function institutionusers_submit(Pieform $form, $values) { global $SESSION, $USER; $inst = $values['institution']; $url = '/admin/users/institutionusers.php?usertype=' . $values['usertype'] . (isset($values['lastinstitution']) ? '&lastinstitution=' . $values['lastinstitution'] : '') . '&institution=' . $inst; if (empty($inst) || !$USER->can_edit_institution($inst)) { $SESSION->add_error_msg(get_string('notadminforinstitution', 'admin')); redirect($url); } $dataerror = false; if (!in_array($values['usertype'], array('requesters', 'members', 'lastinstitution', 'nonmembers', 'invited')) || !is_array($values['users'])) { $dataerror = true; } else { foreach ($values['users'] as $id) { if (!is_numeric($id)) { $dataerror = true; break; } } } if ($dataerror) { $SESSION->add_error_msg(get_string('errorupdatinginstitutionusers', 'admin')); redirect($url); } else { if (empty($values['users'])) { $SESSION->add_ok_msg(get_string('nousersupdated', 'admin')); redirect($url); } } if ($values['usertype'] == 'members') { $action = 'removeMembers'; } else { if ($values['usertype'] == 'requesters') { $action = !empty($values['reject']) ? 'declineRequestFromUser' : 'addUserAsMember'; } else { if ($values['usertype'] == 'nonmembers') { $action = !empty($values['add']) && $USER->get('admin') ? 'addUserAsMember' : 'inviteUser'; } else { if ($values['usertype'] == 'lastinstitution') { $action = !empty($values['add']) && $USER->get('admin') ? 'addUserAsMember' : 'inviteUser'; } else { $action = 'uninvite_users'; } } } } $institution = new Institution($values['institution']); $maxusers = $institution->maxuseraccounts; if (!empty($maxusers)) { $members = $institution->countMembers(); if ($action == 'addUserAsMember' && $members + count($values['users']) > $maxusers) { $SESSION->add_error_msg(get_string('institutionuserserrortoomanyusers', 'admin')); redirect($url); } if ($action == 'inviteUser' && $members + $institution->countInvites() + count($values['users']) > $maxusers) { $SESSION->add_error_msg(get_string('institutionuserserrortoomanyinvites', 'admin')); redirect($url); } } if ($action == 'removeMembers') { $institution->removeMembers($values['users']); } else { if ($action == 'addUserAsMember') { $institution->add_members($values['users']); } else { if ($action == 'inviteUser') { $institution->invite_users($values['users']); } else { if ($action == 'declineRequestFromUser') { $institution->decline_requests($values['users']); } else { if ($action == 'uninvite_users') { $institution->uninvite_users($values['users']); } } } } } $SESSION->add_ok_msg(get_string('institutionusersupdated_' . $action, 'admin')); if (!$USER->get('admin') && !$USER->is_institutional_admin()) { redirect(get_config('wwwroot')); } redirect($url); }
/** * Add one or more members to an institution * * @param string $institution * @param array $users */ public static function add_members($institution, $users) { global $USER, $WEBSERVICE_INSTITUTION; self::check_oauth(); $params = array('institution' => $institution, 'users' => $users); $params = self::validate_parameters(self::add_members_parameters(), $params); if (!$USER->get('admin') && !$USER->is_institutional_admin()) { throw new AccessDeniedException("Institution::add_members | " . get_string('accessdenied', 'auth.webservice')); } // check the institution is allowed if (!$USER->can_edit_institution($params['institution'])) { throw new WebserviceInvalidParameterException('add_members | ' . get_string('accessdeniedforinst', 'auth.webservice', $params['institution'])); } db_begin(); $userids = array(); foreach ($params['users'] as $user) { $dbuser = self::checkuser($user); // Make sure auth is valid if (!($authinstance = get_record('auth_instance', 'id', $dbuser->authinstance))) { throw new WebserviceInvalidParameterException(get_string('invalidauthtype', 'auth.webservice', $dbuser->authinstance)); } // check the institution is allowed // basic check authorisation to edit for the current institution if (!$USER->can_edit_institution($authinstance->institution)) { throw new WebserviceInvalidParameterException('add_members | ' . get_string('accessdeniedforinstuser', 'auth.webservice', $authinstance->institution, $dbuser->id)); } $userids[] = $dbuser->id; } $institution = new Institution($params['institution']); $maxusers = $institution->maxuseraccounts; if (!empty($maxusers)) { $members = $institution->countMembers(); if ($members + count($userids) > $maxusers) { throw new AccessDeniedException("Institution::add_members | " . get_string('institutionuserserrortoomanyinvites', 'admin')); } } $institution->add_members($userids); db_commit(); return null; }