function WSDeleteUserFromGroup($params)
{
if (!WSHelperVerifyKey($params['secret_key'])) {
return return_error(WS_ERROR_SECRET_KEY);
}
$userGroup = new UserGroup();
return $userGroup->delete_user_rel_group($params['user_id'], $params['group_id']);
}
/**
* Delete a user from the platform, and all its belongings. This is a
* very dangerous function that should only be accessible by
* super-admins. Other roles should only be able to disable a user,
* which removes access to the platform but doesn't delete anything.
* @param int The ID of th user to be deleted
* @return boolean true if user is successfully deleted, false otherwise
* @assert (null) === false
* @assert ('abc') === false
*/
public static function delete_user($user_id)
{
if ($user_id != strval(intval($user_id))) {
return false;
}
if ($user_id === false) {
return false;
}
if (!self::can_delete_user($user_id)) {
return false;
}
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$usergroup_rel_user = Database::get_main_table(TABLE_USERGROUP_REL_USER);
$table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$table_course = Database::get_main_table(TABLE_MAIN_COURSE);
$table_session = Database::get_main_table(TABLE_MAIN_SESSION);
$table_admin = Database::get_main_table(TABLE_MAIN_ADMIN);
$table_session_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
$table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$table_group = Database::get_course_table(TABLE_GROUP_USER);
$table_work = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
// Unsubscribe the user from all groups in all his courses
$sql = "SELECT c.id FROM {$table_course} c, {$table_course_user} cu\n WHERE\n cu.user_id = '" . $user_id . "' AND\n relation_type<>" . COURSE_RELATION_TYPE_RRHH . " AND\n c.id = cu.c_id";
$res = Database::query($sql);
while ($course = Database::fetch_object($res)) {
$sql = "DELETE FROM {$table_group}\n WHERE c_id = {$course->id} AND user_id = {$user_id}";
Database::query($sql);
}
// Unsubscribe user from all classes
//Classes are not longer supported
/* $sql = "DELETE FROM $table_class_user WHERE user_id = '".$user_id."'";
Database::query($sql); */
// Unsubscribe user from usergroup_rel_user
$sql = "DELETE FROM {$usergroup_rel_user} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// Unsubscribe user from all courses
$sql = "DELETE FROM {$table_course_user} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// Unsubscribe user from all courses in sessions
$sql = "DELETE FROM {$table_session_course_user} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// If the user was added as a id_coach then set the current admin as coach see BT#
$currentUserId = api_get_user_id();
$sql = "UPDATE {$table_session} SET id_coach = {$currentUserId} WHERE id_coach = '" . $user_id . "'";
Database::query($sql);
$sql = "UPDATE {$table_session} SET id_coach = {$currentUserId} WHERE session_admin_id = '" . $user_id . "'";
Database::query($sql);
// Unsubscribe user from all sessions
$sql = "DELETE FROM {$table_session_user} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// Delete user picture
/* TODO: Logic about api_get_setting('split_users_upload_directory') == 'true'
a user has 4 different sized photos to be deleted. */
$user_info = api_get_user_info($user_id);
if (strlen($user_info['picture_uri']) > 0) {
$path = self::getUserPathById($user_id, 'system');
$img_path = $path . $user_info['picture_uri'];
if (file_exists($img_path)) {
unlink($img_path);
}
}
// Delete the personal course categories
$course_cat_table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
$sql = "DELETE FROM {$course_cat_table} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// Delete user from database
$sql = "DELETE FROM {$table_user} WHERE id = '" . $user_id . "'";
Database::query($sql);
// Delete user from the admin table
$sql = "DELETE FROM {$table_admin} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// Delete the personal agenda-items from this user
$agenda_table = Database::get_main_table(TABLE_PERSONAL_AGENDA);
$sql = "DELETE FROM {$agenda_table} WHERE user = '******'";
Database::query($sql);
$gradebook_results_table = Database::get_main_table(TABLE_MAIN_GRADEBOOK_RESULT);
$sql = 'DELETE FROM ' . $gradebook_results_table . ' WHERE user_id = ' . $user_id;
Database::query($sql);
$extraFieldValue = new ExtraFieldValue('user');
$extraFieldValue->deleteValuesByItem($user_id);
if (api_get_multiple_access_url()) {
$url_id = api_get_current_access_url_id();
UrlManager::delete_url_rel_user($user_id, $url_id);
} else {
//we delete the user from the url_id =1
UrlManager::delete_url_rel_user($user_id, 1);
}
if (api_get_setting('allow_social_tool') == 'true') {
$userGroup = new UserGroup();
//Delete user from portal groups
$group_list = $userGroup->get_groups_by_user($user_id);
if (!empty($group_list)) {
foreach ($group_list as $group_id => $data) {
$userGroup->delete_user_rel_group($user_id, $group_id);
}
}
// Delete user from friend lists
SocialManager::remove_user_rel_user($user_id, true);
}
// Removing survey invitation
SurveyManager::delete_all_survey_invitations_by_user($user_id);
// Delete students works
$sql = "DELETE FROM {$table_work} WHERE user_id = {$user_id} AND c_id <> 0";
Database::query($sql);
// Add event to system log
$user_id_manager = api_get_user_id();
Event::addEvent(LOG_USER_DELETE, LOG_USER_ID, $user_id, api_get_utc_datetime(), $user_id_manager);
Event::addEvent(LOG_USER_DELETE, LOG_USER_OBJECT, $user_info, api_get_utc_datetime(), $user_id_manager);
return true;
}
//if i'm a moderator
if (isset($_GET['action']) && $_GET['action'] == 'add') {
// we add a user only if is a open group
$user_join = intval($_GET['u']);
//if i'm a moderator
if ($usergroup->is_group_moderator($group_id)) {
$usergroup->update_user_role($user_join, $group_id);
$show_message = get_lang('UserAdded');
}
}
if (isset($_GET['action']) && $_GET['action'] == 'delete') {
// we add a user only if is a open group
$user_join = intval($_GET['u']);
//if i'm a moderator
if ($usergroup->is_group_moderator($group_id)) {
$usergroup->delete_user_rel_group($user_join, $group_id);
$show_message = Display::return_message(get_lang('UserDeleted'));
}
}
if (isset($_GET['action']) && $_GET['action'] == 'set_moderator') {
// we add a user only if is a open group
$user_moderator = intval($_GET['u']);
//if i'm the admin
if ($usergroup->is_group_admin($group_id)) {
$usergroup->update_user_role($user_moderator, $group_id, GROUP_USER_PERMISSION_MODERATOR);
$show_message = Display::return_message(get_lang('UserChangeToModerator'));
}
}
if (isset($_GET['action']) && $_GET['action'] == 'delete_moderator') {
// we add a user only if is a open group
$user_moderator = intval($_GET['u']);
foreach ($_GET as $key => $value) {
switch ($key) {
case 'accept':
$user_role = $usergroup->get_user_group_role(api_get_user_id(), $value);
if (in_array($user_role, array(GROUP_USER_PERMISSION_PENDING_INVITATION_SENT_BY_USER, GROUP_USER_PERMISSION_PENDING_INVITATION))) {
$usergroup->update_user_role(api_get_user_id(), $value, GROUP_USER_PERMISSION_READER);
$show_message = Display::return_message(get_lang('UserIsSubscribedToThisGroup'), 'success');
} elseif (in_array($user_role, array(GROUP_USER_PERMISSION_READER, GROUP_USER_PERMISSION_ADMIN, GROUP_USER_PERMISSION_MODERATOR))) {
$show_message = Display::return_message(get_lang('UserIsAlreadySubscribedToThisGroup'), 'warning');
} else {
$show_message = Display::return_message(get_lang('UserIsNotSubscribedToThisGroup'), 'warning');
}
break 2;
case 'deny':
// delete invitation
$usergroup->delete_user_rel_group(api_get_user_id(), $value);
$show_message = Display::return_message(get_lang('GroupInvitationWasDeny'));
break 2;
}
}
}
$social_left_content = SocialManager::show_social_menu('invitations');
$social_right_content = '<div id="id_response" align="center"></div>';
$user_id = api_get_user_id();
$list_get_invitation = SocialManager::get_list_invitation_of_friends_by_user_id($user_id);
$list_get_invitation_sent = SocialManager::get_list_invitation_sent_by_user_id($user_id);
$pending_invitations = $usergroup->get_groups_by_user($user_id, GROUP_USER_PERMISSION_PENDING_INVITATION);
$number_loop = count($list_get_invitation);
$total_invitations = $number_loop + count($list_get_invitation_sent) + count($pending_invitations);
if ($total_invitations == 0 && count($_GET) <= 0) {
$social_right_content .= '<div class="span8"><a class="btn" href="search.php">' . get_lang('TryAndFindSomeFriends') . '</a></div>';
//$interbreadcrumb[]= array ('url' =>'#','name' => get_lang('Group'));
}
}
// getting group information
$group_id = isset($_GET['id']) ? intval($_GET['id']) : null;
$relation_group_title = '';
$role = 0;
$usergroup = new UserGroup();
if ($group_id != 0) {
$group_info = $usergroup->get($group_id);
$interbreadcrumb[] = array('url' => '#', 'name' => $group_info['name']);
if (isset($_GET['action']) && $_GET['action'] == 'leave') {
$user_leaved = intval($_GET['u']);
//I can "leave me myself"
if (api_get_user_id() == $user_leaved) {
$usergroup->delete_user_rel_group($user_leaved, $group_id);
Display::addFlash(Display::return_message(get_lang('UserIsNotSubscribedToThisGroup'), 'confirmation', false));
}
}
// add a user to a group if its open
if (isset($_GET['action']) && $_GET['action'] == 'join') {
// we add a user only if is a open group
$user_join = intval($_GET['u']);
if (api_get_user_id() == $user_join && !empty($group_id)) {
if ($group_info['visibility'] == GROUP_PERMISSION_OPEN) {
$usergroup->add_user_to_group($user_join, $group_id);
Display::addFlash(Display::return_message(get_lang('UserIsSubscribedToThisGroup'), 'confirmation', false));
} else {
$usergroup->add_user_to_group($user_join, $group_id, GROUP_USER_PERMISSION_PENDING_INVITATION_SENT_BY_USER);
Display::addFlash(Display::return_message(get_lang('InvitationSent'), 'confirmation', false));
}
/**
* Delete a user from the platform, and all its belongings. This is a
* very dangerous function that should only be accessible by
* super-admins. Other roles should only be able to disable a user,
* which removes access to the platform but doesn't delete anything.
* @param int The ID of th user to be deleted
* @return boolean true if user is succesfully deleted, false otherwise
* @assert (null) === false
* @assert ('abc') === false
*/
public static function delete_user($user_id)
{
if ($user_id != strval(intval($user_id))) {
return false;
}
if ($user_id === false) {
return false;
}
if (!self::can_delete_user($user_id)) {
return false;
}
$user_info = api_get_user_info($user_id);
$table_user = Database::get_main_table(TABLE_MAIN_USER);
$usergroup_rel_user = Database::get_main_table(TABLE_USERGROUP_REL_USER);
$table_course_user = Database::get_main_table(TABLE_MAIN_COURSE_USER);
$table_course = Database::get_main_table(TABLE_MAIN_COURSE);
$table_admin = Database::get_main_table(TABLE_MAIN_ADMIN);
$table_session_user = Database::get_main_table(TABLE_MAIN_SESSION_USER);
$table_session_course_user = Database::get_main_table(TABLE_MAIN_SESSION_COURSE_USER);
$table_group = Database::get_course_table(TABLE_GROUP_USER);
$table_work = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
// Unsubscribe the user from all groups in all his courses
$sql = "SELECT c.id FROM {$table_course} c, {$table_course_user} cu\n WHERE cu.user_id = '" . $user_id . "' AND relation_type<>" . COURSE_RELATION_TYPE_RRHH . " AND c.id = cu.c_id";
$res = Database::query($sql);
while ($course = Database::fetch_object($res)) {
$sql = "DELETE FROM {$table_group} WHERE c_id = {$course->id} AND user_id = {$user_id}";
Database::query($sql);
}
// Unsubscribe user from all classes
//Classes are not longer supported
/*$sql = "DELETE FROM $table_class_user WHERE user_id = '".$user_id."'";
Database::query($sql);*/
// Unsubscribe user from usergroup_rel_user
$sql = "DELETE FROM {$usergroup_rel_user} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// Unsubscribe user from all courses
$sql = "DELETE FROM {$table_course_user} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// Unsubscribe user from all courses in sessions
$sql = "DELETE FROM {$table_session_course_user} WHERE id_user = '******'";
Database::query($sql);
// Unsubscribe user from all sessions
$sql = "DELETE FROM {$table_session_user} WHERE id_user = '******'";
Database::query($sql);
// Delete user picture
// TODO: Logic about api_get_setting('split_users_upload_directory') === 'true' , a user has 4 differnt sized photos to be deleted.
if (strlen($user_info['picture_uri']) > 0) {
$img_path = api_get_path(SYS_DATA_PATH) . 'upload/users/' . $user_id . '/' . $user_info['picture_uri'];
if (file_exists($img_path)) {
unlink($img_path);
}
}
// Delete the personal course categories
$course_cat_table = Database::get_main_table(TABLE_USER_COURSE_CATEGORY);
$sql = "DELETE FROM {$course_cat_table} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// Delete user from database
$sql = "DELETE FROM {$table_user} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// Delete user from the admin table
$sql = "DELETE FROM {$table_admin} WHERE user_id = '" . $user_id . "'";
Database::query($sql);
// Delete the personal agenda-items from this user
$agenda_table = Database::get_main_table(TABLE_PERSONAL_AGENDA);
$sql = "DELETE FROM {$agenda_table} WHERE user = '******'";
Database::query($sql);
$gradebook_results_table = Database::get_main_table(TABLE_MAIN_GRADEBOOK_RESULT);
$sql = 'DELETE FROM ' . $gradebook_results_table . ' WHERE user_id = ' . $user_id;
Database::query($sql);
$t_ufv = Database::get_main_table(TABLE_MAIN_USER_FIELD_VALUES);
$sqlv = "DELETE FROM {$t_ufv} WHERE user_id = {$user_id}";
Database::query($sqlv);
if (api_get_multiple_access_url()) {
$url_id = api_get_current_access_url_id();
UrlManager::delete_url_rel_user($user_id, $url_id);
} else {
//we delete the user from the url_id =1
UrlManager::delete_url_rel_user($user_id, 1);
}
if (api_get_setting('allow_social_tool') == 'true') {
$usergroup = new UserGroup();
//Delete user from portal groups
$group_list = $usergroup->get_groups_by_user($user_id);
if (!empty($group_list)) {
foreach ($group_list as $group_id => $data) {
$usergroup->delete_user_rel_group($user_id, $group_id);
}
}
// Delete user from friend lists
SocialManager::remove_user_rel_user($user_id, true);
}
survey_manager::delete_all_survey_invitations_by_user($user_id);
// Delete students works
$sqlw = "DELETE FROM {$table_work} WHERE user_id = {$user_id} AND c_id <> 0";
Database::query($sqlw);
unset($sqlw);
// Add event to system log
$user_id_manager = api_get_user_id();
event_system(LOG_USER_DELETE, LOG_USER_ID, $user_id, api_get_utc_datetime(), $user_id_manager, null, $user_info);
event_system(LOG_USER_DELETE, LOG_USER_OBJECT, implode(';', $user_info), api_get_utc_datetime(), $user_id_manager, null, $user_info);
return true;
}
