = $sWarnStr;
     }
     $msg = '';
     if (!empty($groupsAdded)) {
         $msg .= ' ' . _kt('Added to groups') . ': ' . implode(', ', $groupsAdded) . '.';
     }
     if (!empty($groupsRemoved)) {
         $msg .= ' ' . _kt('Removed from groups') . ': ' . implode(', ', $groupsRemoved) . '.';
     }
     if (!Permission::userIsSystemAdministrator($_SESSION['userID'])) {
         $this->rollbackTransaction();
         $this->errorRedirectTo('editgroups', _kt('For security purposes, you cannot remove your own administration priviledges.'), sprintf('user_id=%d&do_search=1&old_search=%s', $oUser->getId(), $old_search));
         exit(0);
     }
     $this->commitTransaction();
     $this->successRedirectToMain($msg, sprintf("old_search=%s&do_search=1", $old_search));
 }
예제 #2
0
 function do_updateUserMembers()
 {
     $old_search = KTUtil::arrayGet($_REQUEST, 'old_search');
     $group_id = KTUtil::arrayGet($_REQUEST, 'group_id');
     $oGroup = Group::get($group_id);
     if (PEAR::isError($oGroup) || $oGroup === false) {
         $this->errorRedirectToMain(_kt('No such group.'));
     }
     $userAdded = KTUtil::arrayGet($_REQUEST, 'users_items_added', '');
     $userRemoved = KTUtil::arrayGet($_REQUEST, 'users_items_removed', '');
     $aUserToAddIDs = explode(",", $userAdded);
     $aUserToRemoveIDs = explode(",", $userRemoved);
     $this->startTransaction();
     $usersAdded = array();
     $usersRemoved = array();
     $addWarnings = array();
     $removeWarnings = array();
     foreach ($aUserToAddIDs as $iUserId) {
         if ($iUserId > 0) {
             $oUser = User::Get($iUserId);
             $memberReason = GroupUtil::getMembershipReason($oUser, $oGroup);
             //var_dump($memberReason);
             if (!(PEAR::isError($memberReason) || is_null($memberReason))) {
                 $addWarnings[] = $memberReason;
             }
             $res = $oGroup->addMember($oUser);
             if (PEAR::isError($res) || $res == false) {
                 $this->errorRedirectToMain(sprintf(_kt('Unable to add user "%s" to group "%s"'), $oUser->getName(), $oGroup->getName()), sprintf("old_search=%s&do_search=1", $old_search));
             } else {
                 $usersAdded[] = $oUser->getName();
             }
         }
     }
     // Remove groups
     foreach ($aUserToRemoveIDs as $iUserId) {
         if ($iUserId > 0) {
             $oUser = User::get($iUserId);
             $res = $oGroup->removeMember($oUser);
             if (PEAR::isError($res) || $res == false) {
                 $this->errorRedirectToMain(sprintf(_kt('Unable to remove user "%s" from group "%s"'), $oUser->getName(), $oGroup->getName()), sprintf("old_search=%s&do_search=1", $old_search));
             } else {
                 $usersRemoved[] = $oUser->getName();
                 $memberReason = GroupUtil::getMembershipReason($oUser, $oGroup);
                 //var_dump($memberReason);
                 if (!(PEAR::isError($memberReason) || is_null($memberReason))) {
                     $removeWarnings[] = $memberReason;
                 }
             }
         }
     }
     if (!empty($addWarnings)) {
         $sWarnStr = _kt('Warning:  some users were already members of some subgroups') . ' — ';
         $sWarnStr .= implode(', ', $addWarnings);
         $_SESSION['KTInfoMessage'][] = $sWarnStr;
     }
     if (!empty($removeWarnings)) {
         $sWarnStr = _kt('Warning:  some users are still members of some subgroups') . ' — ';
         $sWarnStr .= implode(', ', $removeWarnings);
         $_SESSION['KTInfoMessage'][] = $sWarnStr;
     }
     $msg = '';
     if (!empty($usersAdded)) {
         $msg .= ' ' . _kt('Added') . ': ' . implode(', ', $usersAdded) . '. ';
     }
     if (!empty($usersRemoved)) {
         $msg .= ' ' . _kt('Removed') . ': ' . implode(', ', $usersRemoved) . '.';
     }
     if (!Permission::userIsSystemAdministrator($_SESSION['userID'])) {
         $this->rollbackTransaction();
         $this->errorRedirectTo('manageUsers', _kt('For security purposes, you cannot remove your own administration priviledges.'), sprintf('group_id=%d', $oGroup->getId()), sprintf("old_search=%s&do_search=1", $old_search));
         exit(0);
     }
     $this->commitTransaction();
     $this->successRedirectToMain($msg, sprintf("old_search=%s&do_search=1", $old_search));
 }
예제 #3
0
 function hasMember($oUser)
 {
     $oPD = $this->getPermissionDescriptor();
     if (PEAR::isError($oPD) || $oPD == false) {
         return false;
     }
     $aAllowed = $oPD->getAllowed();
     $iUserId = $oUser->getId();
     if ($aAllowed['user'] != null) {
         if (array_search($iUserId, $aAllowed['user']) !== false) {
             return true;
         }
     }
     // now we need the group objects.
     // FIXME this could accelerated to a single SQL query on group_user_link.
     $aGroups = $this->getGroups();
     if (PEAR::isError($aGroups) || $aGroups == false) {
         return false;
     } else {
         foreach ($aGroups as $oGroup) {
             $reason = GroupUtil::getMembershipReason($oUser, $oGroup);
             if (PEAR::isError($reason) || is_null($reason)) {
                 continue;
             }
             return true;
             // don't bother continuing - short-circuit for performance.
         }
     }
     return false;
 }
 function allowTransition($oDocument, $oUser)
 {
     if (!$this->isLoaded()) {
         return true;
     }
     $iGroupId = $this->aConfig['group_id'];
     $oGroup = Group::get($this->aConfig['group_id']);
     if (PEAR::isError($oGroup)) {
         return true;
         // fail safe for cases where the role is deleted.
     }
     $res = GroupUtil::getMembershipReason($oUser, $oGroup);
     if (PEAR::isError($res) || empty($res)) {
         // broken setup, or no reason
         return false;
     } else {
         return true;
     }
 }