public function add_member_action() { CSRFProtection::verifyRequest(); $mp = MultiPersonSearch::load('settings_add_deputy'); $msg = array('error' => array(), 'success' => array()); foreach ($mp->getAddedUsers() as $_user_id) { if (isDeputy($_user_id, $this->user->user_id)) { $msg['error'][] = sprintf(_('%s ist bereits als Vertretung eingetragen.'), get_fullname($_user_id, 'full')); } else { if ($_user_id == $this->user->user_id) { $msg['error'][] = _('Sie können sich nicht als Ihre eigene Vertretung eintragen!'); } else { if (!addDeputy($_user_id, $this->user->user_id)) { $msg['error'][] = _('Fehler beim Eintragen der Vertretung!'); } else { $msg['success'][] = sprintf(_('%s wurde als Vertretung eingetragen.'), get_fullname($_user_id, 'full')); } } } } // only show an error messagebox once. if (!empty($msg['error'])) { PageLayout::postMessage(MessageBox::error(_('Die gewünschte Operation konnte nicht ausgeführt werden.'), $msg['error'])); } if (!empty($msg['success'])) { PageLayout::postMessage(MessageBox::success(_('Die gewünschten Personen wurden als Ihre Vertretung eingetragen!'), $msg['success'])); } $this->redirect('settings/deputies/index'); }
/** * Checks whether an element of a user homepage is visible for another user. * We do not give an element name and look up its visibility setting in the * database, because that would generate many database requests for a single * user homepage. Instead, the homepage itself loads all element visibilities * and we only need to check if the given element visibility allows showing it * to the visiting user. We need not check for not hideable fields here, * because that is already done when loading the element visibilities. * * @param string $user_id ID of the user who wants to see the element * @param string $owner_id ID of the homepage owner * @param int $element_visibility visibility level of the element, one of * the constants VISIBILITY_ME, VISIBILITY_BUDDIES, VISIBILITY_DOMAIN, * VISIBILITY_STUDIP, VISIBILITY_EXTERN * @return boolean Is the element visible? */ function is_element_visible_for_user($user_id, $owner_id, $element_visibility) { $is_visible = false; if ($user_id == $owner_id) { $is_visible = true; // Deputies with homepage editing rights see the same as the owner } else if (get_config('DEPUTIES_ENABLE') && get_config('DEPUTIES_DEFAULTENTRY_ENABLE') && get_config('DEPUTIES_EDIT_ABOUT_ENABLE') && isDeputy($user_id, $owner_id, true)) { $is_visible = true; } else { // No element visibility given (user has not configured this element yet) // Set default visibility as element visibility if (!$element_visibility) { $element_visibility = get_default_homepage_visibility($owner_id); } // Check if the given element is visible according to its visibility. switch ($element_visibility) { case VISIBILITY_EXTERN: $is_visible = true; break; case VISIBILITY_STUDIP: if ($user_id != "nobody") { $is_visible = true; } break; case VISIBILITY_DOMAIN: $user_domains = UserDomain::getUserDomainsForUser($user_id); $owner_domains = UserDomain::getUserDomainsForUser($owner_id); if ((count($user_domains) === 0 && count($owner_domains) === 0) || array_intersect($user_domains, $owner_domains)) { $is_visible = true; } break; case VISIBILITY_BUDDIES: if (Contact::CountBySQL("user_id=? AND owner_id=?", array($user_id, $owner_id))) { $is_visible = true; } break; case VISIBILITY_ME: if ($owner_id == $user_id) { $is_visible = true; } break; } } return $is_visible; }
private function addTeacher($dozent, $course_id) { $deputies_enabled = get_config('DEPUTIES_ENABLE'); $sem = Seminar::GetInstance($course_id); if ($GLOBALS['perm']->have_studip_perm('dozent', $course_id)) { if ($sem->addMember($dozent, "dozent")) { // Only applicable when globally enabled and user deputies enabled too if ($deputies_enabled) { // Check whether chosen person is set as deputy // -> delete deputy entry. if (isDeputy($dozent, $course_id)) { deleteDeputy($dozent, $course_id); } // Add default deputies of the chosen lecturer... if (get_config('DEPUTIES_DEFAULTENTRY_ENABLE')) { $deputies = getDeputies($dozent); $lecturers = $sem->getMembers('dozent'); foreach ($deputies as $deputy) { // ..but only if not already set as lecturer or deputy. if (!isset($lecturers[$deputy['user_id']]) && !isDeputy($deputy['user_id'], $course_id)) { addDeputy($deputy['user_id'], $course_id); } } } } return MessageBox::success(sprintf(_('%s wurde hinzugefügt.'), get_title_for_status('dozent', 1))); } } return false; }
/** * @param $range_id * @param $user_id * @return bool|string */ function get_uncached_profile_perm($range_id, $user_id) { $status = false; if ($range_id == $user_id && $this->have_perm('autor', $user_id)) { // user on his own profile $status = 'user'; } else { if (isDeputyEditAboutActivated() && isDeputy($user_id, $range_id, true)) { // user is an assigned deputy $status = 'user'; } else { if ($this->have_perm('root', $user_id)) { // respect root's authority $status = 'admin'; } else { if ($this->have_perm('admin', $user_id)) { // institute admin may have permission $db = DBManager::get(); $stmt = $db->prepare("SELECT a.inst_perms FROM user_inst AS a " . "LEFT JOIN user_inst AS b USING (Institut_id) " . "WHERE a.user_id = ? AND a.inst_perms = 'admin' " . " AND b.user_id = ? AND b.inst_perms IN ('autor', 'tutor', 'dozent')"); $stmt->execute(array($user_id, $range_id)); if ($stmt->fetchColumn()) { $status = 'admin'; } else { if ($this->is_fak_admin($user_id)) { $stmt = $db->prepare("SELECT a.inst_perms FROM user_inst a " . "LEFT JOIN Institute i ON a.Institut_id = i.fakultaets_id " . "LEFT JOIN user_inst b ON b.Institut_id = i.Institut_id " . "WHERE a.user_id = ? AND a.inst_perms = 'admin' " . " AND b.user_id = ? AND b.inst_perms != 'user'"); $stmt->execute(array($user_id, $range_id)); if ($stmt->fetchColumn()) { $status = 'admin'; } } } } } } } return $status; }
function callSafeguard($evalAction, $evalID = "", $showrangeID = NULL, $search = NULL, $referer = NULL) { global $perm, $auth, $user; if (!($evalAction || $evalAction == "search")) { return " "; } if (!$perm->have_studip_perm("tutor", $showrangeID) && $user->id != $showrangeID && !(isDeputyEditAboutActivated() && isDeputy($user->id, $showrangeID, true))) { return $this->createSafeguard("ausruf", sprintf(_("Sie haben keinen Zugriff auf diesen Bereich."))); } $evalDB = new EvaluationDB(); $evalChanged = NULL; $safeguard = " "; /* Actions without any permissions ---------------------------------- */ switch ($evalAction) { case "search_template": $search = trim($search); $templates = $evalDB->getPublicTemplateIDs($search); if (strlen($search) < EVAL_MIN_SEARCHLEN) { $report = EvalCommon::createReportMessage(sprintf(_("Bitte einen Suchbegriff mit mindestens %d Buchstaben eingeben."), EVAL_MIN_SEARCHLEN), EVAL_PIC_ERROR, EVAL_CSS_ERROR); } elseif (count($templates) == 0) { $report = EvalCommon::createReportMessage(_("Es wurden keine passenden öffentlichen Evaluationsvorlagen gefunden."), EVAL_PIC_ERROR, EVAL_CSS_ERROR); } else { $report = EvalCommon::createReportMessage(sprintf(_("Es wurde(n) %d passende öffentliche Evaluationsvorlagen gefunden."), count($templates)), EVAL_PIC_SUCCESS, EVAL_CSS_SUCCESS); } $safeguard .= $report->createContent(); return $safeguard; case "export_request": /* Check permissions ------------------------------------------- */ $haveNoPerm = YES; $eval = new Evaluation($evalID, NULL, EVAL_LOAD_NO_CHILDREN); $haveNoPerm = EvaluationObjectDB::getEvalUserRangesWithNoPermission($eval); if ($haveNoPerm == YES) { $report = EvalCommon::createReportMessage(_("Sie haben nicht die Berechtigung diese Evaluation zu exportieren."), EVAL_PIC_ERROR, EVAL_CSS_ERROR); return $report->createContent(); } /* -------------------------------------- end: check permissions */ /* Export evaluation ------------------------------------------- */ $exportManager = new EvaluationExportManagerCSV($evalID); $exportManager->export(); /* -------------------------------------- end: export evaluation */ /* Create link ------------------------------------------------- */ $link = new HTML("a"); $link->addAttr('href', GetDownloadLink($exportManager->getTempFilename(), $exportManager->getFilename(), 2)); $link->addHTMLContent(GetFileIcon('csv')->asImg()); $link->addContent(_("auf diese Verknüpfung")); /* -------------------------------------------- end: create link */ /* Create report ----------------------------------------------- */ if ($exportManager->isError()) { $report = EvalCommon::createErrorReport($exportManager, _("Fehler beim Exportieren")); } else { $report = EvalCommon::createReportMessage(_("Die Daten wurden erfolgreich exportiert. Sie können die Ausgabedatei jetzt herunterladen."), EVAL_PIC_SUCCESS, EVAL_CSS_SUCCESS); $report = $report->createContent(); $report .= sprintf(_("Bitte klicken Sie %s um die Datei herunter zu laden.") . "<br><br>", $link->createContent()); } $safeguard .= $report; /* ------------------------------------------ end: create report */ return $safeguard; } /* ----------------------------------- end: actions without permissions */ $eval = new Evaluation($evalID, NULL, EVAL_LOAD_NO_CHILDREN); $evalName = htmlready($eval->getTitle()); /* Check for errors while loading ------------------------------------- */ if ($eval->isError()) { EvalCommon::createErrorReport($eval); return $this->createSafeguard("", EvalCommon::createErrorReport($eval)); } /* -------------------------------------- end: errorcheck while loading */ /* Check for permissions in all ranges of the evaluation -------------- */ if (!$eval->isTemplate() && $user->id != $eval->getAuthorID()) { $no_permisson = EvaluationObjectDB::getEvalUserRangesWithNoPermission($eval); if ($no_permisson > 0) { if ($no_permisson == 1) { $no_permission_msg .= sprintf(_("Die Evaluation <b>%s</b> ist einem Bereich zugeordnet, für den Sie keine Veränderungsrechte besitzen."), $evalName); } else { $no_permission_msg .= sprintf(_("Die Evaluation <b>%s</b> ist %s Bereichen zugeordnet, für die Sie keine Veränderungsrechte besitzen."), $evalName, $no_permisson); } if ($evalAction != "save") { $no_permission_msg .= " " . _("Der Besitzer wurde durch eine systeminterne Nachricht informiert."); $sms = new messaging(); $sms->insert_message(sprintf(_("Benutzer **%s** hat versucht eine unzulässige Änderung an Ihrer Evaluation **%s** vorzunehmen."), get_username($auth->auth["uid"]), $eval->getTitle()), get_username($eval->getAuthorID()), "____%system%____", FALSE, FALSE, "1", FALSE, _("Versuchte Änderung an Ihrer Evaluation")); } } } else { if ($eval->isTemplate() && $user->id != $eval->getAuthorID() && $evalAction != "copy_public_template" && $evalAction != "search_showrange") { $sms = new messaging(); $sms->insert_message(sprintf(_("Benutzer **%s** hat versucht eine unzulässige Änderung an Ihrem Template **%s** vorzunehmen."), get_username($auth->auth["uid"]), $eval->getTitle()), get_username($eval->getAuthorID()), "____%system%____", FALSE, FALSE, "1", FALSE, _("Versuchte Änderung an Ihrem Template")); return $this->createSafeguard("ausruf", sprintf(_("Sie besitzen keine Rechte für das Tempate <b>%s</b>. Der Besitzer wurde durch eine systeminterne Nachricht informiert."), $evalName)); } } /* ----------------------------------------- end: check for permissions */ switch ($evalAction) { case "share_template": if ($eval->isShared()) { $eval->setShared(NO); $eval->save(); if ($eval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval)); return $safeguard; } $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluationsvorlage <b>%s</b> kann jetzt nicht mehr von anderen Benutzern gefunden werden."), $evalName)); } else { $eval->setShared(YES); $eval->save(); if ($eval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval)); return $safeguard; } $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluationsvorlage <b>%s</b> kann jetzt von anderen Benutzern gefunden werden."), $evalName)); } break; case "copy_public_template": $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN); $newEval = $eval->duplicate(); $newEval->setAuthorID($auth->auth["uid"]); $newEval->setShared(NO); $newEval->setStartdate(NULL); $newEval->setStopdate(NULL); $newEval->setTimespan(NULL); $newEval->removeRangeIDs(); $newEval->save(); if ($newEval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($newEval)); return $safeguard; } $safeguard .= $this->createSafeguard("ok", sprintf(_("Die öffentliche Evaluationsvorlage <b>%s</b> wurde zu den eigenen Evaluationsvorlagen kopiert."), $evalName)); break; case "start": if ($no_permission_msg) { return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht gestartet.")); } $eval->setStartdate(time() - 500); $eval->save(); if ($eval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval)); return $safeguard; } $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde gestartet."), $evalName)); $evalChanged = YES; break; case "stop": if ($no_permission_msg) { return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht beendet.")); } $eval->setStopdate(time()); $eval->save(); if ($eval->isError()) { EvalCommon::createErrorReport($eval); $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval)); return $safeguard; } $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde beendet."), $evalName)); $evalChanged = YES; break; case "continue": if ($no_permission_msg) { return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht fortgesetzt.")); } $eval->setStopdate(NULL); $eval->setStartdate(time() - 500); $eval->save(); if ($eval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval)); return $safeguard; } $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde fortgesetzt."), $evalName)); $evalChanged = YES; break; case "restart_request": if ($no_permission_msg) { return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht zurücksetzen.")); } $safeguard .= $this->createSafeguard("ausruf", sprintf(_("Die Evaluation <b>%s</b> wirklich zurücksetzen? Dabei werden alle bisher abgegebenen Antworten gelöscht!"), $evalName), "restart_request", $evalID, $showrangeID, $referer); break; case "restart_confirmed": if ($no_permission_msg) { return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht zurücksetzen.")); } $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN); $eval->resetAnswers(); $evalDB->removeUser($eval->getObjectID()); $eval->setStartdate(NULL); $eval->setStopdate(NULL); $eval->save(); if ($eval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval)); return $safeguard; } $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde zurückgesetzt."), $evalName)); $evalChanged = YES; break; case "restart_aborted": $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde nicht zurückgesetzt."), $evalName), "", "", "", $referer); break; case "copy_own_template": $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN); $newEval = $eval->duplicate(); $newEval->setShared(NO); $newEval->save(); if ($newEval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($newEval)); return $safeguard; } $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluationsvorlage <b>%s</b> wurde kopiert."), $evalName)); break; case "delete_request": if ($no_permission_msg) { return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht gelöscht.")); } $text = $eval->isTemplate() ? sprintf(_("Die Evaluationsvorlage <b>%s </b>wirklich löschen?"), $evalName) : sprintf(_("Die Evaluation <b>%s </b>wirklich löschen?"), $evalName); $safeguard .= $this->createSafeguard("ausruf", $text, "delete_request", $evalID, $showrangeID, $referer); break; case "delete_confirmed": if ($no_permission_msg) { return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht gelöscht.")); } $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN); $eval->delete(); if ($eval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval)); return $safeguard; } $text = $eval->isTemplate() ? _("Die Evaluationsvorlage <b>%s</b> wurde gelöscht.") : _("Die Evaluation <b>%s</b> wurde gelöscht."); $safeguard .= $this->createSafeguard("ok", sprintf($text, $evalName), "", "", "", $referer); $evalChanged = YES; break; case "delete_aborted": $text = $eval->isTemplate() ? _("Die Evaluationsvorlage <b>%s</b> wurde nicht gelöscht.") : _("Die Evaluation <b>%s</b> wurde nicht gelöscht."); $safeguard .= $this->createSafeguard("ok", sprintf($text, $evalName), "", "", "", $referer); break; case "unlink_delete_aborted": $text = _("Die Evaluation <b>%s</b> wurde nicht verändert."); $safeguard .= $this->createSafeguard("ok", sprintf($text, $evalName), "", "", "", $referer); break; case "unlink_and_move": if ($no_permission_msg) { return $this->createSafeguard("ausruf", $no_permission_msg . "<br>" . _("Die Evaluation wurde nicht ausgehängt und zu den eigenen Evaluationsvorlagen verschoben.")); } $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN); $eval->removeRangeIDs(); $eval->setAuthorID($auth->auth["uid"]); $eval->resetAnswers(); $evalDB->removeUser($eval->getObjectID()); $eval->setStartdate(NULL); $eval->setStopdate(NULL); $eval->save(); if ($eval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval)); return $safeguard; } $text = _("Die Evaluation <b>%s</b> wurde aus allen Bereichen ausgehängt und zu den eigenen Evaluationsvorlagen verschoben."); $safeguard .= $this->createSafeguard("ok", sprintf($text, $evalName), "", "", "", $referer); break; case "created": $safeguard .= $this->createSafeguard("ok", sprintf(_("Die Evaluation <b>%s</b> wurde angelegt."), $evalName)); break; case "save2": case "save": $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN); $update_message = sprintf(_("Die Evaluation <b>%s</b> wurde mit den Veränderungen gespeichert."), $evalName); /* Timesettings ---------------------------------------------------- */ if (Request::option("startMode")) { switch (Request::option("startMode")) { case "manual": $startDate = NULL; break; case "timeBased": $startDate = EvalCommon::date2timestamp(Request::int("startDay"), Request::int("startMonth"), Request::int("startYear"), Request::int("startHour"), Request::int("startMinute")); break; case "immediate": $startDate = time() - 1; break; } if ($no_permission_msg && $eval->getStartdate != $startDate) { $time_msg = $no_permission_msg . "<br>" . _("Die Einstellungen zur Startzeit wurden nicht verändert."); } } if (Request::option("stopMode")) { switch (Request::option("stopMode")) { case "manual": $stopDate = NULL; $timeSpan = NULL; break; case "timeBased": $stopDate = EvalCommon::date2timestamp(Request::int("stopDay"), Request::int("stopMonth"), Request::int("stopYear"), Request::int("stopHour"), Request::int("stopMinute")); $timeSpan = NULL; break; case "timeSpanBased": $stopDate = NULL; $timeSpan = Request::get("timeSpan"); break; } if ($no_permission_msg && ($eval->getStopdate != $stopDate && $eval->getTimespan != $timeSpan)) { $time_msg = $time_msg ? $time_msg . "<br>" : $no_permission_msg; $time_msg .= _("Die Einstellungen zur Endzeit wurden nicht verändert."); } } /* ----------------------------------------------- end: timesettings */ /* link eval to ranges --------------------------------------------- */ $link_range_Array = Request::optionArray("link_range"); if ($link_range_Array) { $isTemplate = $eval->isTemplate(); if ($isTemplate) { $newEval = $eval->duplicate(); if ($newEval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($newEval)); return $safeguard; } $update_message = sprintf(_("Die Evaluationsvorlage <b>%s</b> wurde als Evaluation angelegt."), $evalName); $newEval->setStartdate($startDate); $newEval->setStopdate($stopDate); $newEval->setTimespan($timeSpan); $newEval->setShared(NO); } else { $newEval =& $eval; } $counter_linked = 0; foreach ($link_range_Array as $link_rangeID => $v) { if ($userid = get_userid($link_rangeID)) { $link_rangeID = $userid; } $newEval->addRangeID($link_rangeID); $counter_linked++; } if ($isTemplate) { $newEval->save(); } if ($newEval->isError()) { $safeguard .= $this->createSafeguard("ausruf", _("Fehler beim Einhängen von Bereichen.") . EvalCommon::createErrorReport($newEval)); return $safeguard; } $message .= $message ? "<br>" : " "; $message .= $counter_linked > 1 ? sprintf(_("Die Evaluation wurde in %s Bereiche eingehängt."), $counter_linked) : sprintf(_("Die Evaluation wurde in einen Bereich eingehängt."), $counter_linked); } /* ---------------------------------------- end: link eval to ranges */ /* copy eval to ranges --------------------------------------------- */ $copy_range_Array = Request::optionArray("copy_range"); if (!empty($copy_range_Array)) { $counter_copy = 0; foreach ($copy_range_Array as $copy_rangeID => $v) { if ($userid = get_userid($copy_rangeID)) { $copy_rangeID = $userid; } $newEval = $eval->duplicate(); if (Request::option("startMode")) { $newEval->setStartdate($startDate); } if (Request::get("stopMode")) { $newEval->setStopdate($stopDate); $newEval->setTimespan($timeSpan); } $newEval->setShared(NO); $newEval->removeRangeIDs(); $evalDB->removeUser($newEval->getObjectID()); $newEval->addRangeID($copy_rangeID); $newEval->save(); $counter_copy++; if ($newEval->isError()) { $safeguard .= $this->createSafeguard("ausruf", _("Fehler beim Kopieren von Evaluationen in Bereiche.") . EvalCommon::createErrorReport($newEval)); return $safeguard; } } $message .= $message ? "<br>" : " "; $message .= $counter_copy > 1 ? sprintf(_("Die Evaluation wurde in %s Bereiche kopiert."), $counter_copy) : sprintf(_("Die Evaluation wurde in einen Bereich kopiert."), $counter_copy); } /* ------------------------------------------- end: copy eval to ranges */ /* unlink ranges ------------------------------------------------------- */ $remove_range_Array = Request::optionArray("remove_range"); if (!empty($remove_range_Array)) { /* if all rangeIDs will be removed, so ask if it should be deleted -- */ if (sizeof($remove_range_Array) == $eval->getNumberRanges()) { $text = _("Sie wollen die Evaluation <b>%s</b> aus allen ihr zugeordneten Bereichen aushängen.<br>Soll die Evaluation gelöscht oder zu Ihren eigenen Evaluationsvorlagen verschoben werden?"); $safeguard .= $this->createSafeguard("ausruf", sprintf($text, $evalName), "unlink_delete_request", $evalID, $showrangeID, $referer); $update_message = NULL; return $safeguard; } /* -------------------------------- end: ask if it should be deleted */ $no_permission_ranges = EvaluationObjectDB::getEvalUserRangesWithNoPermission($eval, YES); $counter_no_permisson = 0; if (is_array($no_permission_ranges)) { foreach ($remove_range_Array as $remove_rangeID => $v) { if ($userid = get_userid($remove_rangeID)) { $remove_rangeID = $userid; } // no permisson to unlink this range if (in_array($remove_rangeID, $no_permission_ranges)) { $counter_no_permisson++; } } } // if there are no_permisson_ranges to unlink, return if ($counter_no_permisson > 0) { if ($counter_no_permisson == 1) { $safeguard .= $this->createSafeguard("ausruf", _("Sie wollen die Evaluation aus einem Bereich aushängen, für den Sie keine Berechtigung besitzten.<br> Die Aktion wurde nicht ausgeführt.")); } else { $safeguard .= $this->createSafeguard("ausruf", sprintf(_("Sie wollen die Evaluation aus %d Bereichen aushängen, für die Sie keine Berechtigung besitzten.<br> Die Aktion wurde nicht ausgeführt."), $counter_no_permisson)); } return $safeguard; } reset($remove_range_Array); $counter_copy = 0; foreach ($remove_range_Array as $remove_rangeID => $v) { if ($userid = get_userid($remove_rangeID)) { $remove_rangeID = $userid; } // the current range will be removed if ($showrangeID == $remove_rangeID) { $current_range_removed = 1; } $eval->removeRangeID($remove_rangeID); $counter_copy++; } if ($eval->isError()) { $safeguard .= $this->createSafeguard("ausruf", _("Fehler beim Aushängen von Bereichen.") . EvalCommon::createErrorReport($eval)); return $safeguard; } $message .= $message ? "<br>" : " "; $message .= $counter_copy > 1 ? sprintf(_("Die Evaluation wurde aus %s Bereichen ausgehängt."), $counter_copy) : sprintf(_("Die Evaluation wurde aus einem Bereich ausgehängt."), $counter_copy); if ($eval->getNumberRanges() == 0) { $message .= $message ? "<br>" : ""; $message .= _("Sie ist nun keinem Bereich mehr zugeordnet und wurde zu den eigenen Evaluationsvorlagen verschoben."); $eval->setStartdate(NULL); $eval->setStopdate(NULL); $evalDB->removeUser($eval->getObjectID()); if ($eval->isError()) { $safeguard .= $this->createSafeguard("ausruf", _("Fehler beim Kopieren von Evaluationen in Bereiche.") . EvalCommon::createErrorReport($newEval)); return $safeguard; } } else { $no_permission_ranges = EvaluationObjectDB::getEvalUserRangesWithNoPermission($eval); $number_of_ranges = $eval->getNumberRanges(); if ($number_of_ranges == $no_permission_ranges) { $return["msg"] = $this->createSafeguard("ausruf", $message . "<br>" . sprintf(_("Sie haben die Evaluation <b>%s</b> aus allen ihren Bereichen ausgehängt."), $evalName)); $return["option"] = DISCARD_OPENID; $eval->save(); if ($eval->isError()) { $safeguard = $this->createSafeguard("ausruf", _("Fehler beim Aushängen einer Evaluationen aus allen Bereichen auf die Sie Zugriff haben.") . EvalCommon::createErrorReport($newEval)); return $safeguard; } return $return; } } } if ($eval->isTemplate()) { if (empty($link_range) && empty($copy_range) && empty($remove_range)) { $update_message = sprintf(_("Es wurden keine Veränderungen an der Evaluationsvorlage <b>%s</b> gespeichert."), $evalName); } } else { // nothing changed if (!Request::option('startMode') && !Request::option('stopMode') && empty($link_range) && empty($copy_range) && empty($remove_range)) { $update_message = _("Es wurden keine Veränderungen gespeichert."); } // set new start date if (Request::option("startMode") && !$time_msg) { $eval->setStartDate($startDate); if ($startDate != NULL && $startDate <= time() - 1) { $message .= $message ? "<br>" : " "; $message .= _("Die Evaluation wurde gestartet."); } } // set new stop date if (Request::get("stopMode") && !$time_msg) { $eval->setStopDate($stopDate); $eval->setTimeSpan($timeSpan); if ($stopDate != NULL && $stopDate <= time() - 1 || $timeSpan != NULL && $eval->getStartdate() != NULL && $eval->getStartdate() + $timeSpan <= time() - 1) { $message .= $message ? "<br>" : " "; $message .= _("Die Evaluation wurde beendet."); } } if ($eval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval)); return $safeguard; } $eval->save(); } $evalChanged = YES; // start/endtime aren't saved, because of ranges with no permisson if ($time_msg) { $safeguard .= $this->createSafeguard("ausruf", $time_msg); } // everything is just fine so print the all messages if ($update_message && !$time_msg) { $safeguard .= $this->createSafeguard("ok", $update_message . "<br>" . $message); } elseif ($time_msg && $message) { $safeguard .= $this->createSafeguard("ok", $message); } break; case "search_showrange": case "search_range": $search = Request::get("search"); if (EvaluationObjectDB::getGlobalPerm(YES) < 31) { $safeguard = $this->createSafeguard("ausruf", _("Sie besitzen keine Berechtigung eine Suche durchzuführen.")); return $safeguard; } $results = $evalDB->search_range($search); if (empty($search)) { $safeguard .= $this->createSafeguard("ausruf", _("Bitte einen Suchbegriff eingeben."), $search); } elseif (sizeof($results) == 0) { $safeguard .= $this->createSafeguard("ausruf", sprintf(_("Es wurde kein Bereich gefunden, der den Suchbegriff <b>%s</b> enthält."), htmlReady($search)), $search); } else { $safeguard .= $this->createSafeguard("ok", sprintf(_("Es wurden %s Bereiche gefunden, die den Suchbegriff <b>%s</b> enthalten."), sizeof($results), htmlReady($search)), $search); } break; case "check_abort_creation": # check if the evaluation is new and not yet edited $eval = new Evaluation($evalID, NULL, EVAL_LOAD_NO_CHILDREN); $abort_creation = false; if ($eval->getTitle() == _("Neue Evaluation") && $eval->getText() == "") { # the evaluationen may be not edited yet ... so continue checking $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN); $number_of_childs = $eval->getNumberChildren(); $child = $eval->getNextChild(); if ($number_of_childs == 1 && $child && $child->getTitle() == _("Erster Gruppierungsblock") && $child->getChildren() == NULL && $child->getText() == "") { $abort_creation = true; } } if ($abort_creation != true) { break; } # continue abort_creation # continue abort_creation case "abort_creation": $eval = new Evaluation($evalID, NULL, EVAL_LOAD_ALL_CHILDREN); $eval->delete(); // error_ausgabe if ($eval->isError()) { $safeguard .= $this->createSafeguard("", EvalCommon::createErrorReport($eval)); return $safeguard; } $safeguard .= $this->createSafeguard("ok", _("Die Erstellung einer Evaluation wurde abgebrochen."), "", "", "", $referer); break; case "nothing": break; default: $safeguard .= $this->createSafeguard("ausruf", _("Fehler! Es wurde versucht, eine nicht vorhandene Aktion auszuführen.")); break; } /* Send SMS when eval has been modified by admin/root ----------------- */ if ($evalChanged && $eval->getAuthorID() != $auth->auth["uid"]) { $sms = new messaging(); $sms->insert_message(sprintf(_("An Ihrer Evaluation \"%s\" wurden von %s Änderungen vorgenommen."), $eval->getTitle(), get_username($auth->auth["uid"])), get_username($eval->getAuthorID()), "____%system%____", FALSE, FALSE, "1"); } /* ------------------------------------------------------ end: send SMS */ // the current range has been removed from the eval if ($current_range_removed) { $return["msg"] = $safeguard; $return["option"] = DISCARD_OPENID; return $return; } else { return $safeguard; } }
/** * checks, if user has permission to perform given operation on news object * * @param string $operation delete, unassign, edit, copy, or view * @param string $check_range_id specified range-id, used only for unassign-operation * @param string $user_id optional; check permission for * given user ID; otherwise for the * global $user's ID * @return boolean true or false */ function havePermission($operation, $check_range_id = '', $user_id = null) { if (!$user_id) { $user_id = $GLOBALS['auth']->auth['uid']; } if (!in_array($operation, array('delete', 'unassign', 'edit', 'copy', 'view'))) { return false; } // in order to unassign, there must be more than one range assigned; $check_range_id must be specified. if ($operation == 'unassign' and count($this->getRanges()) < 2) { return false; } // root, owner, and owner's deputy have full permission if ($GLOBALS['perm']->have_perm('root', $user_id) or $user_id == $this->user_id and $GLOBALS['perm']->have_perm('autor') or isDeputyEditAboutActivated() and isDeputy($user_id, $this->user_id, true)) { return true; } // check news' ranges for edit, copy or view permission if ($operation == 'unassign' or $operation == 'delete') { $range_operation = 'edit'; } else { $range_operation = $operation; } foreach ($this->getRanges() as $range_id) { if (StudipNews::haveRangePermission($range_operation, $range_id, $user_id)) { // in order to view, edit, copy, or unassign, access to one of the ranges is sufficient if ($operation == 'view' or $operation == 'edit' or $operation == 'copy') { return true; // in order to unassign, access to the specified range is needed } elseif ($operation == 'unassign' and $range_id == $check_range_id) { return true; } // in order to delete, access to all ranges is necessary $permission_ranges++; } elseif ($operation == 'delete') { return false; } } if ($operation == 'delete' and count($this->getRanges()) == $permission_ranges) { return true; } return false; }
public static function getPreparedCourses($sem = "all", $params = array()) { $semesters = self::getSelectedSemesters($sem); $current_semester_nr = SemesterData::GetSemesterIndexById(@Semester::findCurrent()->id); $min_sem_key = min($semesters); $max_sem_key = max($semesters); $group_field = $params['group_field']; $courses = self::getCourses($min_sem_key, $max_sem_key, $params); $show_semester_name = UserConfig::get($GLOBALS['user']->id)->SHOWSEM_ENABLE; $sem_courses = array(); $param_array = 'name seminar_id visible veranstaltungsnummer start_time duration_time status visible '; $param_array .= 'chdate admission_binding modules admission_prelim'; if (!empty($courses)) { // filtering courses $modules = new Modules(); $member_ships = User::findCurrent()->course_memberships->toGroupedArray('seminar_id', 'status gruppe'); foreach ($courses as $index => $course) { // export object to array for simple handling $_course = $course->toArray($param_array); $_course['start_semester'] = $course->start_semester->name; $_course['end_semester'] = $course->end_semester->name; $_course['sem_class'] = $course->getSemClass(); $_course['obj_type'] = 'sem'; if ($group_field == 'sem_tree_id') { $_course['sem_tree'] = $course->study_areas->toArray(); } $user_status = @$member_ships[$course->id]['status']; if (!$user_status && Config::get()->DEPUTIES_ENABLE && isDeputy($GLOBALS['user']->id, $course->id)) { $user_status = 'dozent'; $is_deputy = true; } else { $is_deputy = false; } // get teachers only if grouping selected (for better performance) if ($group_field == 'dozent_id') { $teachers = new SimpleCollection($course->getMembersWithStatus('dozent')); $teachers->filter(function ($a) use(&$_course) { return $_course['teachers'][] = $a->user->getFullName('no_title_rev'); }); } $_course['last_visitdate'] = object_get_visit($course->id, 'sem', 'last'); $_course['visitdate'] = object_get_visit($course->id, 'sem', ''); $_course['user_status'] = $user_status; $_course['gruppe'] = !$is_deputy ? @$member_ships[$course->id]['gruppe'] : self::getDeputieGroup($course->id); $_course['sem_number_end'] = $course->duration_time == -1 ? $max_sem_key : SemesterData::GetSemesterIndexById($course->end_semester->id); $_course['sem_number'] = SemesterData::GetSemesterIndexById($course->start_semester->id); $_course['modules'] = $modules->getLocalModules($course->id, 'sem', $course->modules, $course->status); $_course['name'] = $course->name; $_course['temp_name'] = $course->name; $_course['number'] = $course->veranstaltungsnummer; $_course['is_deputy'] = $is_deputy; if ($show_semester_name && $course->duration_time != 0 && !$course->getSemClass()->offsetGet('studygroup_mode')) { $_course['name'] .= ' (' . $course->getFullname('sem-duration-name') . ')'; } // add the the course to the correct semester self::getObjectValues($_course); if ($course->duration_time == -1) { if ($current_semester_nr >= $min_sem_key && $current_semester_nr <= $max_sem_key) { $sem_courses[$current_semester_nr][$course->id] = $_course; } else { $sem_courses[$max_sem_key][$course->id] = $_course; } } else { for ($i = $min_sem_key; $i <= $max_sem_key; $i++) { if ($i >= $_course['sem_number'] && $i <= $_course['sem_number_end']) { $sem_courses[$i][$course->id] = $_course; } } } } } else { return null; } if (empty($sem_courses)) { return null; } if ($params['main_navigation']) { return $sem_courses; } krsort($sem_courses); // grouping if ($group_field == 'sem_number' && !$params['order_by']) { foreach ($sem_courses as $index => $courses) { uasort($courses, function ($a, $b) { if (Config::get()->IMPORTANT_SEMNUMBER) { return $a['gruppe'] == $b['gruppe'] ? strcmp($a['number'], $b['number']) : $a['gruppe'] - $b['gruppe']; } else { return $a['gruppe'] == $b['gruppe'] ? strcmp($a['temp_name'], $b['temp_name']) : $a['gruppe'] - $b['gruppe']; } }); $sem_courses[$index] = $courses; } } // Group by teacher if ($group_field == 'dozent_id') { self::groupByTeacher($sem_courses); } // Group by Sem Status if ($group_field == 'sem_status') { self::groupBySemStatus($sem_courses); } // Group by colors if ($group_field == 'gruppe') { self::groupByGruppe($sem_courses); } // Group by sem_tree if ($group_field == 'sem_tree_id') { self::groupBySemTree($sem_courses); } return !empty($sem_courses) ? $sem_courses : false; }
/** * Entry point of the controller that displays all the information of the selected or current user * @return void */ public function index_action() { // Template Index_Box for render-partials $layout = $GLOBALS['template_factory']->open('shared/content_box'); $this->shared_box = $layout; // if he has not yet stored into user_info, he comes in with no values if ($this->current_user->mkdate === null) { $this->current_user->store(); } if (get_config('NEWS_RSS_EXPORT_ENABLE')) { $news_author_id = StudipNews::GetRssIdFromUserId($this->current_user->user_id); if ($news_author_id) { PageLayout::addHeadElement('link', array('rel' => 'alternate', 'type' => 'application/rss+xml', 'title' => 'RSS', 'href' => 'rss.php?id=' . $news_author_id)); } } // Get Avatar $this->avatar = Avatar::getAvatar($this->current_user->user_id)->getImageTag(Avatar::NORMAL); // GetScroreList if (get_config('SCORE_ENABLE')) { if ($this->current_user->user_id === $GLOBALS['user']->id || $this->current_user->score) { $this->score = Score::GetMyScore($this->current_user); $this->score_title = Score::getTitel($this->score, $this->current_user->geschlecht); } } // Additional user information $this->public_email = get_visible_email($this->current_user->user_id); $this->motto = $this->profile->getVisibilityValue('motto'); $this->private_nr = $this->profile->getVisibilityValue('privatnr', 'private_phone'); $this->private_cell = $this->profile->getVisibilityValue('privatcell', 'private_cell'); $this->privadr = $this->profile->getVisibilityValue('privadr', 'privadr'); $this->homepage = $this->profile->getVisibilityValue('Home', 'homepage'); // skype informations if (get_config('ENABLE_SKYPE_INFO') && $this->profile->checkVisibility('skype_name')) { $this->skype_name = UserConfig::get($this->current_user->user_id)->SKYPE_NAME; $this->skype_status = UserConfig::get($this->current_user->user_id)->SKYPE_ONLINE_STATUS && $this->profile->checkVisibility('skype_online_status'); } // get generic datafield entries $this->shortDatafields = $this->profile->getShortDatafields(); $this->longDatafields = $this->profile->getLongDatafields(); // get working station of an user (institutes) $this->institutes = $this->profile->getInstitutInformations(); // get studying informations of an user if ($this->current_user->perms != 'dozent') { $study_institutes = UserModel::getUserInstitute($this->current_user->user_id, true); if (count($study_institutes) > 0 && $this->profile->checkVisibility('studying')) { $this->study_institutes = $study_institutes; } } if ($this->current_user->user_id == $this->user->user_id && $GLOBALS['has_denoted_fields']) { $this->has_denoted_fields = true; } // get kings informations if (Config::Get()->SCORE_ENABLE) { if ($this->current_user->user_id === $GLOBALS['user']->id || $this->current_user->score) { $kings = $this->profile->getKingsInformations(); if ($kings != null) { $this->kings = $kings; } } } $show_admin = $this->perm->have_perm('autor') && $this->user->user_id == $this->current_user->user_id || isDeputyEditAboutActivated() && isDeputy($this->user->user_id, $this->current_user->user_id, true); if ($this->profile->checkVisibility('news') or $show_admin === true) { $response = $this->relay('news/display/' . $this->current_user->user_id); $this->news = $response->body; } // calendar if (get_config('CALENDAR_ENABLE')) { if (!in_array($this->current_user->perms, words('admin root'))) { if ($this->profile->checkVisibility('termine')) { $response = $this->relay('calendar/contentbox/display/' . $this->current_user->user_id); $this->dates = $response->body; } } } // include and show votes and tests if (get_config('VOTE_ENABLE') && $this->profile->checkVisibility('votes')) { $response = $this->relay('questionnaire/widget/' . $this->current_user->user_id . "/user"); $this->votes = $response->body; } // Hier werden Lebenslauf, Hobbys, Publikationen und Arbeitsschwerpunkte ausgegeben: $ausgabe_felder = array('lebenslauf' => _('Lebenslauf'), 'hobby' => _('Hobbys'), 'publi' => _('Publikationen'), 'schwerp' => _('Arbeitsschwerpunkte')); $ausgabe_inhalt = array(); foreach ($ausgabe_felder as $key => $value) { if ($this->profile->checkVisibility($key)) { $ausgabe_inhalt[$value] = $this->current_user[$key]; } } $this->ausgabe_inhalt = array_filter($ausgabe_inhalt); // Anzeige der Seminare, falls User = dozent if ($this->current_user['perms'] == 'dozent') { $this->seminare = array_filter($this->profile->getDozentSeminars()); } // Hompageplugins $homepageplugins = PluginEngine::getPlugins('HomepagePlugin'); foreach ($homepageplugins as $homepageplugin) { if ($homepageplugin->isActivated($this->current_user->user_id, 'user')) { // get homepageplugin tempaltes $template = $homepageplugin->getHomepageTemplate($this->current_user->user_id); // create output of the plugins if (!empty($template)) { $render .= $template->render(null, $layout); } $layout->clear_attributes(); } } $this->hompage_plugin = $render; // show literature info if (get_config('LITERATURE_ENABLE')) { $lit_list = StudipLitList::GetFormattedListsByRange($this->current_user->user_id); if ($this->current_user->user_id == $this->user->user_id) { $this->admin_url = 'dispatch.php/literature/edit_list.php?_range_id=self'; $this->admin_title = _('Literaturlisten bearbeiten'); } if ($this->profile->checkVisibility('literature')) { $this->show_lit = true; $this->lit_list = $lit_list; } } // get categories $category = Kategorie::findByUserId($this->current_user->user_id); foreach ($category as $cat) { $head = $cat->name; $body = $cat->content; unset($vis_text); if ($this->user->user_id == $this->current_user->user_id) { $vis_text .= ' ( ' . Visibility::getStateDescription('kat_' . $cat->kategorie_id) . ' )'; } if ($this->profile->checkVisibility('kat_' . $cat->kategorie_id)) { $categories[$cat->kategorie_id]['head'] = $head; $categories[$cat->kategorie_id]['zusatz'] = $vis_text; $categories[$cat->kategorie_id]['content'] = $body; } } if (!empty($categories)) { $this->categories = array_filter($categories, function ($item) { return !empty($item['content']); }); } }