1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/limesurvey_ynh.git synced 2024-09-03 19:36:32 +02:00
limesurvey_ynh/sources/application/controllers/admin/usergroups.php

410 lines
16 KiB
PHP
Raw Normal View History

<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
/*
* LimeSurvey
* Copyright (C) 2007-2011 The LimeSurvey Project Team / Carsten Schmitz
* All rights reserved.
* License: GNU/GPL License v2 or later, see LICENSE.php
* LimeSurvey is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.php for copyright notices and details.
*
*/
/**
* Usergroups
*
* @package LimeSurvey
* @author
* @copyright 2011
* @access public
*/
class Usergroups extends Survey_Common_Action
{
/**
* Usergroups::mail()
* Function responsible to send an e-mail to a user group.
* @param mixed $ugid
* @return void
*/
public function mail($ugid)
{
$ugid = sanitize_int($ugid);
$clang = Yii::app()->lang;
$action = Yii::app()->request->getPost("action");
if ($action == "mailsendusergroup") {
// user must be in user group or superadmin
$result = UserInGroup::model()->findAllByPk(array('ugid' => $ugid, 'uid' => Yii::app()->session['loginID']));
if (count($result) > 0 || Permission::model()->hasGlobalPermission('superadmin','read'))
{
$criteria = new CDbCriteria;
$criteria->compare('ugid',$ugid)->addNotInCondition('users.uid',array(Yii::app()->session['loginID']));
$eguresult = UserInGroup::model()->with('users')->findAll($criteria);
//die('me');
$to = array();
foreach ($eguresult as $egurow)
{
$to[] = $egurow->users->users_name . ' <' . $egurow->users->email . '>';
}
$from_user_result = User::model()->findByPk(Yii::app()->session['loginID']);
$from_user_row = $from_user_result;
if ($from_user_row->full_name) {
$from = $from_user_row->full_name;
$from .= ' <';
$from .= $from_user_row->email . '> ';
}
else
{
$from = $from_user_row->users_name . ' <' . $from_user_row->email . '> ';
}
$body = $_POST['body'];
$subject = $_POST['subject'];
if (isset($_POST['copymail']) && $_POST['copymail'] == 1) {
$to[] = $from;
}
$body = str_replace("\n.", "\n..", $body);
$body = wordwrap($body, 70);
//echo $body . '-'.$subject .'-'.'<pre>'.htmlspecialchars($to).'</pre>'.'-'.$from;
if (SendEmailMessage($body, $subject, $to, $from, '')) {
list($aViewUrls, $aData) = $this->index($ugid, array("type" => "success", "message" => "Message(s) sent successfully!"));
}
else
{
global $maildebug;
global $debug;
global $maildebugbody;
//$maildebug = (isset($maildebug)) ? $maildebug : "Their was a unknown error in the mailing part :)";
//$debug = (isset($debug)) ? $debug : 9;
//$maildebugbody = (isset($maildebugbody)) ? $maildebugbody : 'an unknown error accourd';
$headercfg["type"] = "warning";
$headercfg["message"] = sprintf($clang->gT("Email to %s failed. Error Message:"), $to) . " " . $maildebug;
list($aViewUrls, $aData) = $this->index($ugid, $headercfg);
}
}
else
{
die();
}
}
else
{
$where = array('and', 'a.ugid =' . $ugid, 'uid =' . Yii::app()->session['loginID']);
$join = array('where' => "{{user_in_groups}} AS b", 'on' => 'a.ugid = b.ugid');
$result = UserGroup::model()->join(array('a.ugid', 'a.name', 'a.owner_id', 'b.uid'), "{{user_groups}} AS a", $where, $join, 'name');
$crow = $result;
$aData['ugid'] = $ugid;
$aViewUrls = 'mailUserGroup_view';
}
$this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData);
}
/**
* Usergroups::delete()
* Function responsible to delete a user group.
* @return void
*/
public function delete($ugid)
{
$clang = Yii::app()->lang;
$aViewUrls = array();
$aData = array();
if (Permission::model()->hasGlobalPermission('usergroups','delete')) {
if (!empty($ugid) && ($ugid > -1)) {
$result = UserGroup::model()->requestEditGroup($ugid, Yii::app()->session["loginID"]);
if ($result->count() > 0) { // OK - AR count
$delquery_result = UserGroup::model()->deleteGroup($ugid, Yii::app()->session["loginID"]);
if ($delquery_result) //Checked)
{
list($aViewUrls, $aData) = $this->index(false, array("type" => "success", "message" => $clang->gT("Success!")));
}
else
{
list($aViewUrls, $aData) = $this->index(false, array("type" => "warning", "message" => $clang->gT("Could not delete user group.")));
}
}
}
else
{
list($aViewUrls, $aData) = $this->index($ugid, array("type" => "warning", "message" => $clang->gT("Could not delete user group. No group selected.")));
}
}
$this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData);
}
public function add()
{
$clang = Yii::app()->lang;
$action = (isset($_POST['action'])) ? $_POST['action'] : '';
$aData = array();
if (Permission::model()->hasGlobalPermission('usergroups','create')) {
if ($action == "usergroupindb") {
$db_group_name = flattenText($_POST['group_name'],false,true,'UTF-8',true);
$db_group_description = $_POST['group_description'];
if (isset($db_group_name) && strlen($db_group_name) > 0) {
if (strlen($db_group_name) > 21) {
list($aViewUrls, $aData) = $this->index(false, array("type" => "warning", "message" => $clang->gT("Failed to add group! Group name length more than 20 characters.")));
}
elseif (UserGroup::model()->find("name=:groupName", array(':groupName'=>$db_group_name))) {
list($aViewUrls, $aData) = $this->index(false, array("type" => "warning", "message" => $clang->gT("Failed to add group! Group already exists.")));
}
else
{
$ugid = UserGroup::model()->addGroup($db_group_name, $db_group_description);
Yii::app()->session['flashmessage'] = $clang->gT("User group successfully added!");
list($aViewUrls, $aData) = $this->index($ugid, true);
}
}
else
{
list($aViewUrls, $aData) = $this->index(false, array("type" => "warning", "message" => $clang->gT("Failed to add group! Group Name was not supplied.")));
}
}
else
{
$aViewUrls = 'addUserGroup_view';
}
}
$this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData);
}
/**
* Usergroups::edit()
* Load edit user group screen.
* @param mixed $ugid
* @return void
*/
function edit($ugid)
{
$ugid = (int)$ugid;
$clang = Yii::app()->lang;
$action = (isset($_POST['action'])) ? $_POST['action'] : '';
if (Permission::model()->hasGlobalPermission('usergroups','update')) {
if ($action == "editusergroupindb") {
$ugid = (int)$_POST['ugid'];
$db_name = $_POST['name'];
$db_description = $_POST['description'];
if (UserGroup::model()->updateGroup($db_name, $db_description, $ugid)) {
Yii::app()->session['flashmessage'] = $clang->gT("User group successfully saved!");
$aData['ugid'] = $ugid;
$this->getController()->redirect(array('admin/usergroups/sa/view/ugid/'.$ugid));
}
else
{
Yii::app()->session['flashmessage'] = $clang->gT("Failed to edit user group!");
$this->getController()->redirect(array('admin/usergroups/sa/edit/ugid/'.$ugid));
}
}
else
{
$result = UserGroup::model()->requestEditGroup($ugid, Yii::app()->session['loginID']);
$aData['esrow'] = $result;
$aData['ugid'] = $result->ugid;
$aViewUrls = 'editUserGroup_view';
}
}
$this->_renderWrappedTemplate('usergroup', 'editUserGroup_view', $aData);
}
/**
* Load viewing of a user group screen.
* @param bool $ugid
* @param array|bool $header (type=success, warning)(message=localized message)
* @return void
*/
public function index($ugid = false, $header = false)
{
if ($ugid != false)
$ugid = (int)$ugid;
if (!empty($header))
$aData['headercfg'] = $header;
else
$aData = array();
$aViewUrls = array();
$aData['ugid'] = $ugid;
$aData['imageurl'] = Yii::app()->getConfig("adminimageurl");
$clang = Yii::app()->lang;
if (Yii::app()->session['loginID']) {
if ($ugid) {
$ugid = sanitize_int($ugid);
$aData["usergroupid"] = $ugid;
$result = UserGroup::model()->requestViewGroup($ugid, Yii::app()->session["loginID"]);
$crow = $result[0];
if ($result) {
$aData["groupfound"] = true;
$aData["groupname"] = $crow['name'];
if (!empty($crow['description']))
$aData["usergroupdescription"] = $crow['description'];
else
$aData["usergroupdescription"] = "";
}
//$this->user_in_groups_model = new User_in_groups;
$eguquery = "SELECT * FROM {{user_in_groups}} AS a INNER JOIN {{users}} AS b ON a.uid = b.uid WHERE ugid = " . $ugid . " ORDER BY b.users_name";
$eguresult = dbExecuteAssoc($eguquery);
$aUserInGroupsResult = $eguresult->readAll();
$query2 = "SELECT ugid FROM {{user_groups}} WHERE ugid = " . $ugid . " AND owner_id = " . Yii::app()->session['loginID'];
$result2 = dbSelectLimitAssoc($query2, 1);
$row2 = $result2->readAll();
$row = 1;
$userloop = array();
$bgcc = "oddrow";
foreach ($aUserInGroupsResult as $egurow)
{
if ($bgcc == "evenrow") {
$bgcc = "oddrow";
} else {
$bgcc = "evenrow";
}
$userloop[$row]["userid"] = $egurow['uid'];
// output users
$userloop[$row]["rowclass"] = $bgcc;
if (Permission::model()->hasGlobalPermission('superadmin','update')) {
$userloop[$row]["displayactions"] = true;
} else {
$userloop[$row]["displayactions"] = false;
}
$userloop[$row]["username"] = $egurow['users_name'];
$userloop[$row]["email"] = $egurow['email'];
$row++;
}
$aData["userloop"] = $userloop;
if (isset($row2[0]['ugid'])) {
$aData["useradddialog"] = true;
$aData["useraddusers"] = getGroupUserList($ugid, 'optionlist');
$aData["useraddurl"] = "";
}
}
$aViewUrls[] = 'viewUserGroup_view';
}
if (!empty($header))
{
return array($aViewUrls, $aData);
}
else
{
$this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData);
}
}
function user($ugid, $action = 'add')
{
if (!Permission::model()->hasGlobalPermission('usergroups','read') || !in_array($action, array('add', 'remove')))
{
die('access denied');
}
$clang = Yii::app()->lang;
$uid = (int) Yii::app()->request->getPost('uid');
$group = UserGroup::model()->findByAttributes(array('ugid' => $ugid, 'owner_id' => Yii::app()->session['loginID']));
if (empty($group))
{
list($aViewUrls, $aData) = $this->index(0, array('type' => 'warning', 'message' => $clang->gT('Failed.') . '<br />' . $clang->gT('Group not found.')));
}
else
{
if ($uid > 0 && User::model()->findByPk($uid))
{
if ($group->owner_id == $uid)
{
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed.') . '<br />' . $clang->gT('You can not add or remove the group owner from the group.')));
}
$user_in_group = UserInGroup::model()->findByPk(array('ugid' => $ugid, 'uid' => $uid));
switch ($action)
{
case 'add' :
if (empty($user_in_group) && UserInGroup::model()->insertRecords(array('ugid' => $ugid, 'uid' => $uid)))
{
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'success', 'message' => $clang->gT('User added.')));
}
else
{
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed to add user.') . '<br />' . $clang->gT('User already exists in the group.')));
}
break;
case 'remove' :
if (!empty($user_in_group) && UserInGroup::model()->deleteByPk(array('ugid' => $ugid, 'uid' => $uid)))
{
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'success', 'message' => $clang->gT('User removed.')));
}
else
{
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed to remove user.') . '<br />' . $clang->gT('User does not exist in the group.')));
}
break;
}
}
else
{
list($aViewUrls, $aData) = $this->index($ugid, array('type' => 'warning', 'message' => $clang->gT('Failed.') . '<br />' . $clang->gT('User not found.')));
}
}
$this->_renderWrappedTemplate('usergroup', $aViewUrls, $aData);
}
/**
* Renders template(s) wrapped in header and footer
*
* @param string $sAction Current action, the folder to fetch views from
* @param string|array $aViewUrls View url(s)
* @param array $aData Data to be passed on. Optional.
*/
protected function _renderWrappedTemplate($sAction = 'usergroup', $aViewUrls = array(), $aData = array())
{
App()->getClientScript()->registerCssFile(Yii::app()->getConfig('adminstyleurl')."superfish.css");
App()->getClientScript()->registerPackage('jquery-tablesorter');
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('adminscripts').'users.js');
$aData['display']['menu_bars']['user_group'] = true;
parent::_renderWrappedTemplate($sAction, $aViewUrls, $aData);
}
}