Peter M. Groen / knowledgetree

Commit 51259e323efde13f7fe26ade657de55f0464f5cb

Authored by Michael Joseph
1 parent 300b66a8

added code to restrict unit admin to adminstering his unit only 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@1502 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 23 additions and 12 deletions
presentation/lookAndFeel/knowledgeTree/administration/usermanagement/addUserToGroupUI.inc
  View file @51259e3
@@ -120,16 +120,19 @@ function getPageFail() { @@ -120,16 +120,19 @@ function getPageFail() {
120 // display the listbox initially ..then just display the text 120 // display the listbox initially ..then just display the text
121 function getUserDisplay($oUser) { 121 function getUserDisplay($oUser) {
122 global $default; 122 global $default;
123 - //$from = "," . $default->owl_Users_Groups_table . " AS GU";  
124 - //$where = "(ST.id = GU.User_id)";  
125 -  
126 -  
127 if (!isset($oUser)) { 123 if (!isset($oUser)) {
128 - $oPatternListBox = & new PatternListBox($default->owl_users_table, "username", "id", "fUserID");  
129 - //$oPatternListBox->setWhereClause($where);  
130 - //$oPatternListBox->setFromClause($from);  
131 - //$oPatternListBox->setIncludeDefaultValue(true);  
132 - //$oPatternListBox->setPostBackOnChange(true); 124 + $oPatternListBox = & new PatternListBox($default->owl_users_table, "username", "id", "fUserID");
  125 + if (Permission::userIsUnitAdministrator()) {
  126 + $oPatternListBox->setFromClause("INNER JOIN $default->owl_users_groups_table UGL ON ST.id=UGL.user_id " .
  127 + "INNER JOIN $default->owl_groups_units_table GUL ON UGL.group_id=GUL.group_id");
  128 + $oPatternListBox->setWhereClause("GUL.unit_id=" . User::getUnitID($_SESSION["userID"]));
  129 +
  130 + $oUnassignedUsersLB = & new PatternListBox($default->owl_users_table, "username", "id", "fUserID");
  131 + $oUnassignedUsersLB->setFromClause("LEFT OUTER JOIN $default->owl_users_groups_table UGL ON ST.id=UGL.user_id");
  132 + $oUnassignedUsersLB->setWhereClause("ISNULL(UGL.group_id)");
  133 + $default->log->info(arrayToString($oUnassignedUsersLB->getEntries()));
  134 + $oPatternListBox->setAdditionalEntries($oUnassignedUsersLB->getEntries());
  135 + }
133 return $oPatternListBox->render(); 136 return $oPatternListBox->render();
134 } else { 137 } else {
135 return "<input type=\"hidden\" name=\"fUserID\" value=\"" . $oUser->iId . "\">\n" . 138 return "<input type=\"hidden\" name=\"fUserID\" value=\"" . $oUser->iId . "\">\n" .
@@ -142,9 +145,17 @@ function getUserDisplay($oUser) { @@ -142,9 +145,17 @@ function getUserDisplay($oUser) {
142 function getGroupDisplay($oGroup) { 145 function getGroupDisplay($oGroup) {
143 global $default; 146 global $default;
144 if (!isset($oGroup)) { 147 if (!isset($oGroup)) {
145 - $oPatternListBox = & new PatternListBox($default->owl_groups_table, "name", "id", "fGroupID");  
146 - //$oPatternLiListBoxstBox->setPostBackOnChange(true);  
147 - return $oPatternListBox->render(); 148 + if (Permission::userIsSystemAdministrator()) {
  149 + // if this is the system administrator, prepend group names with unit name
  150 + $oPatternListBox = & new PatternListBox($default->owl_groups_table, "name", "id", "fGroupID");
  151 + //$oPatternListBox->setFromClause("INNER JOIN $default->");
  152 + } else if (Permission::userIsUnitAdministrator()) {
  153 + // else if this is a unit administrator, only display the groups in your unit
  154 + $oPatternListBox = & new PatternListBox($default->owl_groups_table, "name", "id", "fGroupID");
  155 + $oPatternListBox->setFromClause("INNER JOIN $default->owl_groups_units_table GUL on ST.id=GUL.group_id");
  156 + $oPatternListBox->setWhereClause("GUL.unit_id=" . User::getUnitID($_SESSION["userID"]));
  157 + }
  158 + return $oPatternListBox->render();
148 } else { 159 } else {
149 return "<input type=\"hidden\" name=\"fGroupID\" value=\"" . $oGroup->iId . "\">\n" . 160 return "<input type=\"hidden\" name=\"fGroupID\" value=\"" . $oGroup->iId . "\">\n" .
150 $oGroup->getName(); 161 $oGroup->getName();