Added code for inviting users, access to it through the api

2010-11-23 20:58:38 +00:00 · 2010-11-23 20:58:38 +00:00 · e9f46edb0e
commit e9f46edb0e
parent 8f255f4eb8
6 changed files with 157 additions and 73 deletions
--- a/api.php
+++ b/api.php
@ -599,6 +599,35 @@ switch($request[0]) {
 				}
 			break;
 			/*	APIDOC: user/invite
 				description(invites a user to play a particular role in the conference, creating an account for them, and giving them the specifed role)
 				post(username varchar(64), password varchar(64), email varchar(64), roles_id integer)
 				return(user array)
 			*/
 			case 'invite':
 				// let's make sure we have all of the data posted
 				$ok = true;
 				foreach(array('username' => 'varchar(64)', 'password' => 'varchar(64)', 'email' => 'varchar(64)', 'roles_id' => 'integer') as $field => $format){
 					if(!array_key_exists($field, $_POST)){
 						$ret['status'] == 'error';
 						$ret['error'] = "$field ($format) is required";
 						$ok = false;
 						break;
 					}
 				}
 				if($ok){
 					$newUser = user_invite($_POST['username'], $_POST['password'], $_POST['email'], $_POST['roles_id']);
 					if(is_array($newUser)){
 						$ret['status'] = 'ok';
 						$ret['user'] = $newUser;
 					}else{
 						$ret['status'] = 'error';
 						$ret['error'] = $newUser;
 					}
 				}
 			break;
 		}
--- a/db/db.update.224.sql
+++ b/db/db.update.224.sql
@ -0,0 +1,6 @@
 INSERT INTO `rolestasks` (`id`, `pid`, `roles_id`, `level`, `task`, `ord`, `link`, `navident`, `conferencetype`) VALUES
 (128, 89, 10, 2, 'School Information', 1, '/schoolinfo.php', '', 'scienceolympics'),
 (129, 90, 10, 2, 'School Feedback', 1, '/schoolfeedback.php', '', 'scienceolympics');
 ALTER TABLE `pagetext` DROP INDEX `textname` , ADD UNIQUE `textname` ( `textname` , `conferences_id` , `lang` );
 UPDATE roles SET `type` = 'participant', `name` = 'Participant' WHERE type = 'student';
--- a/super/conferences.php
+++ b/super/conferences.php
@ -273,7 +273,16 @@ function dropConference(cid){
 function openWizard(){
 	wizard = $('<div></div>');
 	$('#conferences').append(wizard);
-	wizard.dialog({'modal':'true'});
+	wizard.dialog({
 		modal:true,
 		width:500,
 		height:200,
 		resizable:false,
 		draggable:false,
 		closeOnEscape:false,
 		open: function(event, ui) { $(".ui-dialog-titlebar-close").hide(); }
 	});
 	wizard.load('conferences.php?action=new');
 }
@ -371,7 +380,7 @@ function wizard_draw_step($step, $message = null){
 		}
 		// draw the actual content of this step
-		echo "<div class=\"wizard_content\">";
+		echo "<div style=\"margin:1em\">";
 		if(function_exists($wizard_steps[$step]['builder'])){
 			$wizard_steps[$step]['builder']();
 		}
@ -412,8 +421,10 @@ function build_start_step(){
 		}else{
 		}
 		echo '<p>' . i18n("What would you like to do?") . '</p>';
-		echo '<input type="radio" name="method" value="create" ' . $create_selected . '>' . i18n('Create a new conference') . '</input><br/>';
+		echo '<div style="margin:1em">';
-		echo '<input type="radio" name="method" value="copy" ' . $copy_selected . '>' . i18n('Copy an existing conference') . '</input><br/>';
+		echo '<input type="radio" name="method" value="create" ' . $create_selected . '> ' . i18n('Create a new conference') . '</input><br/>';
 		echo '<input type="radio" name="method" value="copy" ' . $copy_selected . '> ' . i18n('Copy an existing conference') . '</input><br/>';
 		echo '</div>';
 	}
 }
@ -439,13 +450,15 @@ function handle_start_step(){
 function build_select_nametype_step(){
 	global $conference_types;
 	echo "<p>" . i18n("Please enter the name and type of this conference.") . "</p>";
 	echo '<div style="margin:1em">';
 	echo "<table><tr>";
 	echo "<td>" . i18n("Conference Name") . "</td>";
 	$val = '';
 	if(array_key_exists('name', $_SESSION['conference_wizard'])){
 		$val = ' VALUE="' . $_SESSION['conference_wizard']['name'] . '" ';
 	}
-	echo "<td><input type=\"text\" id=\"name\"$val></input></td>";
+	echo "<td><input type=\"text\" size=\"40\" id=\"name\"$val></input></td>";
 	echo "</tr><tr>";
 	echo "<td>" . i18n("Conference Type") . "</td>";
 	echo "<td><select id=\"type\">";
@ -461,6 +474,7 @@ function build_select_nametype_step(){
 	}
 	echo "</select></td>";
 	echo "</tr></table>";
 	echo "</div>";
 }
 function handle_select_nametype_step(){
@ -500,7 +514,8 @@ function build_select_conference_step(){
 	}
 	echo "<p>" . i18n("Please select the conference that you wish to copy.") . "</p>";
-	echo "<table><tr><td>" . i18n("Conference to Copy:") . "</td><td>";
+	echo '<div style="margin:1em">';
 	echo "<table><tr><td colspan=\"2\">";
 	echo "<select id=\"mastercopy\">";
 	$query = mysql_query("SELECT * FROM conferences ORDER BY id DESC");
 	while($row = mysql_fetch_assoc($query)){
@ -511,15 +526,16 @@ function build_select_conference_step(){
 		echo "<option $selected value=\"{$row['id']}\">{$row['name']}</option>";
 	}
 	echo "</select>";
-	echo "</td></tr><tr><td>" . i18n("End this conference after copying it:") . "</td><td>";
+	echo "</td></tr><tr><td>";
 	echo "<input type=\"checkbox\" value=\"yes\" name=\"endExisting\" $endchecked ></input>";
-	echo "</td></tr>";
+	echo "</td><td>" . i18n("End this conference after copying it") . "</td></tr>";
-	echo "<tr><td>" . i18n("Increment dates by a year:") . "</td><td>";
+	echo "<tr><td>";
 	echo "<input type=\"checkbox\" value=\"yes\" name=\"rollDates\" $rollchecked ></input>";
-	echo "</td></tr>";
+	echo "</td><td>" . i18n("Increment dates by a year") . "</td></tr>";
 	echo "</table>";
 	echo '</div>';
 }
 function handle_select_conference_step(){
@ -541,8 +557,6 @@ function handle_select_conference_step(){
 function build_enter_name_step(){
 	echo "<p>" . i18n("Please enter a name for this conference") . "</p>";
 	echo "<table><tr>";
 	echo "<td>" . i18n("Conference Name") . "</td>";
 	$val = '';
 	if(array_key_exists('name', $_SESSION['conference_wizard'])){
 		// get the value previously answered
@ -553,8 +567,7 @@ function build_enter_name_step(){
 		$result = mysql_fetch_assoc(mysql_query($query));
 		$val = ' VALUE="' . $result['name'] . '" ';
 	}
-	echo "<td><input type=\"text\" id=\"name\"$val></input></td>";
+	echo "<div style=\"margin:1em\"><input type=\"text\" size=\"40\" id=\"name\"$val></input></div>";
 	echo "</tr></table>";
 }
 function handle_enter_name_step(){
@ -800,10 +813,8 @@ function copy_conference($params){
 		$errorMessage .= roll($oldConfId, $newConfId, 'award_awards_projectcategories', "award_awards_id='{$r->id}'",
 							array('award_awards_id' => $award_awards_id));
 		$errorMessage .= roll($oldConfId, $newConfId, 'award_awards_projectdivisions', "award_awards_id='{$r->id}'",
 							array('award_awards_id' => $award_awards_id));
 		echo i18n("&nbsp; Rolling award prizes")."<br />";
 		$errorMessage .= roll($oldConfId, $newConfId, 'award_prizes', "award_awards_id='{$r->id}'",
 							array('award_awards_id' => $award_awards_id));
 	}
@ -939,7 +950,7 @@ function roll($oldConfId, $newConfId, $table, $where='', $replace=array()){
 		/* Skip year field */
 		if($k == 'year') continue;
 		/* Skip conferences_id field */
-		if($k == 'year') continue;
+		if($k == 'conferences_id') continue;
 		$fields[] = $k;
 	} 
--- a/testapi.php
+++ b/testapi.php
@ -119,6 +119,14 @@ Link username to email? <input type="radio" name="link_username_to_email" value=
 <h2>User Stuff</h2>
 <a href="api/user/view/">View the user</a><br/>
 Invite a user:<br/>
 <form method="post" action="api/user/invite">
 username: <input type="text" name="username"></input><br/>
 password: <input type="text" name="password"></input><br/>
 email address: <input type="text" name="email"></input><br/>
 role id: <input type="text" name="roles_id"></input><br/>
 <input type="submit" value="Invite User"></input>
 </form>
 <h2>Event Schedule</h2>
 <a href="api/schedule/list">Schedule Listing</a><br/>
--- a/theme/default/sfiab.css
+++ b/theme/default/sfiab.css
@ -756,56 +756,3 @@ ul.conferencenav li a:hover {
 .scheduleevent_tour {
 	background: #CCFFD5;
 }
 /*
 #wizardWrapper{
 	display: none;
 	position: absolute;
 	top: 0;
 	left: 0;
 	width: 100%;
 	height: 100%;
 }
 #wizardBackdrop{
 	display: none;
 	position: absolute;
 	top: 0;
 	left: 0;
 	width: 100%;
 	height: 100%;
 	background-color: #383878;
 }
 #wizard {
 	background-color: #E0E0FF;
 	border: 2px solid silver;
 	width: 40em;
 	margin-left:auto;
 	margin-right:auto;
 	top: 20%;
 }
 #wizard h2{
 	background-color: #1B86B7;
 	color: #FFF;
 	text-align:center;
 	padding:0;
 	margin:0;
 	margin-left:auto;
 	margin-right:auto;
 	border-bottom: 1px solid silver;
 }
 #wizard p{
 	margin: 0.5em; 
 }
 .wizard_content{
 	background-color: #E0E0FF;
 	margin: 1em;
 }
 .wizard_buttons{
 	background-color: #1B86B7;
 	padding: 0.25em;
 }
 */
--- a/user.inc.php
+++ b/user.inc.php
@ -1113,7 +1113,7 @@ function api_user_auth_required($all_required = array(), $one_required = array()
 	if(!isset($_SESSION['roles']) || !isset($_SESSION['accounts_id'])) {
 		$ret['status']="error";
-		$ret['error']="Not logged in";
+		$returnval="Not logged in";
 		return $ret;
 	}
@ -1140,14 +1140,14 @@ function api_user_auth_required($all_required = array(), $one_required = array()
 	if(!$ok) {
 		$ret['status']="error";
-		$ret['error']="You do not have permission to access that information";
+		$returnval="You do not have permission to access that information";
 		return $ret;
 	}
 	/* Forward to password expired, remember the target URI */
 	if($_SESSION['password_expired'] == true) {
 		$ret['status']="error";
-		$ret['error']="Your password has expired";
+		$returnval="Your password has expired";
 		return $ret;
 	}
 	$ret['status']="ok";
@ -1445,5 +1445,88 @@ function user_conference_load($accounts_id,$conferences_id) {
 	//exit;
 }
 // sends an invitation from the user currently logged in, to the new user info passed in the parameters
 // returns the created user object on success, error message otherwise
 function user_invite($username, $password, $email, $roles_id){
 	global $roles, $conference;
 	$u = user_load($_SESSION['users_id']);
 	$ok = false;
 	$returnval = null;
 	$schoolId = null;
 	$roletype = null;
 	foreach($roles as $t => $r){
 		if($r['id'] == $roles_id){
 			$roletype = $t;
 			break;
 		}
 	}
 	if($roletype === null){
 		$returnval = 'Invalid roles_id parameter';
 	}
 	// find out if this user has the necessary permission to invite another one
 	if(!is_array($u['roles'])){
 		$returnval = 'You do not have a valid role for inviting users';
 	}
 	if(array_key_exists('admin', $u['roles'])){
 		// This is an administrative user; they can invite people to any role they want.
 		$ok = true;
 	}else if(array_key_exists('teacher', $u['roles'])){
 		// This is a teacher; they can add students.
 		// make sure this teacher is tied to a school
 		if(array_key_exists('schools_id', $u) && $u['schools_id'] > 0){
 			if($roletype == 'participant'){
 				$ok = true;
 				$schoolId = $u['schools_id'];
 			}else{
 				$returnval = 'You do not have permission to invite this role';
 			}
 		}else{
 			$returnval = 'You must be associated with a school to add participants';
 		}
 	}else{
 		$returnval = 'You do not have a role with permission to invite users';
 	}
 	if($returnval == null){
 		// all fields have been passed in, let's go ahead and create the account/user/role
 		$newAccount = account_create($username, $password);
 		if(!is_array($newAccount)){
 			switch($newAccount){
 				case -1: $returnval = "Invalid username"; break;
 				case -2: $returnval = "Username already in use"; break;
 				case -3: $returnval = "Invalid password"; break;
 			}
 		}
 	}
 	if($returnval == null){
 		$newUser = user_create($newAccount['id'], $conference['id']);
 		if(!is_array($newUser)){
 			$returnval = 'Error creating user';
 		}else if($schoolId !== null){
 			// schoolId is only defined if this is a teacher inviting a student
 			$newUser['schools_id'] = $schoolId;
 			user_save($newUser);
 		}
 	}
 	if($returnval == null){
 		$result = user_add_role($newUser, $roletype);
 		if($result == 'ok'){
 			// if we made it here, then it all worked nicely
 			$returnval = user_load($newUser['id']);
 		}else{
 			$returnval = "Error adding '$roletype' role: $result";
 		}
 	}
 	return $returnval;
 }
 ?>