/**
* Display a user's details.
*/
public function index_action()
{
//add the free administrable datafields
$userEntries = DataFieldEntry::getDataFieldEntries($this->user->user_id);
$userEntries = array_filter($userEntries, function ($entry) {
return $entry->isVisible();
});
$this->locked_info = LockRules::CheckLockRulePermission($this->user->user_id) ? LockRules::getObjectRule($this->user->user_id)->description : false;
$this->is_dozent = $this->user->perms == 'dozent';
$this->user_entries = $userEntries;
$this->invalid_entries = $invalidEntries;
}
public function details_action($termin_id)
{
Navigation::activateItem('/course/schedule/dates');
$this->date = new CourseDate($termin_id);
$this->cancelled_dates_locked = LockRules::Check($this->date->range_id, 'cancelled_dates');
$this->dates_locked = LockRules::Check($this->date->range_id, 'room_time');
if (Request::isXhr()) {
$this->set_layout(null);
$this->set_content_type('text/html;Charset=windows-1252');
$this->response->add_header('X-Title', $this->date->getTypeName() . ": " . $this->date->getFullname());
}
}
function getTabNavigation($course_id)
{
#$navigation = new AutoNavigation(_('Teilnehmende'));
$navigation = new Navigation(_('Teilnehmende'));
$navigation->setImage(Icon::create('persons', 'info_alt'));
$navigation->setActiveImage(Icon::create('persons', 'info'));
$navigation->addSubNavigation('view', new Navigation(_('Teilnehmende'), 'dispatch.php/course/members'));
if (Course::find($course_id)->aux_lock_rule) {
$navigation->addSubNavigation('additional', new Navigation(_('Zusatzangaben'), 'dispatch.php/course/members/additional'));
}
$navigation->addSubNavigation('view_groups', new Navigation(_('Funktionen / Gruppen'), 'statusgruppen.php?view=statusgruppe_sem'));
if ($GLOBALS['perm']->have_studip_perm('tutor', $course_id) && !LockRules::check($course_id, 'groups')) {
$navigation->addSubNavigation('edit_groups', new Navigation(_('Funktionen / Gruppen verwalten'), 'admin_statusgruppe.php?new_sem=TRUE&range_id=' . $course_id));
}
return array('members' => $navigation);
}
/**
* change the visibility of a course
*
* @return void
*/
function change_visibility_action()
{
if ((Config::get()->ALLOW_DOZENT_VISIBILITY || $GLOBALS['perm']->have_perm('admin')) && !LockRules::Check($GLOBALS['SessionSeminar'], 'seminar_visibility') && Seminar_Session::check_ticket(Request::option('studip_ticket'))) {
$course = Course::findCurrent();
if (!$course->visible) {
StudipLog::log('SEM_VISIBLE', $course->id);
$course->visible = 1;
$msg = _("Die Veranstaltung wurde sichtbar gemacht.");
} else {
StudipLog::log('SEM_INVISIBLE', $course->id);
$course->visible = 0;
$msg = _("Die Veranstaltung wurde versteckt.");
}
if ($course->store()) {
PageLayout::postMessage(MessageBox::success($msg));
}
}
$this->redirect($this->url_for('/index'));
}
// set the options for the box
list($self_assign_all, $self_assign_exclusive) = CheckSelfAssignAll($range_id);
$template->set_attribute('self_assign_all', $self_assign_all);
$template->set_attribute('self_assign_exclusive', $self_assign_exclusive);
$template->set_attribute('seminar_class', SeminarCategories::GetBySeminarId($range_id)->id);
if (Request::option('cmd') == 'editRole') {
$role = new Statusgruppe(Request::option('role_id'));
$template->set_attribute('role_data', $role->getData());
$template->set_attribute('edit_role', $role->getId());
} else if (Request::submitted('choosePreset')) {
$template->set_attribute('role_data', array('name' => Request::quoted('presetName')));
}
$template->set_attribute('show_search_and_members_form', !LockRules::Check($range_id, 'participants'));
// quickfilters
foreach (getPersons($range_id, 'sem') as $k=>$v) {
$quickfilter_sem[] = $k;
}
$template->set_attribute('quickfilter_sem', $quickfilter_sem);
foreach (getPersons($range_id, 'sem_no_group') as $k=>$v) {
$quickfilter_sem_no_group[] = $k;
}
$template->set_attribute('quickfilter_sem_no_group', $quickfilter_sem_no_group);
foreach (getPersons($range_id, 'inst') as $k=>$v) {
$quickfilter_inst[] = $k;
}
$template->set_attribute('quickfilter_inst', $quickfilter_inst);
// search
<?php
echo $table_content;
?>
</table>
<?
}
$sidebar = Sidebar::get();
$sidebar->setImage('sidebar/person-sidebar.png');
$widget = new ViewsWidget();
$widget->addLink(_('Standard'), URLHelper::getURL('?extend=no'))->setActive($extend != 'yes');
$widget->addLink(_('Erweitert'), URLHelper::getURL('?extend=yes'))->setActive($extend == 'yes');
$sidebar->addWidget($widget);
if ($admin_view) {
if (!LockRules::Check($inst_id, 'participants')) {
$edit = new SidebarWidget();
$edit->setTitle(_('Personenverwaltung'));
$edit->addElement(new WidgetElement($mp));
$sidebar->addWidget($edit);
}
if (!empty($mail_list)) {
$actions = new ActionsWidget();
$actions->addLink(_('Stud.IP Rundmail'), $controller->url_for('messages/write', array('inst_id' => $inst_id, 'emailrequest' => 1)), Icon::create('mail', 'clickable'), array('data-dialog' => 'size=50%'));
$sidebar->addWidget($actions);
}
}
private function types()
{
return array('inst' => array('name' => _('Institut'), 'after_user_add' => function ($user_id) {
$newInstUser = new InstituteMember(array($user_id, $_SESSION['SessionSeminar']));
if ($newInstUser->isNew()) {
$user = new User($user_id);
$newInstUser->inst_perms = $user->perms;
if ($newInstUser->store()) {
StudipLog::INST_USER_ADD($_SESSION['SessionSeminar'], $user->id, $user->perms);
}
}
}, 'after_user_delete' => function ($user_id) {
null;
}, 'after_user_move' => function ($user_id) {
null;
}, 'view' => function ($user_id) {
return true;
}, 'needs_size' => false, 'needs_self_assign' => false, 'edit' => function ($user_id) {
return $GLOBALS['perm']->have_studip_perm('admin', $_SESSION['SessionSeminar']) && !LockRules::Check($_SESSION['SessionSeminar'], 'groups');
}, 'redirect' => function () {
require_once 'lib/admin_search.inc.php';
die;
//must not return
}, 'groups' => array('members' => array('name' => _('Mitglieder')))));
}
/**
* This action remove a user from course
* @param $course_id
*/
public function decline_action($course_id, $waiting = null)
{
$current_seminar = Seminar::getInstance($course_id);
$ticket_check = Seminar_Session::check_ticket(Request::option('studipticket'));
if (LockRules::Check($course_id, 'participants')) {
$lockdata = LockRules::getObjectRule($course_id);
PageLayout::postMessage(MessageBox::error(sprintf(_("Sie können sich nicht von der Veranstaltung <b>%s</b> abmelden."), htmlReady($current_seminar->name))));
if ($lockdata['description']) {
PageLayout::postMessage(MessageBox::info(formatLinks($lockdata['description'])));
}
$this->redirect('my_courses/index');
return;
}
if (Request::option('cmd') == 'back') {
$this->redirect('my_courses/index');
return;
}
if (Request::option('cmd') != 'kill' && Request::option('cmd') != 'kill_admission') {
if ($current_seminar->admission_binding && Request::get('cmd') != 'suppose_to_kill_admission' && !LockRules::Check($current_seminar->getId(), 'participants')) {
PageLayout::postMessage(MessageBox::error(sprintf(_("Die Veranstaltung <b>%s</b> ist als <b>bindend</b> angelegt.\n Wenn Sie sich abmelden wollen, müssen Sie sich an die Lehrende der Veranstaltung wenden."), htmlReady($current_seminar->name))));
$this->redirect('my_courses/index');
return;
}
if (Request::get('cmd') == 'suppose_to_kill') {
// check course admission
list(, $admission_end_time) = @array_values($current_seminar->getAdmissionTimeFrame());
$admission_enabled = $current_seminar->isAdmissionEnabled();
$admission_locked = $current_seminar->isAdmissionLocked();
if ($admission_enabled || $admission_locked || (int) $current_seminar->admission_prelim == 1) {
$message = sprintf(_('Wollen Sie sich von der teilnahmebeschränkten Veranstaltung "%s" wirklich abmelden? Sie verlieren damit die Berechtigung für die Veranstaltung und müssen sich ggf. neu anmelden!'), $current_seminar->name);
} else {
if (isset($admission_end_time) && $admission_end_time < time()) {
$message = sprintf(_('Wollen Sie sich von der teilnahmebeschränkten Veranstaltung "%s" wirklich abmelden? Der Anmeldzeitraum ist abgelaufen und Sie können sich nicht wieder anmelden!'), $current_seminar->name);
} else {
$message = sprintf(_('Wollen Sie sich von der Veranstaltung "%s" wirklich abmelden?'), $current_seminar->name);
}
}
$this->flash['cmd'] = 'kill';
} else {
if (admission_seminar_user_get_position($GLOBALS['user']->id, $course_id) === false) {
$message = sprintf(_('Wollen Sie sich von der Anmeldeliste der Veranstaltung "%s" wirklich abmelden?'), $current_seminar->name);
} else {
$message = sprintf(_('Wollen Sie sich von der Warteliste der Veranstaltung "%s" wirklich abmelden? Sie verlieren damit die bereits erreichte Position und müssen sich ggf. neu anmelden!'), $current_seminar->name);
}
$this->flash['cmd'] = 'kill_admission';
}
$this->flash['decline_course'] = true;
$this->flash['course_id'] = $course_id;
$this->flash['message'] = $message;
$this->flash['studipticket'] = Seminar_Session::get_ticket();
$this->redirect('my_courses/index');
return;
} else {
if (!LockRules::Check($course_id, 'participants') && $ticket_check && Request::option('cmd') != 'back' && Request::get('cmd') != 'kill_admission') {
$query = "DELETE FROM seminar_user WHERE user_id = ? AND Seminar_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($GLOBALS['user']->id, $course_id));
if ($statement->rowCount() == 0) {
PageLayout::postMessage(MessageBox::error(_('In der ausgewählten Veranstaltung wurde die gesuchten Personen nicht gefunden und konnte daher nicht ausgetragen werden.')));
} else {
// LOGGING
StudipLog::log('SEM_USER_DEL', $course_id, $GLOBALS['user']->id, 'Hat sich selbst ausgetragen');
// enable others to do something after the user has been deleted
NotificationCenter::postNotification('UserDidLeaveCourse', $course_id, $GLOBALS['user']->id);
// Delete from statusgroups
RemovePersonStatusgruppeComplete(get_username(), $course_id);
// Are successor available
update_admission($course_id);
PageLayout::postMessage(MessageBox::success(sprintf(_("Erfolgreich von Veranstaltung <b>%s</b> abgemeldet."), htmlReady($current_seminar->name))));
}
} else {
// LOGGING
StudipLog::log('SEM_USER_DEL', $course_id, $GLOBALS['user']->id, 'Hat sich selbst aus der Warteliste ausgetragen');
if ($current_seminar->isAdmissionEnabled()) {
$prio_delete = AdmissionPriority::unsetPriority($current_seminar->getCourseSet()->getId(), $GLOBALS['user']->id, $course_id);
}
$query = "DELETE FROM admission_seminar_user WHERE user_id = ? AND seminar_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($GLOBALS['user']->id, $course_id));
if ($statement->rowCount() || $prio_delete) {
//Warteliste neu sortieren
renumber_admission($course_id);
//Pruefen, ob es Nachruecker gibt
update_admission($course_id);
PageLayout::postMessage(MessageBox::success(sprintf(_("Der Eintrag in der Anmelde- bzw. Warteliste der Veranstaltung <b>%s</b> wurde aufgehoben.\n Wenn Sie an der Veranstaltung teilnehmen wollen, müssen Sie sich erneut bewerben."), htmlReady($current_seminar->name))));
}
}
$this->redirect('my_courses/index');
return;
}
}
$_SESSION['archiv_assi_data']["pos"] = $_SESSION['archiv_assi_data']["pos"] + $i;
}
// dec if we have lectures left in the lower
if (Request::option('dec'))
if ($_SESSION['archiv_assi_data']["pos"] > 0) {
$d = -1;
while ((!$_SESSION['archiv_assi_data']["sem_check"][$_SESSION['archiv_assi_data']["sems"][$_SESSION['archiv_assi_data']["pos"] + $d]["id"]]) && ($_SESSION['archiv_assi_data']["pos"] + $d > 0))
$d--;
if ((sizeof($_SESSION['archiv_assi_data']["sem_check"]) > 1) && ($_SESSION['archiv_assi_data']["sem_check"][$_SESSION['archiv_assi_data']["sems"][$_SESSION['archiv_assi_data']["pos"] + $d]["id"]]))
$_SESSION['archiv_assi_data']["pos"] = $_SESSION['archiv_assi_data']["pos"] + $d;
}
if (LockRules::Check($_SESSION['archiv_assi_data']["sems"][$_SESSION['archiv_assi_data']["pos"]]["id"], 'seminar_archive')) {
$lockdata = LockRules::getObjectRule($_SESSION['archiv_assi_data']["sems"][$_SESSION['archiv_assi_data']["pos"]]["id"]);
if ($lockdata['description']) {
$details = formatLinks($lockdata['description']);
} else {
$details = _("Die Veranstaltung kann nicht archiviert werden.");
}
throw new AccessDeniedException($details);
}
// Delete (and archive) the lecture
if (Request::option('archive_kill')) {
$run = TRUE;
$s_id = $_SESSION['archiv_assi_data']["sems"][$_SESSION['archiv_assi_data']["pos"]]["id"];
// # Do we have permission to do so?
if (!$perm->have_perm($check_perm)) {
public function index_action()
{
if (Request::isPost() && Request::get("edit") && $GLOBALS['perm']->have_studip_perm("tutor", $_SESSION['SessionSeminar'])) {
$topic = new CourseTopic(Request::option("issue_id"));
if ($topic['seminar_id'] && $topic['seminar_id'] !== $_SESSION['SessionSeminar']) {
throw new AccessDeniedException();
}
if (Request::submitted("delete_topic")) {
$topic->delete();
PageLayout::postMessage(MessageBox::success(_("Thema gelöscht.")));
} else {
$topic['title'] = Request::get("title");
$topic['description'] = Studip\Markup::purifyHtml(Request::get("description"));
if ($topic->isNew()) {
$topic['seminar_id'] = $_SESSION['SessionSeminar'];
}
$topic->store();
//change dates for this topic
$former_date_ids = $topic->dates->pluck("termin_id");
$new_date_ids = array_keys(Request::getArray("date"));
foreach (array_diff($former_date_ids, $new_date_ids) as $delete_termin_id) {
$topic->dates->unsetByPk($delete_termin_id);
}
foreach (array_diff($new_date_ids, $former_date_ids) as $add_termin_id) {
$date = CourseDate::find($add_termin_id);
if ($date) {
$topic->dates[] = $date;
}
}
$topic->store();
if (Request::get("folder") && !$topic->folder) {
$topic->connectWithDocumentFolder();
}
// create a connection to the module forum (can be anything)
// will update title and description automagically
if (Request::get("forumthread")) {
$topic->connectWithForumThread();
}
if (Request::option("issue_id") === "new") {
Request::set("open", $topic->getId());
}
PageLayout::postMessage(MessageBox::success(_("Thema gespeichert.")));
$this->redirect("course/topics/index");
}
}
if (Request::isPost() && Request::option("move_down")) {
$topics = CourseTopic::findBySeminar_id($_SESSION['SessionSeminar']);
$mainkey = null;
foreach ($topics as $key => $topic) {
if ($topic->getId() === Request::option("move_down")) {
$mainkey = $key;
}
$topic['priority'] = $key + 1;
}
if ($mainkey !== null && $mainkey < count($topics)) {
$topics[$mainkey]->priority++;
$topics[$mainkey + 1]->priority--;
}
foreach ($topics as $key => $topic) {
$topic->store();
}
}
if (Request::isPost() && Request::option("move_up")) {
$topics = CourseTopic::findBySeminar_id($_SESSION['SessionSeminar']);
foreach ($topics as $key => $topic) {
if ($topic->getId() === Request::option("move_up") && $key > 0) {
$topic['priority'] = $key;
$topics[$key - 1]->priority = $key + 1;
$topics[$key - 1]->store();
} else {
$topic['priority'] = $key + 1;
}
$topic->store();
}
}
Navigation::activateItem('/course/schedule/topics');
$this->topics = CourseTopic::findBySeminar_id($_SESSION['SessionSeminar']);
$this->cancelled_dates_locked = LockRules::Check($_SESSION['SessionSeminar'], 'cancelled_dates');
}
/**
* Determines whether a user is permitted to change a certain value
* and if provided, whether the value has actually changed.
*
* @param String $field Which db field shall change
* @param mixed $attribute Which attribute is related (optional,
* automatically guessedif missing)
* @param mixed $value Optional new value of the field (used to determine
* whether the value has actually changed)
* @return bool Indicates whether the value shall actually change
*/
public function shallChange($field, $attribute = null, $value = null)
{
$column = end(explode('.', $field));
$attribute = $attribute ?: strtolower($column);
$global_mapping = array('email' => 'ALLOW_CHANGE_EMAIL', 'name' => 'ALLOW_CHANGE_NAME', 'title' => 'ALLOW_CHANGE_TITLE', 'username' => 'ALLOW_CHANGE_USERNAME');
if (isset($global_mapping[$attribute]) and !$GLOBALS[$global_mapping[$attribute]]) {
return false;
}
return !($field && StudipAuthAbstract::CheckField($field, $this->user->auth_plugin)) && !LockRules::check($this->user->user_id, $attribute) && ($value === null || $this->user->{$column} != $value);
}
function getTabNavigation($course_id)
{
$sem_create_perm = in_array(get_config('SEM_CREATE_PERM'), array('root', 'admin', 'dozent')) ? get_config('SEM_CREATE_PERM') : 'dozent';
if ($GLOBALS['perm']->have_studip_perm('tutor', $course_id)) {
$navigation = new Navigation(_('Verwaltung'));
$navigation->setImage(Icon::create('admin', 'info_alt'));
$navigation->setActiveImage(Icon::create('admin', 'info'));
$main = new Navigation(_('Verwaltung'), 'dispatch.php/course/management');
$navigation->addSubNavigation('main', $main);
if ($GLOBALS['SessSemName']['class'] !== "inst") {
$item = new Navigation(_('Grunddaten'), 'dispatch.php/course/basicdata/view/' . $course_id);
$item->setImage(Icon::create('edit', 'clickable'));
$item->setDescription(_('Bearbeiten der Grundeinstellungen dieser Veranstaltung.'));
$navigation->addSubNavigation('details', $item);
$item = new Navigation(_('Infobild'), 'dispatch.php/course/avatar/update/' . $course_id);
$item->setImage(Icon::create('file-pic', 'clickable'));
$item->setDescription(_('Infobild dieser Veranstaltung bearbeiten oder löschen.'));
$navigation->addSubNavigation('avatar', $item);
$item = new Navigation(_('Studienbereiche'), 'dispatch.php/course/study_areas/show/' . $course_id);
$item->setImage(Icon::create('module', 'clickable'));
$item->setDescription(_('Zuordnung dieser Veranstaltung zu Studienbereichen für die Darstellung im Verzeichnis aller Veranstaltungen.'));
$navigation->addSubNavigation('study_areas', $item);
$item = new Navigation(_('Zeiten/Räume'), 'dispatch.php/course/timesrooms');
$item->setImage(Icon::create('date', 'clickable'));
$item->setDescription(_('Regelmäßige Veranstaltungszeiten, Einzeltermine und Ortsangaben ändern.'));
$navigation->addSubNavigation('dates', $item);
if (get_config('RESOURCES_ENABLE') && get_config('RESOURCES_ALLOW_ROOM_REQUESTS')) {
$item = new Navigation(_('Raumanfragen'), 'dispatch.php/course/room_requests/index/' . $course_id);
$item->setImage(Icon::create('resources', 'clickable'));
$item->setDescription(_('Raumanfragen zu Veranstaltungszeiten verwalten.'));
$navigation->addSubNavigation('room_requests', $item);
}
$item = new Navigation(_('Zugangsberechtigungen'), 'dispatch.php/course/admission');
$item->setImage(Icon::create('lock-locked', 'clickable'));
$item->setDescription(_('Zugangsbeschränkungen, Anmeldeverfahren oder einen Passwortschutz für diese Veranstaltung einrichten.'));
$navigation->addSubNavigation('admission', $item);
$item = new AutoNavigation(_('Zusatzangaben'), 'dispatch.php/admin/additional');
$item->setImage(Icon::create('add', 'clickable'));
$item->setDescription(_('Vorlagen zur Erhebung weiterer Angaben von Teilnehmenden auswählen.'));
$navigation->addSubNavigation('additional_data', $item);
if ($GLOBALS['perm']->have_perm($sem_create_perm)) {
if (!LockRules::check($course_id, 'seminar_copy')) {
$item = new Navigation(_('Veranstaltung kopieren'), 'dispatch.php/course/wizard/copy/' . $course_id);
$item->setImage(Icon::create('seminar+add', 'clickable'));
$main->addSubNavigation('copy', $item);
}
if (get_config('ALLOW_DOZENT_ARCHIV') || $GLOBALS['perm']->have_perm('admin')) {
$item = new Navigation(_('Veranstaltung archivieren'), 'archiv_assi.php');
$item->setImage(Icon::create('seminar+remove', 'clickable'));
$main->addSubNavigation('archive', $item);
}
if ((get_config('ALLOW_DOZENT_VISIBILITY') || $GLOBALS['perm']->have_perm('admin')) && !LockRules::Check($course_id, 'seminar_visibility')) {
$is_visible = Course::findCurrent()->visible;
$item = new Navigation(_('Sichtbarkeit ändern') . ' (' . ($is_visible ? _('sichtbar') : _('unsichtbar')) . ')', 'dispatch.php/course/management/change_visibility');
$item->setImage(Icon::create('visibility-' . ($is_visible ? 'visible' : 'invisible'), 'clickable'));
$main->addSubNavigation('visibility', $item);
}
if ($GLOBALS['perm']->have_perm('admin')) {
$is_locked = Course::findCurrent()->lock_rule;
$item = new Navigation(_('Sperrebene ändern') . ' (' . ($is_locked ? _('gesperrt') : _('nicht gesperrt')) . ')', 'dispatch.php/course/management/lock');
$item->setImage(Icon::create('lock-' . ($is_locked ? 'locked' : 'unlocked'), 'clickable'), ['data-dialog' => 'size=auto']);
$main->addSubNavigation('lock', $item);
}
}
// show entry for simulated participant view
if (in_array($GLOBALS['perm']->get_studip_perm($course_id), words('tutor dozent'))) {
$item = new Navigation('Studierendenansicht simulieren', 'dispatch.php/course/change_view?cid=' . Request::option('cid'));
$item->setDescription(_('Hier können Sie sich die Veranstaltung aus der Sicht von Studierenden sehen.'));
$item->setImage(Icon::create('visibility-invisible', 'clickable'));
$main->addSubNavigation('change_view', $item);
}
}
// endif modules only seminars
if ($GLOBALS['perm']->have_studip_perm('tutor', $course_id)) {
if (get_config('VOTE_ENABLE')) {
$item = new Navigation(_('Umfragen und Tests'), 'admin_vote.php?view=vote_sem');
$item->setImage(Icon::create('vote', 'clickable'));
$item->setDescription(_('Erstellen und bearbeiten von einfachen Umfragen und Tests.'));
$navigation->addSubNavigation('vote', $item);
$item = new Navigation(_('Evaluationen'), 'admin_evaluation.php?view=eval_sem');
$item->setImage(Icon::create('evaluation', 'clickable'));
$item->setDescription(_('Richten Sie fragebogenbasierte Umfragen und Lehrevaluationen ein.'));
$navigation->addSubNavigation('evaluation', $item);
}
}
return array('admin' => $navigation);
} else {
return array();
}
}
function change_course_set_action()
{
CSRFProtection::verifyUnsafeRequest();
if (Request::submitted('change_course_set_assign') && Request::get('course_set_assign') && !LockRules::Check($this->course_id, 'admission_type')) {
$cs = new CourseSet(Request::option('course_set_assign'));
if ($cs->isUserAllowedToAssignCourse($this->user_id, $this->course_id)) {
CourseSet::addCourseToSet($cs->getId(), $this->course_id);
$cs->load();
if (in_array($this->course_id, $cs->getCourses())) {
PageLayout::postMessage(MessageBox::success(sprintf(_("Die Zuordnung zum Anmeldeset %s wurde durchgeführt."), htmlReady($cs->getName()))));
}
}
}
if (Request::submitted('change_course_set_unassign') && !LockRules::Check($this->course_id, 'admission_type')) {
$this->response->add_header('X-Title', _('Anmelderegeln aufheben'));
if ($this->course->getNumWaiting() && !Request::submitted('change_course_set_unassign_yes')) {
$question = sprintf(_("In dieser Veranstaltung existiert eine Warteliste. Die bestehende Warteliste mit %s Einträgen wird gelöscht. Sind sie sicher?"), $this->course->getNumWaiting());
}
$cs = CourseSet::getSetForCourse($this->course_id);
if ($cs) {
$priorities = AdmissionPriority::getPrioritiesByCourse($cs->getId(), $this->course_id);
if (count($priorities) && !Request::submitted('change_course_set_unassign_yes')) {
$question = sprintf(_("In dieser Veranstaltung existiert eine Anmeldeliste (Losverfahren am %s). Die bestehende Anmeldeliste mit %s Einträgen wird gelöscht. Sind sie sicher?"), strftime('%x %R', $cs->getSeatDistributionTime()), count($priorities));
}
}
if (!$question && $cs) {
CourseSet::removeCourseFromSet($cs->getId(), $this->course_id);
$cs->load();
if (!in_array($this->course_id, $cs->getCourses())) {
PageLayout::postMessage(MessageBox::success(sprintf(_("Die Zuordnung zum Anmeldeset %s wurde aufgehoben."), htmlReady($cs->getName()))));
}
if (!count($cs->getCourses()) && $cs->isGlobal() && $cs->getUserid() != '') {
$cs->delete();
}
if ($this->course->getNumWaiting()) {
$num_moved = 0;
foreach ($this->course->admission_applicants->findBy('status', 'awaiting') as $applicant) {
setTempLanguage($applicant->user_id);
$message_body = sprintf(_('Die Warteliste der Veranstaltung **%s** wurde deaktiviert, Sie sind damit __nicht__ zugelassen worden.'), $this->course->name);
$message_title = sprintf(_("Statusänderung %s"), $this->course->name);
messaging::sendSystemMessage($applicant->user_id, $message_title, $message_body);
restoreLanguage();
$num_moved += $applicant->delete();
}
if ($num_moved) {
PageLayout::postMessage(MessageBox::success(sprintf(_("%s Wartende wurden entfernt."), $num_moved)));
}
}
}
}
if (!$question) {
$this->redirect($this->url_for('/index'));
} else {
$this->request = array('change_course_set_unassign' => 1);
$this->button_yes = 'change_course_set_unassign_yes';
PageLayout::postMessage(MessageBox::info($question));
$this->render_template('course/admission/_change_admission.php');
}
}
function edit_email($user, $email, $force = False)
{
$msg = '';
$query = "SELECT email, username, auth_plugin\n FROM auth_user_md5\n WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($user->user_id));
$row = $statement->fetch(PDO::FETCH_ASSOC);
$email_cur = $row['email'];
$username = $row['username'];
$auth_plugin = $row['auth_plugin'];
if ($email_cur == $email && !$force) {
return array(True, $msg);
}
if (StudipAuthAbstract::CheckField("auth_user_md5.Email", $auth_plugin) || LockRules::check($user->user_id, 'email')) {
return array(False, $msg);
}
if (!$GLOBALS['ALLOW_CHANGE_EMAIL']) {
return array(False, $msg);
}
$validator = new email_validation_class();
## Klasse zum Ueberpruefen der Eingaben
$validator->timeout = 10;
$REMOTE_ADDR = $_SERVER["REMOTE_ADDR"];
$Zeit = date("H:i:s, d.m.Y", time());
// accept only registered domains if set
$email_restriction = trim(get_config('EMAIL_DOMAIN_RESTRICTION'));
if (!$validator->ValidateEmailAddress($email, $email_restriction)) {
if ($email_restriction) {
$email_restriction_msg_part = '';
$email_restriction_parts = explode(',', $email_restriction);
for ($email_restriction_count = 0; $email_restriction_count < count($email_restriction_parts); $email_restriction_count++) {
if ($email_restriction_count == count($email_restriction_parts) - 1) {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . '<br>';
} else {
if (($email_restriction_count + 1) % 3) {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ', ';
} else {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ',<br>';
}
}
}
$msg .= 'error§' . sprintf(_("Die E-Mail-Adresse fehlt, ist falsch geschrieben oder gehört nicht zu folgenden Domains:%s"), '<br>' . $email_restriction_msg_part);
} else {
$msg .= "error§" . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "§";
}
return array(False, $msg);
// E-Mail syntaktisch nicht korrekt oder fehlend
}
if (!$validator->ValidateEmailHost($email)) {
// Mailserver nicht erreichbar, ablehnen
$msg .= "error§" . _("Der Mailserver ist nicht erreichbar. Bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken können!") . "§";
return array(False, $msg);
} else {
// Server ereichbar
if (!$validator->ValidateEmailBox($email)) {
// aber user unbekannt. Mail an abuse!
StudipMail::sendAbuseMessage("edit_about", "Emailbox unbekannt\n\nUser: "******"\nEmail: {$email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n");
$msg .= "error§" . _("Die angegebene E-Mail-Adresse ist nicht erreichbar. Bitte überprüfen Sie Ihre Angaben!") . "§";
return array(False, $msg);
}
}
$query = "SELECT Vorname, Nachname\n FROM auth_user_md5\n WHERE Email = ? AND user_id != ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($email, $user->user_id));
$row = $statement->fetch(PDO::FETCH_ASSOC);
if ($row) {
$msg .= "error§" . sprintf(_("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer (%s %s) verwendet. Bitte geben Sie eine andere E-Mail-Adresse an."), htmlReady($row['Vorname']), htmlReady($row['Nachname'])) . "§";
return array(False, $msg);
}
// This already moved to the controller
// $query = "UPDATE auth_user_md5 SET Email = ? WHERE user_id = ?";
// $statement = DBManager::get()->prepare($query);
// $statement->execute(array($email, $uid));
if (StudipAuthAbstract::CheckField("auth_user_md5.validation_key", $auth_plugin)) {
$msg .= "msg§" . _("Ihre E-Mail-Adresse wurde geändert!") . "§";
return array(True, $msg);
} else {
// auth_plugin does not map validation_key (what if...?)
// generate 10 char activation key
$key = '';
mt_srand((double) microtime() * 1000000);
for ($i = 1; $i <= 10; $i++) {
$temp = mt_rand() % 36;
if ($temp < 10) {
$temp += 48;
} else {
$temp += 87;
}
// a = chr(97), z = chr(122)
$key .= chr($temp);
}
$user->validation_key = $key;
$activatation_url = $GLOBALS['ABSOLUTE_URI_STUDIP'] . 'activate_email.php?uid=' . $user->user_id . '&key=' . $user->validation_key;
// include language-specific subject and mailbody with fallback to german
$lang = $GLOBALS['_language_path'];
// workaround
if ($lang == '') {
$lang = 'de';
}
include_once "locale/{$lang}/LC_MAILS/change_self_mail.inc.php";
$mail = StudipMail::sendMessage($email, $subject, $mailbody);
if (!$mail) {
return array(True, $msg);
}
$query = "UPDATE auth_user_md5 SET validation_key = ? WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($user->validation_key, $user->user_id));
$msg .= "info§<b>" . sprintf(_('An Ihre neue E-Mail-Adresse <b>%s</b> wurde ein Aktivierungslink geschickt, dem Sie folgen müssen bevor Sie sich das nächste mal einloggen können.'), $email) . '</b>§';
log_event("USER_NEWPWD", $user->user_id);
// logging
}
return array(True, $msg);
}
if (in_array($e_id, $dview) === TRUE) {
echo '<td><font size="-1">';
if ($entry->getValue() == 'default_value') {
echo $default_entries[$e_id]->getDisplayValue();
} else {
echo $entry->getDisplayValue();
}
echo '</font></td>';
}
}
} else {
for ($i = 0; $i < sizeof($struct); $i++) {
echo '<td> </td>';
}
}
if ($admin_view && !LockRules::Check($range_id, 'participants')) {
echo '<td>';
echo '<a href="'.URLHelper::getLink('dispatch.php/settings/statusgruppen/switch/' . $id . '?username='******'username']).'"><font size="-1">';
echo Icon::create('edit', 'clickable')->asImg();
echo '</font></a></td>';
echo '<td>';
echo ' <a href="'.URLHelper::getLink('?cmd=removeFromGroup&username='******'username'].'&role_id='.$id).'">';
echo Icon::create('trash', 'clickable')->asImg(['class' => 'text-top']);
echo '</a> </td>';
}
elseif ($structure["nachricht"]) {
echo '<td colspan=\"2\"> </td>';
}
echo '</tr>', "\n";
}
/**
* Display the account information of a user
*/
public function index_action()
{
$this->locked_info = LockRules::CheckLockRulePermission($this->user['user_id']) ? LockRules::getObjectRule($this->user['user_id'])->description : false;
$auth = StudipAuthAbstract::GetInstance($this->user->auth_plugin ?: 'standard');
$this->is_sso = $auth instanceof StudipAuthSSO;
}
/**
* Ändert alle Grunddaten der Veranstaltung (bis auf Personal) und leitet
* danach weiter auf View.
*/
public function set_action($course_id)
{
global $perm;
$sem = Seminar::getInstance($course_id);
$this->msg = array();
$old_settings = $sem->getSettings();
//Seminar-Daten:
if ($perm->have_studip_perm("tutor", $sem->getId())) {
$changemade = false;
foreach (Request::getInstance() as $req_name => $req_value) {
if (substr($req_name, 0, 7) === "course_") {
$varname = substr($req_name, 7);
if ($varname === "name" && !$req_value) {
$this->msg[] = array("error", _("Name der Veranstaltung darf nicht leer sein."));
} elseif ($sem->{$varname} != $req_value) {
$sem->{$varname} = $req_value;
$changemade = true;
}
}
}
//seminar_inst:
if (!LockRules::Check($course_id, 'seminar_inst') && $sem->setInstitutes(Request::optionArray('related_institutes'))) {
$changemade = true;
}
//Datenfelder:
$invalid_datafields = array();
$all_fields_types = DataFieldEntry::getDataFieldEntries($sem->id, 'sem', $sem->status);
foreach (Request::getArray('datafields') as $datafield_id => $datafield_value) {
$datafield = $all_fields_types[$datafield_id];
$valueBefore = $datafield->getValue();
$datafield->setValueFromSubmit($datafield_value);
if ($valueBefore != $datafield->getValue()) {
if ($datafield->isValid()) {
$datafield->store();
$changemade = true;
} else {
$invalid_datafields[] = $datafield->getName();
}
}
}
if (count($invalid_datafields)) {
$message = ngettext('%s der Veranstaltung wurde falsch angegeben', '%s der Veranstaltung wurden falsch angegeben', count($invalid_datafields));
$message .= ', ' . _('bitte korrigieren Sie dies unter "Beschreibungen"') . '.';
$message = sprintf($message, join(', ', array_map('htmlReady', $invalid_datafields)));
$this->msg[] = array('error', $message);
}
$sem->store();
// Logging
$before = array_diff_assoc($old_settings, $sem->getSettings());
$after = array_diff_assoc($sem->getSettings(), $old_settings);
//update admission, if turnout was raised
if ($after['admission_turnout'] > $before['admission_turnout'] && $sem->isAdmissionEnabled()) {
update_admission($sem->getId());
}
if (sizeof($before) && sizeof($after)) {
foreach ($before as $k => $v) {
$log_message .= "{$k}: {$v} => " . $after[$k] . " \n";
}
log_event('CHANGE_BASIC_DATA', $sem->getId(), " ", $log_message);
}
// end of logging
if ($changemade) {
$this->msg[] = array("msg", _("Die Grunddaten der Veranstaltung wurden verändert."));
}
} else {
$this->msg[] = array("error", _("Sie haben keine Berechtigung diese Veranstaltung zu verändern."));
}
//Labels/Funktionen für Dozenten und Tutoren
if ($perm->have_studip_perm("dozent", $sem->getId())) {
foreach (Request::getArray("label") as $user_id => $label) {
$sem->setLabel($user_id, $label);
}
}
foreach ($sem->getStackedMessages() as $key => $messages) {
foreach ($messages['details'] as $message) {
$this->msg[] = array($key !== "success" ? $key : "msg", $message);
}
}
$this->flash['msg'] = $this->msg;
$this->flash['open'] = Request::get("open");
$this->redirect($this->url_for('course/basicdata/view/' . $sem->getId()));
}
/**
* show institute basicdata page
*
* @param mixed $i_id Optional institute id
* @throws AccessDeniedException
*/
public function index_action($i_id = false)
{
PageLayout::setTitle(_('Verwaltung der Grunddaten'));
Navigation::activateItem('/admin/institute/details');
//get ID from an open Institut
$i_view = $i_id ?: Request::option('i_view', $GLOBALS['SessSemName'][1]);
if (!$i_view) {
require_once 'lib/admin_search.inc.php';
// This search just died a little inside, so it should be safe to
// continue here but we nevertheless return just to be sure
return;
} elseif ($i_view === 'new') {
closeObject();
}
// allow only inst-admin and root to view / edit
if ($i_view && !$GLOBALS['perm']->have_studip_perm('admin', $i_view) && $i_view !== 'new') {
throw new AccessDeniedException();
}
//Change header_line if open object
$header_line = getHeaderLine($i_view);
if ($header_line) {
PageLayout::setTitle($header_line . ' - ' . PageLayout::getTitle());
}
if (Request::get('i_trykill')) {
$message = _('Sind Sie sicher, dass Sie diese Einrichtung löschen wollen?');
$post['i_kill'] = 1;
$post['studipticket'] = get_ticket();
$this->question = createQuestion2($message, $post, array(), $this->url_for('institute/basicdata/delete/' . $i_view));
}
$lockrule = LockRules::getObjectRule($i_view);
if ($lockrule->description && LockRules::CheckLockRulePermission($i_view, $lockrule['permission'])) {
PageLayout::postMessage(MessageBox::info(formatLinks($lockrule->description)));
}
// Load institute data
$institute = new Institute($i_view === 'new' ? null : $i_view);
//add the free administrable datafields
$datafields = array();
$localEntries = DataFieldEntry::getDataFieldEntries($institute->id, 'inst');
if ($localEntries) {
$invalidEntries = $this->flash['invalid_entries'] ?: array();
foreach ($localEntries as $entry) {
if (!$entry->isVisible()) {
continue;
}
$color = '#000000';
if (in_array($entry->getId(), $invalidEntries)) {
$color = '#ff0000';
}
$datafields[] = array('color' => $color, 'title' => $entry->getName(), 'value' => $GLOBALS['perm']->have_perm($entry->isEditable()) && !LockRules::Check($institute['Institut_id'], $entry->getId()) ? $entry->getHTML('datafields') : $entry->getDisplayValue());
}
}
// Read faculties if neccessary
if (count($institute->sub_institutes) === 0) {
if ($GLOBALS['perm']->have_perm('root')) {
$this->faculties = Institute::findBySQL('Institut_id = fakultaets_id ORDER BY Name ASC', array($i_view));
} else {
$temp = User::find($GLOBALS['user']->id)->institute_memberships->findBy('inst_perms', 'admin')->pluck('institute');
$institutes = SimpleORMapCollection::createFromArray($temp);
$faculties = $institutes->filter(function ($institute) {
return $institute->is_fak;
});
$this->faculties = $faculties;
}
}
// Indicates whether the current user is allowed to delete the institute
$this->may_delete = $i_view !== 'new' && !(count($institute->home_courses) || count($institute->sub_institutes)) && ($GLOBALS['perm']->have_perm('root') || $GLOBALS['perm']->is_fak_admin() && get_config('INST_FAK_ADMIN_PERMS') == 'all');
if (!$this->may_delete) {
//Set infotext for disabled delete-button
$reason_txt = _('Löschen nicht möglich.');
if (count($institute->home_courses) > 0) {
$reason_txt .= ' ';
$reason_txt .= sprintf(ngettext('Es ist eine Veranstaltung zugeordnet.', 'Es sind %u Veranstaltungen zugeordnet.', count($institute->home_courses)), count($institute->home_courses));
}
if (count($institute->sub_institutes) > 0) {
$reason_txt .= ' ';
$reason_txt .= sprintf(ngettext('Es ist eine Einrichtung zugeordnet.', 'Es sind %u Einrichtungen zugeordnet.', count($institute->sub_institutes)), count($institute->sub_institutes));
}
}
// Indicates whether the current user is allowed to change the faculty
$this->may_edit_faculty = $GLOBALS['perm']->is_fak_admin() && !LockRules::Check($institute['Institut_id'], 'fakultaets_id') && ($GLOBALS['perm']->have_studip_perm('admin', $institute['fakultaets_id']) || $i_view === 'new');
// Prepare template
$this->institute = $institute;
$this->i_view = $i_view;
$this->datafields = $datafields;
$this->reason_txt = $reason_txt;
}
function new_action()
{
$this->lock_rule = new LockRule();
$this->lock_config = LockRules::getLockRuleConfig($this->lock_rule_type);
if (Request::submitted('ok')) {
$this->lock_rule->user_id = $GLOBALS['user']->id;
$this->lock_rule->object_type = $this->lock_rule_type;
if (!$this->handle_form_data()) {
PageLayout::postMessage(MessageBox::error(_('Die neue Sperrebene konnte nicht gespeichert werden.'), $this->msg['error']));
} else {
PageLayout::postMessage(MessageBox::success(_('Die neue Sperrebene wurde gespeichert')));
$this->redirect($this->url_for('admin/lockrules/edit/' . $this->lock_rule->getid()));
}
}
$actions = new ActionsWidget();
$actions->addLink(_('Bearbeiten abbrechen'), $this->url_for('admin/lockrules'), Icon::create('decline', 'clickable'));
$this->sidebar->addWidget($actions);
}
public function index_action()
{
global $perm, $PATH_EXPORT;
$sem = Seminar::getInstance($this->course_id);
// old message style
if ($_SESSION['sms_msg']) {
$this->msg = $_SESSION['sms_msg'];
unset($_SESSION['sms_msg']);
}
$this->sort_by = Request::option('sortby', 'nachname');
$this->order = Request::option('order', 'desc');
$this->sort_status = Request::get('sort_status');
Navigation::activateItem('/course/members/view');
if (Request::int('toggle')) {
$this->order = $this->order == 'desc' ? 'asc' : 'desc';
}
$filtered_members = $this->members->getMembers($this->sort_status, $this->sort_by . ' ' . $this->order, !$this->is_tutor ? $this->user_id : null);
if ($this->is_tutor) {
$filtered_members = array_merge($filtered_members, $this->members->getAdmissionMembers($this->sort_status, $this->sort_by . ' ' . $this->order));
$this->awaiting = $filtered_members['awaiting']->toArray('user_id username vorname nachname visible mkdate');
$this->accepted = $filtered_members['accepted']->toArray('user_id username vorname nachname visible mkdate');
$this->claiming = $filtered_members['claiming']->toArray('user_id username vorname nachname visible mkdate');
}
// Check autor-perms
if (!$this->is_tutor) {
SkipLinks::addIndex(_("Sichtbarkeit ändern"), 'change_visibility');
// filter invisible user
$this->invisibles = count($filtered_members['autor']->findBy('visible', 'no')) + count($filtered_members['user']->findBy('visible', 'no'));
$current_user_id = $this->user_id;
$exclude_invisibles = function ($user) use($current_user_id) {
return $user['visible'] != 'no' || $user['user_id'] == $current_user_id;
};
$filtered_members['autor'] = $filtered_members['autor']->filter($exclude_invisibles);
$filtered_members['user'] = $filtered_members['user']->filter($exclude_invisibles);
$this->my_visibility = $this->getUserVisibility();
if (!$this->my_visibility['iam_visible']) {
$this->invisibles--;
}
}
// get member informations
$this->dozenten = $filtered_members['dozent']->toArray('user_id username vorname nachname');
$this->tutoren = $filtered_members['tutor']->toArray('user_id username vorname nachname mkdate');
$this->autoren = $filtered_members['autor']->toArray('user_id username vorname nachname visible mkdate');
$this->users = $filtered_members['user']->toArray('user_id username vorname nachname visible mkdate');
$this->studipticket = Seminar_Session::get_ticket();
$this->subject = $this->getSubject();
$this->groups = $this->status_groups;
// Check Seminar
if ($this->is_tutor && $sem->isAdmissionEnabled()) {
$this->course = $sem;
$distribution_time = $sem->getCourseSet()->getSeatDistributionTime();
if ($sem->getCourseSet()->hasAlgorithmRun()) {
$this->waitingTitle = _("Warteliste");
if (!$sem->admission_disable_waitlist_move) {
$this->waitingTitle .= ' (' . _("automatisches Nachrücken ist eingeschaltet") . ')';
} else {
$this->waitingTitle .= ' (' . _("automatisches Nachrücken ist ausgeschaltet") . ')';
}
$this->semAdmissionEnabled = 2;
$this->waiting_type = 'awaiting';
} else {
$this->waitingTitle = sprintf(_("Anmeldeliste (Losverfahren am %s)"), strftime('%x %R', $distribution_time));
$this->semAdmissionEnabled = 1;
$this->awaiting = $this->claiming;
$this->waiting_type = 'claiming';
}
}
// Set the infobox
$this->createSidebar($filtered_members, $course);
if ($this->is_locked && $this->is_tutor) {
$lockdata = LockRules::getObjectRule($this->course_id);
if ($lockdata['description']) {
PageLayout::postMessage(MessageBox::info(formatLinks($lockdata['description'])));
}
}
// Check for waitlist availability (influences available actions)
// People can be moved to waitlist if waitlist available and no automatic moving up.
if (!$sem->admission_disable_waitlist && $sem->admission_disable_waitlist_move) {
$this->to_waitlist_actions = true;
}
}
/**
* Displays the statusgruppen of a user.
*
* @param mixed $verify_action Optional name of an action to be verified
* @param mixed $verify_id Optional id that belongs to the action to
* be verified
*/
public function index_action($verify_action = null, $verify_id = null)
{
$all_rights = false;
if ($this->user->username != $GLOBALS['user']->username) {
$query = "SELECT Institut_id\n FROM Institute\n WHERE fakultaets_id = ? AND fakultaets_id != Institut_id\n ORDER BY Name";
$inner_statement = DBManager::get()->prepare($query);
$parameters = array();
if ($GLOBALS['perm']->have_perm('root')) {
$all_rights = true;
$query = "SELECT Institut_id, Name, 1 AS is_fak\n FROM Institute\n WHERE Institut_id = fakultaets_id\n ORDER BY Name";
} elseif ($GLOBALS['perm']->have_perm('admin')) {
$query = "SELECT Institut_id, Name, b.Institut_id = b.fakultaets_id AS is_fak\n FROM user_inst AS a\n LEFT JOIN Institute AS b USING (Institut_id)\n WHERE a.user_id = ? AND a.inst_perms = 'admin'\n ORDER BY is_fak, Name";
$parameters[] = $GLOBALS['user']->id;
} else {
$query = "SELECT a.Institut_id, Name\n FROM user_inst AS a\n LEFT JOIN Institute AS b USING (Institut_id)\n WHERE inst_perms IN ('tutor', 'dozent') AND user_id = ?\n ORDER BY Name";
$parameters[] = $GLOBALS['user']->id;
}
$statement = DBManager::get()->prepare($query);
$statement->execute($parameters);
$institutes = $statement->fetchAll(PDO::FETCH_ASSOC);
$admin_insts = array();
foreach ($institutes as $institute) {
$institute['groups'] = GetAllStatusgruppen($institute['Institut_id']) ?: array();
if ($institute['is_fak']) {
$stmt = DBManager::get()->prepare("SELECT Institut_id, Name FROM Institute WHERE fakultaets_id = ? AND Institut_id != fakultaets_id ORDER BY Name");
$stmt->execute(array($institute['Institut_id']));
$institute['sub'] = $stmt->fetchGrouped(PDO::FETCH_ASSOC);
foreach ($institute['sub'] as $id => $sub) {
$sub['groups'] = GetAllStatusgruppen($id) ?: array();
$institute['sub'][$id] = $sub;
}
}
$admin_insts[] = $institute;
}
} else {
$all_rights = true;
}
// get the roles the user is in
$institutes = array();
foreach ($this->about->user_inst as $inst_id => $details) {
if ($details['inst_perms'] != 'user') {
$institutes[$inst_id] = $details;
$roles = GetAllStatusgruppen($inst_id, $this->user->user_id, true);
$institutes[$inst_id]['roles'] = $roles ?: array();
$institutes[$inst_id]['flattened'] = array_filter(Statusgruppe::getFlattenedRoles($roles), function ($role) {
return $role['user_there'];
});
$user_id = $this->user->user_id;
$datafields = array();
foreach ($institutes[$inst_id]['flattened'] as $role_id => $role) {
$datafields[$role_id] = DataFieldEntry::getDataFieldEntries(array($this->user->user_id, $role_id)) ?: array();
}
$institutes[$inst_id]['datafields'] = $datafields;
}
}
// template for tree-view of roles, layout for infobox-location and content-variables
$this->open = $_SESSION['edit_about_data']['open'];
// the ids of the currently opened statusgroups
$this->institutes = $institutes;
$this->verify_action = $verify_action;
$this->verify_id = $verify_id;
// data for edit_about_add_person_to_role
$this->admin_insts = $admin_insts;
$this->locked = !$this->shallChange('', 'institute_data');
if ($this->locked) {
$message = LockRules::getObjectRule($this->user->user_id)->description;
if ($message) {
$this->reportInfo($message);
}
}
}
echo $entry->getID();
?>
">
<?php
echo htmlReady($entry->getName());
?>
:
</label>
<? if (!$entry->isVisible($user['perms'])): ?>
<?php
echo tooltipIcon(_('Systemfeld (für die Person selbst nicht sichtbar)'), true);
?>
<? endif; ?>
</td>
<td colspan="2">
<? if ($entry->isEditable() && !LockRules::Check($user['user_id'], $entry->getId())) : ?>
<?php
echo $entry->getHTML("datafields");
?>
<? else : ?>
<?php
echo $entry->getDisplayValue();
?>
<? endif ?>
</td>
</tr>
<? endif ?>
<? endforeach ?>
</tbody>
<? endif ?>
<tbody>
<input type="text" size="80" <?php
echo LockRules::Check($institute->id, 'email') ? 'readonly disabled' : '';
?>
id="email" name="email"
value="<?php
echo htmlReady(Request::get('email', $institute->email));
?>
">
</label>
<label>
<?php
echo _('Homepage');
?>
<input type="text" size="80" <?php
echo LockRules::Check($institute->id, 'url') ? 'readonly disabled' : '';
?>
id="home" name="home"
value="<?php
echo htmlReady(Request::get('home', $institute->url));
?>
">
</label>
<? if (get_config('LITERATURE_ENABLE') && $institute->is_fak): // choose preferred lit plugin ?>
<label>
<?php
echo _('Bevorzugter Bibliothekskatalog');
?>
<select id="lit_plugin_name" name="lit_plugin_name">
<? foreach (StudipLitSearch::GetAvailablePlugins() as $name => $title): ?>
/**
* returns array with information about enrolment to this course for given user_id
* ['enrolment_allowed'] : true or false
* ['cause']: keyword to describe the cause
* ['description'] : readable description of the cause
*
* @param string $user_id
* @return array
*/
public function getEnrolmentInfo($user_id)
{
$info = array();
$user = User::find($user_id);
if ($this->read_level == 0 && get_config('ENABLE_FREE_ACCESS') && !$GLOBALS['perm']->get_studip_perm($this->getId(), $user_id)) {
$info['enrolment_allowed'] = true;
$info['cause'] = 'free_access';
$info['description'] = _("Für die Veranstaltung ist keine Anmeldung erforderlich.");
return $info;
}
if (!$user) {
$info['enrolment_allowed'] = false;
$info['cause'] = 'nobody';
$info['description'] = _("Sie sind nicht angemeldet.");
return $info;
}
if ($GLOBALS['perm']->have_perm('root', $user_id)) {
$info['enrolment_allowed'] = true;
$info['cause'] = 'root';
$info['description'] = _("Sie dürfen ALLES.");
return $info;
}
if ($GLOBALS['perm']->have_studip_perm('admin', $this->getId(), $user_id)) {
$info['enrolment_allowed'] = true;
$info['cause'] = 'courseadmin';
$info['description'] = _("Sie sind Administrator_in der Veranstaltung.");
return $info;
}
if ($GLOBALS['perm']->have_perm('admin', $user_id)) {
$info['enrolment_allowed'] = false;
$info['cause'] = 'admin';
$info['description'] = _("Als Administrator_in können Sie sich nicht für eine Veranstaltung anmelden.");
return $info;
}
//Ist bereits Teilnehmer
if ($GLOBALS['perm']->have_studip_perm('user', $this->getId(), $user_id)) {
$info['enrolment_allowed'] = true;
$info['cause'] = 'member';
$info['description'] = _("Sie sind für die Veranstaltung angemeldet.");
return $info;
}
$admission_status = $user->admission_applications->findBy('seminar_id', $this->getId())->val('status');
if ($admission_status == 'accepted') {
$info['enrolment_allowed'] = false;
$info['cause'] = 'accepted';
$info['description'] = _("Sie wurden für diese Veranstaltung vorläufig akzeptiert.");
return $info;
}
if ($admission_status == 'awaiting') {
$info['enrolment_allowed'] = false;
$info['cause'] = 'awaiting';
$info['description'] = _("Sie stehen auf der Warteliste für diese Veranstaltung.");
return $info;
}
if ($GLOBALS['perm']->get_perm($user_id) == 'user') {
$info['enrolment_allowed'] = false;
$info['cause'] = 'user';
$info['description'] = _("Sie haben nicht die erforderliche Berechtigung sich für eine Veranstaltung anzumelden.");
return $info;
}
//falsche Nutzerdomäne
$same_domain = true;
$user_domains = UserDomain::getUserDomainsForUser($user_id);
if (count($user_domains) > 0) {
$seminar_domains = UserDomain::getUserDomainsForSeminar($this->getId());
$same_domain = count(array_intersect($seminar_domains, $user_domains)) > 0;
}
if (!$same_domain && !$this->isStudygroup()) {
$info['enrolment_allowed'] = false;
$info['cause'] = 'domain';
$info['description'] = _("Sie sind nicht in einer zugelassenenen Nutzerdomäne, Sie können sich nicht eintragen!");
return $info;
}
//Teilnehmerverwaltung mit Sperregel belegt
if (LockRules::Check($this->getId(), 'participants')) {
$info['enrolment_allowed'] = false;
$info['cause'] = 'locked';
$lockdata = LockRules::getObjectRule($this->getId());
$info['description'] = _("In diese Veranstaltung können Sie sich nicht eintragen!") . ($lockdata['description'] ? '<br>' . formatLinks($lockdata['description']) : '');
return $info;
}
//Veranstaltung unsichtbar für aktuellen Nutzer
if (!$this->visible && !$this->isStudygroup() && !$GLOBALS['perm']->have_perm(get_config('SEM_VISIBILITY_PERM'), $user_id)) {
$info['enrolment_allowed'] = false;
$info['cause'] = 'invisible';
$info['description'] = _("Die Veranstaltung ist gesperrt, Sie können sich nicht eintragen!");
return $info;
}
if ($courseset = $this->getCourseSet()) {
$info['enrolment_allowed'] = true;
$info['cause'] = 'courseset';
$info['description'] = _("Die Anmeldung zu dieser Veranstaltung folgt speziellen Regeln. Lesen Sie den Hinweistext.");
$user_prio = AdmissionPriority::getPrioritiesByUser($courseset->getId(), $user_id);
if (isset($user_prio[$this->getId()])) {
$info['description'] .= ' ' . sprintf(_("(Sie stehen auf der Anmeldeliste für die automatische Platzverteilung mit der Priorität %s.)"), $user_prio[$this->getId()]);
}
return $info;
}
$info['enrolment_allowed'] = true;
$info['cause'] = 'normal';
$info['description'] = '';
return $info;
}
/**
* Initialize the subnavigation of this item. This method
* is called once before the first item is added or removed.
*/
public function initSubNavigation()
{
global $user, $perm;
parent::initSubNavigation();
$username = Request::username('username', $user->username);
$current_user = $username == $user->username ? $user : User::findByUsername($username);
// profile
$navigation = new Navigation(_('Profil'), 'dispatch.php/profile/index');
$this->addSubNavigation('index', $navigation);
if ($perm->have_profile_perm('user', $current_user->user_id)) {
// avatar
$navigation = new Navigation(_('Bild'), 'dispatch.php/settings/avatar');
$this->addSubNavigation('avatar', $navigation);
// profile data
$navigation = new Navigation(_('Nutzerdaten'));
$navigation->addSubNavigation('profile', new Navigation(_('Grunddaten'), 'dispatch.php/settings/account'));
if (($perm->get_profile_perm($current_user->user_id) == 'user' || $perm->have_perm('root') && Config::get()->ALLOW_ADMIN_USERACCESS) && !StudipAuthAbstract::CheckField('auth_user_md5.password', $current_user->auth_plugin) && !LockRules::check($current_user->user_id, 'password')) {
$navigation->addSubNavigation('password', new Navigation(_('Passwort ändern'), 'dispatch.php/settings/password'));
}
$navigation->addSubNavigation('details', new Navigation(_('Weitere Daten'), 'dispatch.php/settings/details'));
if (!in_array($current_user->perms, words('user admin root'))) {
$navigation->addSubNavigation('studies', new Navigation(_('Studiendaten'), 'dispatch.php/settings/studies'));
}
if ($current_user->perms != 'root') {
if (count(UserDomain::getUserDomains())) {
$navigation->addSubNavigation('userdomains', new Navigation(_('Nutzerdomänen'), 'dispatch.php/settings/userdomains'));
}
if ($perm->is_staff_member($current_user->user_id)) {
$navigation->addSubNavigation('statusgruppen', new Navigation(_('Einrichtungsdaten'), 'dispatch.php/settings/statusgruppen'));
}
}
$this->addSubNavigation('edit', $navigation);
if ($perm->have_perm('autor')) {
$navigation = new Navigation(_('Einstellungen'));
$navigation->addSubNavigation('general', new Navigation(_('Allgemeines'), 'dispatch.php/settings/general'));
$navigation->addSubNavigation('privacy', new Navigation(_('Privatsphäre'), 'dispatch.php/settings/privacy'));
$navigation->addSubNavigation('messaging', new Navigation(_('Nachrichten'), 'dispatch.php/settings/messaging'));
if (get_config('CALENDAR_ENABLE')) {
$navigation->addSubNavigation('calendar_new', new Navigation(_('Terminkalender'), 'dispatch.php/settings/calendar'));
}
if (!$perm->have_perm('admin') and get_config('MAIL_NOTIFICATION_ENABLE')) {
$navigation->addSubNavigation('notification', new Navigation(_('Benachrichtigung'), 'dispatch.php/settings/notification'));
}
if (isDefaultDeputyActivated() && $perm->get_perm() == 'dozent') {
$navigation->addSubNavigation('deputies', new Navigation(_('Standardvertretung'), 'dispatch.php/settings/deputies'));
}
if (Config::Get()->API_ENABLED) {
$navigation->addSubNavigation('api', new Navigation(_('API-Berechtigungen'), 'dispatch.php/api/authorizations'));
}
$this->addSubNavigation('settings', $navigation);
}
// user defined sections
$navigation = new Navigation(_('Kategorien'), 'dispatch.php/settings/categories');
$this->addSubNavigation('categories', $navigation);
}
// user documents page
if (Config::get()->PERSONALDOCUMENT_ENABLE && ($perm->have_profile_perm('user', $current_user->user_id) || Config::get()->PERSONALDOCUMENT_OPEN_ACCESS)) {
$title = _('Meine Dateien');
if (Config::get()->PERSONALDOCUMENT_OPEN_ACCESS && $current_user->id !== $user->id) {
$title = _('Dateibereich');
}
$navigation = new Navigation($title, 'dispatch.php/document/files');
$this->addSubNavigation('files', $navigation);
}
}
case "admin_visibility.php":
if ($perm->have_perm("admin") || (get_config('ALLOW_DOZENT_VISIBILITY') && $perm->have_perm('dozent'))) {
if(!LockRules::check($seminar_id, 'seminar_visibility')){
?>
<input type="hidden" name="all_sem[]" value="<? echo $seminar_id ?>">
<input type="CHECKBOX" name="visibility_sem[<? echo $seminar_id ?>]" <? if (!Request::get('select_none') && (Request::get('select_all') || $result['visible'])) echo ' checked'; ?>>
<?
} else {
echo $result['visible'] ? _("sichtbar") : _("versteckt");
}
}
break;
case "archiv_assi.php":
if ($perm->have_perm("admin") || (get_config('ALLOW_DOZENT_ARCHIV') && $perm->have_perm('dozent'))) {
if(!LockRules::check($seminar_id, 'seminar_visibility')){
?>
<input type="hidden" name="archiv_sem[]" value="_id_<? echo $seminar_id ?>">
<input type="CHECKBOX" name="archiv_sem[]" <? if (Request::get('select_all')) echo ' checked'; ?>>
<?
} else {
echo " ";
}
}
break;
case "dispatch.php":
if ($this instanceof Course_StudyAreasController){
echo _("Studienbereiche") . '<br>',
LinkButton::create(_("Bearbeiten"), $this->url_for('course/study_areas/show/' . $seminar_id));
} elseif ($this instanceof Course_BasicdataController){
echo _("Veranstaltung") . '<br>',
<? if ($role['role']->hasFolder()) :
echo Icon::create('files', 'clickable')->asImg();
endif; ?>
</td>
</tr>
<?
// if the current $role has followers, we need to display a straight line later
$new_followers = $followers;
$new_followers[$indent] = (sizeof($roles) > $pos);
// if we have opened an entry, we show edit fields
if ($open == $id) :
$partial = LockRules::Check($range_id, 'groups') ?
'statusgruppen/role_administration_locked.php' :
'statusgruppen/role_administration.php';
echo $this->render_partial($partial,
array('indent' => $indent, 'followers' => $new_followers,
'persons' => getPersonsForRole($id), 'role_id' => $id, 'editRole' => ($editRole == $id), 'role' => $role['role'],
'role_size' => sizeof($roles), 'role_pos' => $pos, 'has_child' => ($role['child']) ? true : false, 'all_roles' => $all_roles)
);
endif;
// if we have childs, we display them with the same template and some indention
if($role['child']) {
echo $this->render_partial('statusgruppen/roles.php',
array('indent' => $indent + 1, 'roles' => $role['child'], 'followers' => $new_followers, 'all_roles' => $all_roles));
}
/**
* Copy an existing course.
*/
public function copy_action($id)
{
if (!$GLOBALS['perm']->have_studip_perm('dozent', $id) || LockRules::Check($id, 'seminar_copy')) {
throw new AccessDeniedException(_("Sie dürfen diese Veranstaltung nicht kopieren"));
}
$course = Course::find($id);
$values = array();
for ($i = 0; $i < sizeof($this->steps); $i++) {
$step = $this->getStep($i);
$values = $step->copy($course, $values);
}
$values['source_id'] = $course->id;
$this->initialize();
$_SESSION['coursewizard'][$this->temp_id] = $values;
$this->redirect($this->url_for('course/wizard/step/0/' . $this->temp_id, array('cid' => '')));
}
<?php
echo Icon::create('info', 'info')->asImg();
?>
</td>
<td width="99%" align="left">
<a href="<?php
echo $help_url = format_help_url("Basis.EinrichtungenVerwaltenGruppen");
?>
" target="_blank">
<?php
echo _("Bedienungshinweise in der Hilfe");
?>
</a>
</td>
</tr>
<? if (!LockRules::Check($range_id, 'groups')) :?>
<tr>
<td align="center" width="1%" valign="top">
<?php
echo Icon::create('community+add', 'info')->asImg();
?>
</td>
<td width="99%" align="left">
<a href="<?php
echo URLHelper::getLink('?cmd=newRole&range_id=' . $range_id);
?>
"><?php
echo _("neue Gruppe anlegen");
?>
</a>
">
<? endif ?>
<?php
echo htmlReady($entry->getName());
?>
<? if ($entry->isEditable() && !LockRules::check($user->user_id, $entry->getId()) && $entry->numberOfHTMLFields() == 1) : ?>
</label>
<? endif ?>
<? if (!$entry->isVisible($user->perms)): ?>
<?php
echo tooltipIcon(_('Systemfeld (für die Person selbst nicht sichtbar)'), true);
?>
<? endif; ?>
</td>
<td colspan="2">
<? if ($entry->isEditable() && !LockRules::check($user->user_id, $entry->getId())): ?>
<?php
echo $entry->getHTML('datafields');
?>
<? else: ?>
<?php
echo formatReady($entry->getDisplayValue(false));
?>
<br>
<hr style="background: #888; border: 0; color: #888; height: 1px; ">
<?php
echo _('(Das Feld ist für die Bearbeitung gesperrt und kann ' . 'nur durch einen Administrator verändert werden.)');
?>
<? endif; ?>
</td>
</tr>