Role functions debugged in account.inc.php, using them in user_main.php and user.inc.php

This commit is contained in:
jacob 2010-10-08 16:07:07 +00:00
parent 177f49f805
commit 835047f3a8
3 changed files with 79 additions and 127 deletions

View File

@ -220,13 +220,9 @@ function account_add_role($accounts_id, $roles_id, $conferences_id, $password =
// we now have the user id that we need, let's check to see whether or not they // we now have the user id that we need, let's check to see whether or not they
// already have the specified role. // already have the specified role.
$roleRecord = mysql_fetch_array(mysql_query(" if(is_array(mysql_fetch_array(mysql_query(
SELECT COUNT(*) FROM user_roles "SELECT * FROM user_roles WHERE users_id = $users_id AND roles_id = $roles_id"
WHERE conferences_id = $conferences_id )))){
AND users_id = $users_id
AND roles_id = $roles_id
"));
if(is_array($roleRecord)){
// they already have this role. shell_exec("man true"); // they already have this role. shell_exec("man true");
return 'ok'; return 'ok';
} }
@ -236,14 +232,14 @@ function account_add_role($accounts_id, $roles_id, $conferences_id, $password =
return 'invalidrole'; return 'invalidrole';
} }
// see if this role is a valid one for this conference // get the type of the role (eg. "judge", "student", etc.)
$role = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
// and see if it's a valid one for this conference
if(!array_key_exists($role . '_registration_type', $config)){ if(!array_key_exists($role . '_registration_type', $config)){
return 'invalidrole'; return 'invalidrole';
} }
// get the type of the role (eg. "judge", "student", etc.)
$role = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
// and let's see if we meet the conditions for the registration type // and let's see if we meet the conditions for the registration type
$error = ""; $error = "";
switch($config[$role . '_registration_type']){ switch($config[$role . '_registration_type']){
@ -293,19 +289,26 @@ function account_add_role_allowed($accounts_id, $roles_id, $conferences_id){
$roles_id *= 1; $roles_id *= 1;
$conferences_id *= 1; $conferences_id *= 1;
// get the user id for this account/conference
$userdat = mysql_fetch_assoc(mysql_query("SELECT id FROM users WHERE accounts_id = $accounts_id AND conferences_id = $conferences_id"));
// If this condition isn't met, then the account is not connected to the conference.
// In that case, the role can be allowed as there is no conflict.
if(is_array($userdat)){
$users_id = $userdat['id'];
// get the roles for the specified account at the specified conference // get the roles for the specified account at the specified conference
$query = mysql_query(" $query = mysql_query("
SELECT * FROM user_roles SELECT * FROM user_roles
WHERE accounts_id = $accounts_id WHERE users_id = $users_id
AND conferences_id = $conferences_id
"); ");
while($row = mysql_fetch_assoc($record) && $returnval){ while($returnval && $row = mysql_fetch_assoc($query)){
switch($row['type']){ switch($row['type']){
case 'student': case 'student':
// Student cant' add any other role // Student cant' add any other role
$returnval = false; $returnval = false;
break;
default: default:
if($role == 'student') { if($role == 'student') {
// No role can add the student role // No role can add the student role
@ -317,6 +320,8 @@ function account_add_role_allowed($accounts_id, $roles_id, $conferences_id){
} }
} }
}
return $returnval; return $returnval;
} }
@ -347,10 +352,27 @@ function account_remove_role($accounts_id, $roles_id, $conferences_id){
AND accounts_id = $accounts_id AND accounts_id = $accounts_id
")); "));
if(is_array($data)){ if(is_array($data)){
// they do indeed have a user record for this conference. Let's load it // they do indeed have a user record for this conference.
$u = user_load($data['id']); $users_id = $data['id'];
$roletype = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
$user_remove_role($u, $roletype); // Do role-specific remove actions
$role = mysql_result(mysql_query("SELECT `type` FROM roles WHERE id = $roles_id"), 0);
switch($role) {
case 'committee':
mysql_query("DELETE FROM committees_link WHERE accounts_id='{$accounts_id}'");
break;
case 'judge':
mysql_query("DELETE FROM judges_teams_link WHERE users_id='$users_id'");
mysql_query("DELETE FROM judges_specialawards_sel WHERE users_id='$users_id'");
break;
default:
break;
}
// and now we can remove the role link itself
mysql_query("DELETE FROM user_roles WHERE roles_id={$roles_id} AND users_id='$users_id'");
} }
return 'ok'; return 'ok';
} }

View File

@ -403,41 +403,28 @@ function user_deactivate_role($users_id, $roles_id){
return mysql_query("UPDATE user_roles SET active='no' WHERE users_id = $users_id AND roles_id = $roles_id"); return mysql_query("UPDATE user_roles SET active='no' WHERE users_id = $users_id AND roles_id = $roles_id");
} }
// Remove a role for a user.
// now just a skin on top of account_remove_role
function user_remove_role(&$u, $role) function user_remove_role(&$u, $role)
{ {
if(!array_key_exists($role, $u['roles'])) { global $roles;
/* Hum, type specified, but the user is not this type, $row = mysql_fetch_assoc(mysql_query("SELECT conferences_id FROM users WHERE id = " . $u['id']));
* so, i guess we're done. */ if(!is_array($q)){
return; return 'no conference';
} }
$conference_id = $q['conferences_id'];
$result = account_remove_role($u['accounts_id'], $roles[$role]['id'], $conference_id);
$id = $u['id']; // Delete the role
if(array_key_exists($role, $u['roles'])) {
/* Do role-specific remove actions */
switch($role) {
case 'committee':
mysql_query("DELETE FROM committees_link WHERE accounts_id='{$u['accounts_id']}'");
break;
case 'judge':
mysql_query("DELETE FROM judges_teams_link WHERE users_id='$id'");
mysql_query("DELETE FROM judges_specialawards_sel WHERE users_id='$id'");
break;
default:
break;
}
/* Delete the role */
$roleId = $u['roles'][$role]['roles_id'];
unset($u['roles'][$role]); unset($u['roles'][$role]);
mysql_query("DELETE FROM user_roles WHERE roles_id={$roleId} AND users_id='$id'"); }
/* Save this user */ // Save this user
user_save($u); user_save($u);
return $result;
} }
/* If role is specified, just delete the role from the user. /* If role is specified, just delete the role from the user.
* If not, delete the whole user, all roles */ * If not, delete the whole user, all roles */
function user_delete($u, $role=false) function user_delete($u, $role=false)

View File

@ -42,8 +42,9 @@ if(array_key_exists('action', $_GET)){
case 'register': case 'register':
$role = $_POST['role']; $role = $_POST['role'];
$result = account_add_role($u['accounts_id'], $roles[$role]['id'], $_SESSION['conferences_id'], $_POST['password']); $result = account_add_role($u['accounts_id'], $roles[$role]['id'], $_SESSION['conferences_id'], $_POST['password']);
echo $result; if($result != 'ok'){
// register_new_role(); error_($result);
}
break; break;
case 'draw_roles': case 'draw_roles':
draw_roles(); draw_roles();
@ -51,10 +52,12 @@ if(array_key_exists('action', $_GET)){
case 'remove': case 'remove':
$role = $_GET['role']; $role = $_GET['role'];
/* Like delete, only we're only deleting a role, not the whole account */ $result = account_remove_role($u['accounts_id'], $roles[$role]['id'], $_SESSION['conferences_id']);
happy_("{$roles[$role]['name']} role successfully removed."); if($result == 'ok'){
echo i18n("Removed"); happy_(i18n("Role successfully removed."));
user_remove_role($u, $role); }else{
error_(i18n("Unable to remove role."));
}
exit; exit;
case 'activate': case 'activate':
@ -308,63 +311,3 @@ function draw_signup_form($type){
echo i18n("{$roles[$type]['name']} registration is not open"); echo i18n("{$roles[$type]['name']} registration is not open");
} }
} }
function register_new_role(){
global $config, $roles, $u;
$password = $_POST['password'];
$uid = $_SESSION['users_id'];
$roleId = $_POST['role'];
$typekey = $roleId . '_registration_type';
$accounts_id = $u['accounts_id'];
if(array_key_exists($typekey, $config)){
$regtype = $config[$typekey];
}else{
return false;
}
// see if the registration is allowed for this role with the information provided
$canRegister = true;
$role = $_POST['role'];
switch($regtype){
case 'open':
case 'openorinvite':
// ok, we can allow these
break;
case 'singlepassword':
if($password != $config[$role . '_registration_singlepassword']){
$canRegister = false;
}
break;
case 'schoolpassword':
// FIXME: not yet implemented.
// this is only used for students, who are not yet registered through the "user" system
$canRegister = false;
break;
case 'invite':
$canRegister = false;
break;
default:
// echo "[\$regtype = \"$regtype\"]";
$canRegister = false;
}
if(!$canRegister) return false;
// ok, they meet the conditions to register for this role
// see if they're already registered for it
$role_index = $roles[$role]['id'];
$query = "SELECT COUNT(*) FROM user_roles WHERE users_id = $uid AND roles_id=$role_index";
echo $query;
$results = mysql_fetch_array(mysql_query($query));
if($results[0] != 0){
return false;
}
if(user_add_role($u, $role, $password)){
$_SESSION['roles'][] = $role;
user_save($u);
return true;
}else{
return false;
}
}