forked from science-ation/science-ation
Update role activate/deactive page
This commit is contained in:
parent
c3f2e0c589
commit
88f8ce044b
37
user.inc.php
37
user.inc.php
@ -65,13 +65,12 @@ function user_load($users_id, $accounts_id = false)
|
||||
|
||||
|
||||
/* Get roles, and active/complete status for each role */
|
||||
$query = "SELECT * FROM user_roles LEFT JOIN roles ON roles.id=user_roles.roles_id WHERE user_roles.users_id={$ret['id']}";
|
||||
$query = "SELECT user_roles.*,roles.type,roles.name FROM user_roles LEFT JOIN roles ON roles.id=user_roles.roles_id WHERE user_roles.users_id={$ret['id']}";
|
||||
$q = mysql_query($query);
|
||||
|
||||
$ret['roles'] = array();
|
||||
while(($roledata = mysql_fetch_assoc($q))) {
|
||||
$t = $roledata['type'];
|
||||
$ret['roles'][$t] = $roledata;
|
||||
$ret['roles'][$roledata['type']] = $roledata;
|
||||
}
|
||||
|
||||
if(count($ret['roles']) == 0) {
|
||||
@ -199,15 +198,6 @@ function user_save(&$u)
|
||||
/* Add any new roles */
|
||||
$orig_roles = array_keys($u['orig']['roles']);
|
||||
$new_roles = array_keys($u['roles']);
|
||||
$added = array_diff($new_roles, $orig_roles);
|
||||
foreach($added as $r) {
|
||||
if(!user_add_role_allowed($r, $u)) {
|
||||
echo "HALT: user can't add this roles";
|
||||
exit;
|
||||
}
|
||||
mysql_query("INSERT INTO user_roles(accounts_id,users_id,roles_id,active,complete)
|
||||
VALUES('{$u['accounts_id']}','{$u['id']}','{$roles[$r]['id']}','no','no')");
|
||||
}
|
||||
|
||||
/* Delete any removed roles */
|
||||
$removed = array_diff($orig_roles, $new_roles);
|
||||
@ -215,6 +205,28 @@ function user_save(&$u)
|
||||
mysql_query("DELETE FROM user_roles WHERE users_id='{$u['id']}' AND roles_id='{$roles[$r]['id']}'");
|
||||
}
|
||||
|
||||
/* Update all roles */
|
||||
foreach($new_roles as $r) {
|
||||
if(!in_array($r, $orig_roles)) {
|
||||
/* Role is new */
|
||||
if(!user_add_role_allowed($u, $r)) {
|
||||
echo "HALT: user can't add this role";
|
||||
exit;
|
||||
}
|
||||
mysql_query("INSERT INTO user_roles(accounts_id,users_id,roles_id,active,complete)
|
||||
VALUES('{$u['accounts_id']}','{$u['id']}','{$roles[$r]['id']}','no','no')");
|
||||
echo mysql_error();
|
||||
|
||||
} else if($u['roles'][$r] != $u['orig']['roles'][$r]) {
|
||||
/* $u['roles'][$r] has changed from original, update it */
|
||||
mysql_query("UPDATE user_roles SET active='{$u['roles'][$r]['active']}',
|
||||
complete='{$u['roles'][$r]['complete']}'
|
||||
WHERE id='{$u['roles'][$r]['id']}'");
|
||||
echo mysql_error();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$fields = array('salutation','firstname','lastname','username',
|
||||
'phonehome','phonework','phonecell','fax','organization',
|
||||
'address','address2','city','province','postalcode','sex',
|
||||
@ -232,6 +244,7 @@ function user_save(&$u)
|
||||
|
||||
/* Merge fields as necessary, build a big list of fields to save */
|
||||
foreach($new_roles as $r) {
|
||||
if(!array_key_exists($r, $fields_for_role)) continue;
|
||||
$fields = array_merge($fields, $fields_for_role[$r]);
|
||||
}
|
||||
|
||||
|
@ -26,8 +26,8 @@
|
||||
require_once("common.inc.php");
|
||||
require_once("user.inc.php");
|
||||
|
||||
if(!isset($_SESSION['users_type'])) {
|
||||
/* No type set, invalid session */
|
||||
if(!isset($_SESSION['users_id'])) {
|
||||
/* No user ID set, invalid session for editting roles */
|
||||
echo "ERROR: session is invalid";
|
||||
exit;
|
||||
}
|
||||
@ -42,19 +42,30 @@ else
|
||||
|
||||
if($eid != $_SESSION['users_id']) {
|
||||
/* Not editing ourself, we had better be
|
||||
* a committee member */
|
||||
user_auth_required('committee','admin');
|
||||
* someone with admin access */
|
||||
user_auth_required('admin');
|
||||
}
|
||||
$u = user_load($eid);
|
||||
|
||||
/* Validate the type */
|
||||
/* Validate the incoming role, make sure it is actually a role */
|
||||
$role = '';
|
||||
if($_GET['action'] != '') {
|
||||
$action_type = $_GET['type'];
|
||||
if(!in_array($action_type, $user_types)) {
|
||||
echo "ERROR: not an allowed type.";
|
||||
$role = $_GET['role'];
|
||||
if(!array_key_exists($role, $roles)) {
|
||||
echo "ERROR: not an allowed role.";
|
||||
exit;
|
||||
}
|
||||
/* We're not adding a role, but this checks to see if
|
||||
* the user is allowed to be associated with this role, we don't
|
||||
* want a student to deactivate a committee role, which would
|
||||
* set the 'active' to 'no', but would create the 'committee' entry
|
||||
* in the roles array, making them part of that role suddenly. We
|
||||
* also check for this case below to prevent it */
|
||||
if(!user_add_role_allowed($u, $role)) {
|
||||
/* If we get in here, someone is hand crafting URLs */
|
||||
echo "HALT: invalid role to manipulate for this user.";
|
||||
exit;
|
||||
}
|
||||
$action_what = $user_what[$action_type];
|
||||
}
|
||||
|
||||
switch($_GET['action']) {
|
||||
@ -70,22 +81,32 @@ case 'delete':
|
||||
|
||||
case 'remove':
|
||||
/* Like delete, only we're only deleting a role, not the whole account */
|
||||
happy_("$action_what role successfully removed.");
|
||||
happy_("{$roles[$role]['name']} role successfully removed.");
|
||||
echo error(i18n("Permanently Removed"));
|
||||
user_delete($u, $action_type);
|
||||
user_delete($u, $role);
|
||||
exit;
|
||||
|
||||
case 'activate':
|
||||
$u["{$action_type}_active"] = 'yes';
|
||||
if(!array_key_exists($role, $u['roles'])) {
|
||||
/* Hand crafting URLs? */
|
||||
echo "HALT: can't activate a role the user doesn't have";
|
||||
exit;
|
||||
}
|
||||
$u['roles'][$role]['active'] = 'yes';
|
||||
user_save($u);
|
||||
happy_("$action_what role for %1 successfully activated",array($config['FAIRYEAR']));
|
||||
happy_("{$roles[$role]['name']} role for %1 successfully activated",array($config['FAIRYEAR']));
|
||||
echo happy(i18n("Active"));
|
||||
exit;
|
||||
|
||||
case 'deactivate':
|
||||
$u["{$action_type}_active"] = 'no';
|
||||
if(!array_key_exists($role, $u['roles'])) {
|
||||
/* Hand crafting URLs? */
|
||||
echo "HALT: can't deactivate a role the user doesn't have";
|
||||
exit;
|
||||
}
|
||||
$u['roles'][$role]['active'] = 'no';
|
||||
user_save($u);
|
||||
happy_("$action_what role for %1 successfully deactivated",array($config['FAIRYEAR']));
|
||||
happy_("{$roles[$role]['name']} role for %1 successfully deactivated",array($config['FAIRYEAR']));
|
||||
echo error(i18n("Deactivated"));
|
||||
exit;
|
||||
}
|
||||
@ -98,37 +119,35 @@ case 'remove':
|
||||
echo "<h3>".i18n("Role and Account Management")."</h3>";
|
||||
echo "<br/>";
|
||||
} else {
|
||||
$type = $_SESSION['users_type'];
|
||||
$m = $user_what[$type];
|
||||
send_header("Role and Account Management",
|
||||
array("$m Main" => "{$type}_main.php")
|
||||
array("Main" => "user_main.php")
|
||||
);
|
||||
}
|
||||
|
||||
?>
|
||||
<script type="text/javascript">
|
||||
function activate(type)
|
||||
function activate(role)
|
||||
{
|
||||
$("#status_"+type).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=activate&type="+type,$('#activate_form').serializeArray());
|
||||
$("#activate_"+type).attr('disabled', 'disabled');
|
||||
$("#deactivate_"+type).removeAttr('disabled');
|
||||
$("#remove_"+type).removeAttr('disabled');
|
||||
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=activate&role="+role,$('#activate_form').serializeArray());
|
||||
$("#activate_"+role).attr('disabled', 'disabled');
|
||||
$("#deactivate_"+role).removeAttr('disabled');
|
||||
$("#remove_"+role).removeAttr('disabled');
|
||||
}
|
||||
function deactivate(type)
|
||||
function deactivate(role)
|
||||
{
|
||||
$("#status_"+type).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=deactivate&type="+type,$('#activate_form').serializeArray());
|
||||
$("#activate_"+type).removeAttr('disabled');
|
||||
$("#deactivate_"+type).attr('disabled', 'disabled');
|
||||
$("#remove_"+type).attr('disabled', 'disabled');
|
||||
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=deactivate&role="+role,$('#activate_form').serializeArray());
|
||||
$("#activate_"+role).removeAttr('disabled');
|
||||
$("#deactivate_"+role).attr('disabled', 'disabled');
|
||||
$("#remove_"+role).attr('disabled', 'disabled');
|
||||
}
|
||||
function remove(type)
|
||||
function remove(role)
|
||||
{
|
||||
var con = confirmClick("<?=i18n("Are you sure you want to remove this role from your account?\\nThis action cannot be undone.")?>");
|
||||
if(con == true) {
|
||||
$("#status_"+type).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=remove&type="+type,$('#activate_form').serializeArray());
|
||||
$("#activate_"+type).attr('disabled', 'disabled');
|
||||
$("#deactivate_"+type).attr('disabled', 'disabled');
|
||||
$("#remove_"+type).attr('disabled', 'disabled');
|
||||
$("#status_"+role).load("<?=$config['SFIABDIRECTORY']?>/user_activate.php?action=remove&role="+role,$('#activate_form').serializeArray());
|
||||
$("#activate_"+role).attr('disabled', 'disabled');
|
||||
$("#deactivate_"+role).attr('disabled', 'disabled');
|
||||
$("#remove_"+role).attr('disabled', 'disabled');
|
||||
}
|
||||
}
|
||||
</script>
|
||||
@ -137,10 +156,10 @@ function remove(type)
|
||||
<input type="hidden" name="users_id" value="<?=$u['id']?>" />
|
||||
|
||||
<?
|
||||
foreach($u['types'] as $t) {
|
||||
echo '<h3>'.i18n("Role: {$user_what[$t]}").'</h3>';
|
||||
echo "<div id=\"status_$t\">";
|
||||
if($u["{$t}_active"] == 'yes') {
|
||||
foreach(array_keys($u['roles']) as $r) {
|
||||
echo '<h3>'.i18n("Role: {$roles[$r]['name']}").'</h3>';
|
||||
echo "<div id=\"status_$r\">";
|
||||
if($u['roles'][$r]['active'] == 'yes') {
|
||||
echo happy(i18n('Active'));
|
||||
$a = 'disabled="disabled"';
|
||||
$d = '';
|
||||
@ -153,11 +172,11 @@ function remove(type)
|
||||
</div>
|
||||
|
||||
<table><tr><td>
|
||||
<input style="width: 200px;" id="activate_<?=$t?>" <?=$a?> onclick="activate('<?=$t?>');return false;" type="submit" value="<?=i18n("Activate Role")?>">
|
||||
<input style="width: 200px;" id="activate_<?=$r?>" <?=$a?> onclick="activate('<?=$r?>');return false;" type="submit" value="<?=i18n("Activate Role")?>">
|
||||
</td><td>
|
||||
<input style="width: 200px;" id="deactivate_<?=$t?>"<?=$d?> onclick="deactivate('<?=$t?>');return false;" type="submit" value="<?=i18n("Deactivate Role")?>">
|
||||
<input style="width: 200px;" id="deactivate_<?=$r?>"<?=$d?> onclick="deactivate('<?=$r?>');return false;" type="submit" value="<?=i18n("Deactivate Role")?>">
|
||||
</td><td>
|
||||
<input style="width: 200px;" id="remove_<?=$t?>"<?=$d?> onclick="remove('<?=$t?>');return false;" type="submit" value="<?=i18n("Remove Role")?>">
|
||||
<input style="width: 200px;" id="remove_<?=$r?>"<?=$d?> onclick="remove('<?=$r?>');return false;" type="submit" value="<?=i18n("Remove Role")?>">
|
||||
|
||||
</td></tr></table>
|
||||
<br />
|
||||
|
Loading…
Reference in New Issue
Block a user