Commit 51259e323efde13f7fe26ade657de55f0464f5cb
1 parent
300b66a8
added code to restrict unit admin to adminstering his unit only
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@1502 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
23 additions
and
12 deletions
presentation/lookAndFeel/knowledgeTree/administration/usermanagement/addUserToGroupUI.inc
| ... | ... | @@ -120,16 +120,19 @@ function getPageFail() { |
| 120 | 120 | // display the listbox initially ..then just display the text |
| 121 | 121 | function getUserDisplay($oUser) { |
| 122 | 122 | global $default; |
| 123 | - //$from = "," . $default->owl_Users_Groups_table . " AS GU"; | |
| 124 | - //$where = "(ST.id = GU.User_id)"; | |
| 125 | - | |
| 126 | - | |
| 127 | 123 | if (!isset($oUser)) { |
| 128 | - $oPatternListBox = & new PatternListBox($default->owl_users_table, "username", "id", "fUserID"); | |
| 129 | - //$oPatternListBox->setWhereClause($where); | |
| 130 | - //$oPatternListBox->setFromClause($from); | |
| 131 | - //$oPatternListBox->setIncludeDefaultValue(true); | |
| 132 | - //$oPatternListBox->setPostBackOnChange(true); | |
| 124 | + $oPatternListBox = & new PatternListBox($default->owl_users_table, "username", "id", "fUserID"); | |
| 125 | + if (Permission::userIsUnitAdministrator()) { | |
| 126 | + $oPatternListBox->setFromClause("INNER JOIN $default->owl_users_groups_table UGL ON ST.id=UGL.user_id " . | |
| 127 | + "INNER JOIN $default->owl_groups_units_table GUL ON UGL.group_id=GUL.group_id"); | |
| 128 | + $oPatternListBox->setWhereClause("GUL.unit_id=" . User::getUnitID($_SESSION["userID"])); | |
| 129 | + | |
| 130 | + $oUnassignedUsersLB = & new PatternListBox($default->owl_users_table, "username", "id", "fUserID"); | |
| 131 | + $oUnassignedUsersLB->setFromClause("LEFT OUTER JOIN $default->owl_users_groups_table UGL ON ST.id=UGL.user_id"); | |
| 132 | + $oUnassignedUsersLB->setWhereClause("ISNULL(UGL.group_id)"); | |
| 133 | + $default->log->info(arrayToString($oUnassignedUsersLB->getEntries())); | |
| 134 | + $oPatternListBox->setAdditionalEntries($oUnassignedUsersLB->getEntries()); | |
| 135 | + } | |
| 133 | 136 | return $oPatternListBox->render(); |
| 134 | 137 | } else { |
| 135 | 138 | return "<input type=\"hidden\" name=\"fUserID\" value=\"" . $oUser->iId . "\">\n" . |
| ... | ... | @@ -142,9 +145,17 @@ function getUserDisplay($oUser) { |
| 142 | 145 | function getGroupDisplay($oGroup) { |
| 143 | 146 | global $default; |
| 144 | 147 | if (!isset($oGroup)) { |
| 145 | - $oPatternListBox = & new PatternListBox($default->owl_groups_table, "name", "id", "fGroupID"); | |
| 146 | - //$oPatternLiListBoxstBox->setPostBackOnChange(true); | |
| 147 | - return $oPatternListBox->render(); | |
| 148 | + if (Permission::userIsSystemAdministrator()) { | |
| 149 | + // if this is the system administrator, prepend group names with unit name | |
| 150 | + $oPatternListBox = & new PatternListBox($default->owl_groups_table, "name", "id", "fGroupID"); | |
| 151 | + //$oPatternListBox->setFromClause("INNER JOIN $default->"); | |
| 152 | + } else if (Permission::userIsUnitAdministrator()) { | |
| 153 | + // else if this is a unit administrator, only display the groups in your unit | |
| 154 | + $oPatternListBox = & new PatternListBox($default->owl_groups_table, "name", "id", "fGroupID"); | |
| 155 | + $oPatternListBox->setFromClause("INNER JOIN $default->owl_groups_units_table GUL on ST.id=GUL.group_id"); | |
| 156 | + $oPatternListBox->setWhereClause("GUL.unit_id=" . User::getUnitID($_SESSION["userID"])); | |
| 157 | + } | |
| 158 | + return $oPatternListBox->render(); | |
| 148 | 159 | } else { |
| 149 | 160 | return "<input type=\"hidden\" name=\"fGroupID\" value=\"" . $oGroup->iId . "\">\n" . |
| 150 | 161 | $oGroup->getName(); | ... | ... |