/** * Redirect to the session "request uri" if it exists. * @param bool Whether the user just logged in (in this case, use page_after_login rules) */ static function session_request_uri($logging_in = false, $user_id = null) { $no_redirection = isset($_SESSION['noredirection']) ? $_SESSION['noredirection'] : false; if ($no_redirection) { unset($_SESSION['noredirection']); return; } $url = isset($_SESSION['request_uri']) ? $_SESSION['request_uri'] : ''; unset($_SESSION['request_uri']); if (!empty($url)) { self::navigate($url); } elseif ($logging_in || isset($_REQUEST['sso_referer']) && !empty($_REQUEST['sso_referer'])) { if (isset($user_id)) { // Make sure we use the appropriate role redirection in case one has been defined $user_status = api_get_user_status($user_id); switch ($user_status) { case COURSEMANAGER: $redir = api_get_setting('teacher_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; case STUDENT: $redir = api_get_setting('student_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; case DRH: $redir = api_get_setting('drh_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; case SESSIONADMIN: $redir = api_get_setting('sessionadmin_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; default: break; } } $page_after_login = api_get_setting('page_after_login'); if (!empty($page_after_login)) { self::navigate(api_get_path(WEB_PATH) . $page_after_login); } } }
// setting the section (for the tabs) $this_section = SECTION_PLATFORM_ADMIN; // Access restrictions api_protect_admin_script(true); // setting breadcrumbs $interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdmin')); $interbreadcrumb[] = array('url' => 'user_list.php', 'name' => get_lang('UserList')); // Database Table Definitions $tbl_user = Database::get_main_table(TABLE_MAIN_USER); $tbl_access_url_rel_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); // initializing variables $user_id = intval($_GET['user']); $user_info = api_get_user_info($user_id); $user_anonymous = api_get_anonymous_id(); $current_user_id = api_get_user_id(); $userStatus = api_get_user_status($user_id); $firstLetterUser = isset($_POST['firstLetterUser']) ? $_POST['firstLetterUser'] : null; // setting the name of the tool $isAdmin = UserManager::is_admin($user_id); if ($isAdmin) { $userStatus = PLATFORM_ADMIN; $tool_name = get_lang('AssignUsersToPlatformAdministrator'); } else { if ($user_info['status'] == SESSIONADMIN) { $tool_name = get_lang('AssignUsersToSessionsAdministrator'); } else { if ($user_info['status'] == STUDENT_BOSS) { $tool_name = get_lang('AssignUsersToBoss'); } else { $tool_name = get_lang('AssignUsersToHumanResourcesManager'); }
/** * @param int $admin_id_to_check * @param int $my_user_id * @param bool $allow_session_admin * @return bool */ function api_global_admin_can_edit_admin($admin_id_to_check, $my_user_id = null, $allow_session_admin = false) { if (empty($my_user_id)) { $my_user_id = api_get_user_id(); } $iam_a_global_admin = api_is_global_platform_admin($my_user_id); $user_is_global_admin = api_is_global_platform_admin($admin_id_to_check); if ($iam_a_global_admin) { // Global admin can edit everything return true; } else { // If i'm a simple admin $is_platform_admin = api_is_platform_admin_by_id($my_user_id); if ($allow_session_admin) { $is_platform_admin = api_is_platform_admin_by_id($my_user_id) || api_get_user_status($my_user_id) == SESSIONADMIN; } if ($is_platform_admin) { if ($user_is_global_admin) { return false; } else { return true; } } else { return false; } } }
/** * Redirect to the current session's "request uri" if it is defined, or * check sso_referer, user's role and page_after_login settings to send * the user to some predefined URL * @param bool Whether the user just logged in (in this case, use page_after_login rules) * @param int The user_id, if defined. Otherwise just send to where the page_after_login setting says */ public static function session_request_uri($logging_in = false, $user_id = null) { $no_redirection = isset($_SESSION['noredirection']) ? $_SESSION['noredirection'] : false; if ($no_redirection) { unset($_SESSION['noredirection']); return; } $url = isset($_SESSION['request_uri']) ? Security::remove_XSS($_SESSION['request_uri']) : ''; unset($_SESSION['request_uri']); if (!empty($url)) { self::navigate($url); } elseif ($logging_in || isset($_REQUEST['sso_referer']) && !empty($_REQUEST['sso_referer'])) { if (isset($user_id)) { // Make sure we use the appropriate role redirection in case one has been defined $user_status = api_get_user_status($user_id); switch ($user_status) { case COURSEMANAGER: $redir = api_get_setting('teacher_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; case STUDENT: $redir = api_get_setting('student_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; case DRH: $redir = api_get_setting('drh_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; case SESSIONADMIN: $redir = api_get_setting('sessionadmin_page_after_login'); if (!empty($redir)) { self::navigate(api_get_path(WEB_PATH) . $redir); } break; default: break; } } $redirect = api_get_setting('redirect_admin_to_courses_list'); if ($redirect !== 'true') { // If the user is a platform admin, redirect to the main admin page if (api_is_multiple_url_enabled()) { // if multiple URLs are enabled, make sure he's admin of the // current URL before redirecting $url = api_get_current_access_url_id(); if (api_is_platform_admin_by_id($user_id, $url)) { self::navigate(api_get_path(WEB_CODE_PATH) . 'admin/index.php'); } } else { // if no multiple URL, then it's enough to be platform admin if (api_is_platform_admin_by_id($user_id)) { self::navigate(api_get_path(WEB_CODE_PATH) . 'admin/index.php'); } } } $page_after_login = api_get_setting('page_after_login'); if (!empty($page_after_login)) { self::navigate(api_get_path(WEB_PATH) . $page_after_login); } } }