forked from science-ation/science-ation
Update role activate/deactive page
This commit is contained in:
parent
c3f2e0c589
commit
88f8ce044b
37
user.inc.php
37
user.inc.php
@ -65,13 +65,12 @@ function user_load($users_id, $accounts_id = false)
|
|||||||
|
|
||||||
|
|
||||||
/* Get roles, and active/complete status for each role */
|
/* Get roles, and active/complete status for each role */
|
||||||
$query = "SELECT * FROM user_roles LEFT JOIN roles ON roles.id=user_roles.roles_id WHERE user_roles.users_id={$ret['id']}";
|
$query = "SELECT user_roles.*,roles.type,roles.name FROM user_roles LEFT JOIN roles ON roles.id=user_roles.roles_id WHERE user_roles.users_id={$ret['id']}";
|
||||||
$q = mysql_query($query);
|
$q = mysql_query($query);
|
||||||
|
|
||||||
$ret['roles'] = array();
|
$ret['roles'] = array();
|
||||||
while(($roledata = mysql_fetch_assoc($q))) {
|
while(($roledata = mysql_fetch_assoc($q))) {
|
||||||
$t = $roledata['type'];
|
$ret['roles'][$roledata['type']] = $roledata;
|
||||||
$ret['roles'][$t] = $roledata;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if(count($ret['roles']) == 0) {
|
if(count($ret['roles']) == 0) {
|
||||||
@ -199,15 +198,6 @@ function user_save(&$u)
|
|||||||
/* Add any new roles */
|
/* Add any new roles */
|
||||||
$orig_roles = array_keys($u['orig']['roles']);
|
$orig_roles = array_keys($u['orig']['roles']);
|
||||||
$new_roles = array_keys($u['roles']);
|
$new_roles = array_keys($u['roles']);
|
||||||
$added = array_diff($new_roles, $orig_roles);
|
|
||||||
foreach($added as $r) {
|
|
||||||
if(!user_add_role_allowed($r, $u)) {
|
|
||||||
echo "HALT: user can't add this roles";
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
mysql_query("INSERT INTO user_roles(accounts_id,users_id,roles_id,active,complete)
|
|
||||||
VALUES('{$u['accounts_id']}','{$u['id']}','{$roles[$r]['id']}','no','no')");
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Delete any removed roles */
|
/* Delete any removed roles */
|
||||||
$removed = array_diff($orig_roles, $new_roles);
|
$removed = array_diff($orig_roles, $new_roles);
|
||||||
@ -215,6 +205,28 @@ function user_save(&$u)
|
|||||||
mysql_query("DELETE FROM user_roles WHERE users_id='{$u['id']}' AND roles_id='{$roles[$r]['id']}'");
|
mysql_query("DELETE FROM user_roles WHERE users_id='{$u['id']}' AND roles_id='{$roles[$r]['id']}'");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Update all roles */
|
||||||
|
foreach($new_roles as $r) {
|
||||||
|
if(!in_array($r, $orig_roles)) {
|
||||||
|
/* Role is new */
|
||||||
|
if(!user_add_role_allowed($u, $r)) {
|
||||||
|
echo "HALT: user can't add this role";
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
mysql_query("INSERT INTO user_roles(accounts_id,users_id,roles_id,active,complete)
|
||||||
|
VALUES('{$u['accounts_id']}','{$u['id']}','{$roles[$r]['id']}','no','no')");
|
||||||
|
echo mysql_error();
|
||||||
|
|
||||||
|
} else if($u['roles'][$r] != $u['orig']['roles'][$r]) {
|
||||||
|
/* $u['roles'][$r] has changed from original, update it */
|
||||||
|
mysql_query("UPDATE user_roles SET active='{$u['roles'][$r]['active']}',
|
||||||
|
complete='{$u['roles'][$r]['complete']}'
|
||||||
|
WHERE id='{$u['roles'][$r]['id']}'");
|
||||||
|
echo mysql_error();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
$fields = array('salutation','firstname','lastname','username',
|
$fields = array('salutation','firstname','lastname','username',
|
||||||
'phonehome','phonework','phonecell','fax','organization',
|
'phonehome','phonework','phonecell','fax','organization',
|
||||||
'address','address2','city','province','postalcode','sex',
|
'address','address2','city','province','postalcode','sex',
|
||||||
@ -232,6 +244,7 @@ function user_save(&$u)
|
|||||||
|
|
||||||
/* Merge fields as necessary, build a big list of fields to save */
|
/* Merge fields as necessary, build a big list of fields to save */
|
||||||
foreach($new_roles as $r) {
|
foreach($new_roles as $r) {
|
||||||
|
if(!array_key_exists($r, $fields_for_role)) continue;
|
||||||
$fields = array_merge($fields, $fields_for_role[$r]);
|
$fields = array_merge($fields, $fields_for_role[$r]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -26,8 +26,8 @@
|
|||||||
require_once("common.inc.php");
|
require_once("common.inc.php");
|
||||||
require_once("user.inc.php");
|
require_once("user.inc.php");
|
||||||
|
|
||||||
if(!isset($_SESSION['users_type'])) {
|
if(!isset($_SESSION['users_id'])) {
|
||||||
/* No type set, invalid session */
|
/* No user ID set, invalid session for editting roles */
|
||||||
echo "ERROR: session is invalid";
|
echo "ERROR: session is invalid";
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -42,19 +42,30 @@ else
|
|||||||
|
|
||||||
if($eid != $_SESSION['users_id']) {
|
if($eid != $_SESSION['users_id']) {
|
||||||
/* Not editing ourself, we had better be
|
/* Not editing ourself, we had better be
|
||||||
* a committee member */
|
* someone with admin access */
|
||||||
user_auth_required('committee','admin');
|
user_auth_required('admin');
|
||||||
}
|
}
|
||||||
$u = user_load($eid);
|
$u = user_load($eid);
|
||||||
|
|
||||||
/* Validate the type */
|
/* Validate the incoming role, make sure it is actually a role */
|
||||||
|
$role = '';
|
||||||
if($_GET['action'] != '') {
|
if($_GET['action'] != '') {
|
||||||
$action_type = $_GET['type'];
|
$role = $_GET['role'];
|
||||||
if(!in_array($action_type, $user_types)) {
|
if(!array_key_exists($role, $roles)) {
|
||||||
echo "ERROR: not an allowed type.";
|
echo "ERROR: not an allowed role.";
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
/* We're not adding a role, but this checks to see if
|
||||||
|
* the user is allowed to be associated with this role, we don't
|
||||||
|
* want a student to deactivate a committee role, which would
|
||||||
|
* set the 'active' to 'no', but would create the 'committee' entry
|
||||||
|
* in the roles array, making them part of that role suddenly. We
|
||||||
|
* also check for this case below to prevent it */
|
||||||
|
if(!user_add_role_allowed($u, $role)) {
|
||||||
|
/* If we get in here, someone is hand crafting URLs */
|
||||||
|
echo "HALT: invalid role to manipulate for this user.";
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
$action_what = $user_what[$action_type];
|
|
||||||
}
|
}
|
||||||
|
|
||||||
switch($_GET['action']) {
|
switch($_GET['action']) {
|
||||||
@ -70,22 +81,32 @@ case 'delete':
|
|||||||
|
|
||||||
case 'remove':
|
case 'remove':
|
||||||
/* Like delete, only we're only deleting a role, not the whole account */
|
/* Like delete, only we're only deleting a role, not the whole account */
|
||||||
happy_("$action_what role successfully removed.");
|
happy_("{$roles[$role]['name']} role successfully removed.");
|
||||||
echo error(i18n("Permanently Removed"));
|
echo error(i18n("Permanently Removed"));
|
||||||
user_delete($u, $action_type);
|
user_delete($u, $role);
|
||||||
exit;
|
exit;
|
||||||
|
|
||||||
case 'activate':
|
case 'activate':
|
||||||
$u["{$action_type}_active"] = 'yes';
|
if(!array_key_exists($role, $u['roles'])) {
|
||||||
|
/* Hand crafting URLs? */
|
||||||
|
echo "HALT: can't activate a role the user doesn't have";
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
$u['roles'][$role]['active'] = 'yes';
|
||||||
user_save($u);
|
user_save($u);
|
||||||
happy_("$action_what role for %1 successfully activated",array($config['FAIRYEAR']));
|
happy_("{$roles[$role]['name']} role for %1 successfully activated",array($config['FAIRYEAR']));
|
||||||
echo happy(i18n("Active"));
|
echo happy(i18n("Active"));
|
||||||
exit;
|
exit;
|
||||||
|
|
||||||
case 'deactivate':
|
case 'deactivate':
|
||||||
$u["{$action_type}_active"] = 'no';
|
if(!array_key_exists($role, $u['roles'])) {
|
||||||
|
/* Hand crafting URLs? */
|
||||||
|
echo "HALT: can't deactivate a role the user doesn't have";
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
$u['roles'][$role]['active'] = 'no';
|
||||||
user_save($u);
|
user_save($u);
|
||||||
happy_("$action_what role for %1 successfully deactivated",array($config['FAIRYEAR']));
|
happy_("{$roles[$role]['name']} role for %1 successfully deactivated",array($config['FAIRYEAR']));
|
||||||
echo error(i18n("Deactivated"));
|
echo error(i18n("Deactivated"));
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
@ -98,37 +119,35 @@ case 'remove':
|
|||||||
echo "<h3>".i18n("Role and Account Management")."</h3>";
|
echo "<h3>".i18n("Role and Account Management")."</h3>";
|
||||||
echo "<br/>";
|
echo "<br/>";
|
||||||
} else {
|
} else {
|
||||||
$type = $_SESSION['users_type'];
|
|
||||||
$m = $user_what[$type];
|
|
||||||
send_header("Role and Account Management",
|
send_header("Role and Account Management",
|
||||||
array("$m Main" => "{$type}_main.php")
|
array("Main" => "user_main.php")
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
function activate(type)
|
function activate(role)
|
||||||
{
|
{
|
||||||
$("#status_"+type).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=activate&type="+type,$('#activate_form').serializeArray());
|
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=activate&role="+role,$('#activate_form').serializeArray());
|
||||||
$("#activate_"+type).attr('disabled', 'disabled');
|
$("#activate_"+role).attr('disabled', 'disabled');
|
||||||
$("#deactivate_"+type).removeAttr('disabled');
|
$("#deactivate_"+role).removeAttr('disabled');
|
||||||
$("#remove_"+type).removeAttr('disabled');
|
$("#remove_"+role).removeAttr('disabled');
|
||||||
}
|
}
|
||||||
function deactivate(type)
|
function deactivate(role)
|
||||||
{
|
{
|
||||||
$("#status_"+type).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=deactivate&type="+type,$('#activate_form').serializeArray());
|
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=deactivate&role="+role,$('#activate_form').serializeArray());
|
||||||
$("#activate_"+type).removeAttr('disabled');
|
$("#activate_"+role).removeAttr('disabled');
|
||||||
$("#deactivate_"+type).attr('disabled', 'disabled');
|
$("#deactivate_"+role).attr('disabled', 'disabled');
|
||||||
$("#remove_"+type).attr('disabled', 'disabled');
|
$("#remove_"+role).attr('disabled', 'disabled');
|
||||||
}
|
}
|
||||||
function remove(type)
|
function remove(role)
|
||||||
{
|
{
|
||||||
var con = confirmClick("<?=i18n("Are you sure you want to remove this role from your account?\\nThis action cannot be undone.")?>");
|
var con = confirmClick("<?=i18n("Are you sure you want to remove this role from your account?\\nThis action cannot be undone.")?>");
|
||||||
if(con == true) {
|
if(con == true) {
|
||||||
$("#status_"+type).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=remove&type="+type,$('#activate_form').serializeArray());
|
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=remove&role="+role,$('#activate_form').serializeArray());
|
||||||
$("#activate_"+type).attr('disabled', 'disabled');
|
$("#activate_"+role).attr('disabled', 'disabled');
|
||||||
$("#deactivate_"+type).attr('disabled', 'disabled');
|
$("#deactivate_"+role).attr('disabled', 'disabled');
|
||||||
$("#remove_"+type).attr('disabled', 'disabled');
|
$("#remove_"+role).attr('disabled', 'disabled');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
</script>
|
</script>
|
||||||
@ -137,10 +156,10 @@ function remove(type)
|
|||||||
<input type="hidden" name="users_id" value="<?=$u['id']?>" />
|
<input type="hidden" name="users_id" value="<?=$u['id']?>" />
|
||||||
|
|
||||||
<?
|
<?
|
||||||
foreach($u['types'] as $t) {
|
foreach(array_keys($u['roles']) as $r) {
|
||||||
echo '<h3>'.i18n("Role: {$user_what[$t]}").'</h3>';
|
echo '<h3>'.i18n("Role: {$roles[$r]['name']}").'</h3>';
|
||||||
echo "<div id=\"status_$t\">";
|
echo "<div id=\"status_$r\">";
|
||||||
if($u["{$t}_active"] == 'yes') {
|
if($u['roles'][$r]['active'] == 'yes') {
|
||||||
echo happy(i18n('Active'));
|
echo happy(i18n('Active'));
|
||||||
$a = 'disabled="disabled"';
|
$a = 'disabled="disabled"';
|
||||||
$d = '';
|
$d = '';
|
||||||
@ -153,11 +172,11 @@ function remove(type)
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
<table><tr><td>
|
<table><tr><td>
|
||||||
<input style="width: 200px;" id="activate_<?=$t?>" <?=$a?> onclick="activate('<?=$t?>');return false;" type="submit" value="<?=i18n("Activate Role")?>">
|
<input style="width: 200px;" id="activate_<?=$r?>" <?=$a?> onclick="activate('<?=$r?>');return false;" type="submit" value="<?=i18n("Activate Role")?>">
|
||||||
</td><td>
|
</td><td>
|
||||||
<input style="width: 200px;" id="deactivate_<?=$t?>"<?=$d?> onclick="deactivate('<?=$t?>');return false;" type="submit" value="<?=i18n("Deactivate Role")?>">
|
<input style="width: 200px;" id="deactivate_<?=$r?>"<?=$d?> onclick="deactivate('<?=$r?>');return false;" type="submit" value="<?=i18n("Deactivate Role")?>">
|
||||||
</td><td>
|
</td><td>
|
||||||
<input style="width: 200px;" id="remove_<?=$t?>"<?=$d?> onclick="remove('<?=$t?>');return false;" type="submit" value="<?=i18n("Remove Role")?>">
|
<input style="width: 200px;" id="remove_<?=$r?>"<?=$d?> onclick="remove('<?=$r?>');return false;" type="submit" value="<?=i18n("Remove Role")?>">
|
||||||
|
|
||||||
</td></tr></table>
|
</td></tr></table>
|
||||||
<br />
|
<br />
|
||||||
|
Loading…
Reference in New Issue
Block a user