Update role activate/deactive page

This commit is contained in:
dave 2010-07-13 03:30:25 +00:00
parent c3f2e0c589
commit 88f8ce044b
2 changed files with 84 additions and 52 deletions

View File

@ -65,13 +65,12 @@ function user_load($users_id, $accounts_id = false)
/* Get roles, and active/complete status for each role */
$query = "SELECT * FROM user_roles LEFT JOIN roles ON roles.id=user_roles.roles_id WHERE user_roles.users_id={$ret['id']}";
$query = "SELECT user_roles.*,roles.type,roles.name FROM user_roles LEFT JOIN roles ON roles.id=user_roles.roles_id WHERE user_roles.users_id={$ret['id']}";
$q = mysql_query($query);
$ret['roles'] = array();
while(($roledata = mysql_fetch_assoc($q))) {
$t = $roledata['type'];
$ret['roles'][$t] = $roledata;
$ret['roles'][$roledata['type']] = $roledata;
}
if(count($ret['roles']) == 0) {
@ -199,15 +198,6 @@ function user_save(&$u)
/* Add any new roles */
$orig_roles = array_keys($u['orig']['roles']);
$new_roles = array_keys($u['roles']);
$added = array_diff($new_roles, $orig_roles);
foreach($added as $r) {
if(!user_add_role_allowed($r, $u)) {
echo "HALT: user can't add this roles";
exit;
}
mysql_query("INSERT INTO user_roles(accounts_id,users_id,roles_id,active,complete)
VALUES('{$u['accounts_id']}','{$u['id']}','{$roles[$r]['id']}','no','no')");
}
/* Delete any removed roles */
$removed = array_diff($orig_roles, $new_roles);
@ -215,6 +205,28 @@ function user_save(&$u)
mysql_query("DELETE FROM user_roles WHERE users_id='{$u['id']}' AND roles_id='{$roles[$r]['id']}'");
}
/* Update all roles */
foreach($new_roles as $r) {
if(!in_array($r, $orig_roles)) {
/* Role is new */
if(!user_add_role_allowed($u, $r)) {
echo "HALT: user can't add this role";
exit;
}
mysql_query("INSERT INTO user_roles(accounts_id,users_id,roles_id,active,complete)
VALUES('{$u['accounts_id']}','{$u['id']}','{$roles[$r]['id']}','no','no')");
echo mysql_error();
} else if($u['roles'][$r] != $u['orig']['roles'][$r]) {
/* $u['roles'][$r] has changed from original, update it */
mysql_query("UPDATE user_roles SET active='{$u['roles'][$r]['active']}',
complete='{$u['roles'][$r]['complete']}'
WHERE id='{$u['roles'][$r]['id']}'");
echo mysql_error();
}
}
$fields = array('salutation','firstname','lastname','username',
'phonehome','phonework','phonecell','fax','organization',
'address','address2','city','province','postalcode','sex',
@ -232,6 +244,7 @@ function user_save(&$u)
/* Merge fields as necessary, build a big list of fields to save */
foreach($new_roles as $r) {
if(!array_key_exists($r, $fields_for_role)) continue;
$fields = array_merge($fields, $fields_for_role[$r]);
}

View File

@ -26,8 +26,8 @@
require_once("common.inc.php");
require_once("user.inc.php");
if(!isset($_SESSION['users_type'])) {
/* No type set, invalid session */
if(!isset($_SESSION['users_id'])) {
/* No user ID set, invalid session for editting roles */
echo "ERROR: session is invalid";
exit;
}
@ -42,19 +42,30 @@ else
if($eid != $_SESSION['users_id']) {
/* Not editing ourself, we had better be
* a committee member */
user_auth_required('committee','admin');
* someone with admin access */
user_auth_required('admin');
}
$u = user_load($eid);
/* Validate the type */
/* Validate the incoming role, make sure it is actually a role */
$role = '';
if($_GET['action'] != '') {
$action_type = $_GET['type'];
if(!in_array($action_type, $user_types)) {
echo "ERROR: not an allowed type.";
$role = $_GET['role'];
if(!array_key_exists($role, $roles)) {
echo "ERROR: not an allowed role.";
exit;
}
/* We're not adding a role, but this checks to see if
* the user is allowed to be associated with this role, we don't
* want a student to deactivate a committee role, which would
* set the 'active' to 'no', but would create the 'committee' entry
* in the roles array, making them part of that role suddenly. We
* also check for this case below to prevent it */
if(!user_add_role_allowed($u, $role)) {
/* If we get in here, someone is hand crafting URLs */
echo "HALT: invalid role to manipulate for this user.";
exit;
}
$action_what = $user_what[$action_type];
}
switch($_GET['action']) {
@ -70,22 +81,32 @@ case 'delete':
case 'remove':
/* Like delete, only we're only deleting a role, not the whole account */
happy_("$action_what role successfully removed.");
happy_("{$roles[$role]['name']} role successfully removed.");
echo error(i18n("Permanently Removed"));
user_delete($u, $action_type);
user_delete($u, $role);
exit;
case 'activate':
$u["{$action_type}_active"] = 'yes';
if(!array_key_exists($role, $u['roles'])) {
/* Hand crafting URLs? */
echo "HALT: can't activate a role the user doesn't have";
exit;
}
$u['roles'][$role]['active'] = 'yes';
user_save($u);
happy_("$action_what role for %1 successfully activated",array($config['FAIRYEAR']));
happy_("{$roles[$role]['name']} role for %1 successfully activated",array($config['FAIRYEAR']));
echo happy(i18n("Active"));
exit;
case 'deactivate':
$u["{$action_type}_active"] = 'no';
if(!array_key_exists($role, $u['roles'])) {
/* Hand crafting URLs? */
echo "HALT: can't deactivate a role the user doesn't have";
exit;
}
$u['roles'][$role]['active'] = 'no';
user_save($u);
happy_("$action_what role for %1 successfully deactivated",array($config['FAIRYEAR']));
happy_("{$roles[$role]['name']} role for %1 successfully deactivated",array($config['FAIRYEAR']));
echo error(i18n("Deactivated"));
exit;
}
@ -98,37 +119,35 @@ case 'remove':
echo "<h3>".i18n("Role and Account Management")."</h3>";
echo "<br/>";
} else {
$type = $_SESSION['users_type'];
$m = $user_what[$type];
send_header("Role and Account Management",
array("$m Main" => "{$type}_main.php")
array("Main" => "user_main.php")
);
}
?>
<script type="text/javascript">
function activate(type)
function activate(role)
{
$("#status_"+type).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=activate&type="+type,$('#activate_form').serializeArray());
$("#activate_"+type).attr('disabled', 'disabled');
$("#deactivate_"+type).removeAttr('disabled');
$("#remove_"+type).removeAttr('disabled');
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=activate&role="+role,$('#activate_form').serializeArray());
$("#activate_"+role).attr('disabled', 'disabled');
$("#deactivate_"+role).removeAttr('disabled');
$("#remove_"+role).removeAttr('disabled');
}
function deactivate(type)
function deactivate(role)
{
$("#status_"+type).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=deactivate&type="+type,$('#activate_form').serializeArray());
$("#activate_"+type).removeAttr('disabled');
$("#deactivate_"+type).attr('disabled', 'disabled');
$("#remove_"+type).attr('disabled', 'disabled');
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=deactivate&role="+role,$('#activate_form').serializeArray());
$("#activate_"+role).removeAttr('disabled');
$("#deactivate_"+role).attr('disabled', 'disabled');
$("#remove_"+role).attr('disabled', 'disabled');
}
function remove(type)
function remove(role)
{
var con = confirmClick("<?=i18n("Are you sure you want to remove this role from your account?\\nThis action cannot be undone.")?>");
if(con == true) {
$("#status_"+type).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=remove&type="+type,$('#activate_form').serializeArray());
$("#activate_"+type).attr('disabled', 'disabled');
$("#deactivate_"+type).attr('disabled', 'disabled');
$("#remove_"+type).attr('disabled', 'disabled');
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=remove&role="+role,$('#activate_form').serializeArray());
$("#activate_"+role).attr('disabled', 'disabled');
$("#deactivate_"+role).attr('disabled', 'disabled');
$("#remove_"+role).attr('disabled', 'disabled');
}
}
</script>
@ -137,10 +156,10 @@ function remove(type)
<input type="hidden" name="users_id" value="<?=$u['id']?>" />
<?
foreach($u['types'] as $t) {
echo '<h3>'.i18n("Role: {$user_what[$t]}").'</h3>';
echo "<div id=\"status_$t\">";
if($u["{$t}_active"] == 'yes') {
foreach(array_keys($u['roles']) as $r) {
echo '<h3>'.i18n("Role: {$roles[$r]['name']}").'</h3>';
echo "<div id=\"status_$r\">";
if($u['roles'][$r]['active'] == 'yes') {
echo happy(i18n('Active'));
$a = 'disabled="disabled"';
$d = '';
@ -153,11 +172,11 @@ function remove(type)
</div>
<table><tr><td>
<input style="width: 200px;" id="activate_<?=$t?>" <?=$a?> onclick="activate('<?=$t?>');return false;" type="submit" value="<?=i18n("Activate Role")?>">
<input style="width: 200px;" id="activate_<?=$r?>" <?=$a?> onclick="activate('<?=$r?>');return false;" type="submit" value="<?=i18n("Activate Role")?>">
</td><td>
<input style="width: 200px;" id="deactivate_<?=$t?>"<?=$d?> onclick="deactivate('<?=$t?>');return false;" type="submit" value="<?=i18n("Deactivate Role")?>">
<input style="width: 200px;" id="deactivate_<?=$r?>"<?=$d?> onclick="deactivate('<?=$r?>');return false;" type="submit" value="<?=i18n("Deactivate Role")?>">
</td><td>
<input style="width: 200px;" id="remove_<?=$t?>"<?=$d?> onclick="remove('<?=$t?>');return false;" type="submit" value="<?=i18n("Remove Role")?>">
<input style="width: 200px;" id="remove_<?=$r?>"<?=$d?> onclick="remove('<?=$r?>');return false;" type="submit" value="<?=i18n("Remove Role")?>">
</td></tr></table>
<br />