User management
Located in /program/lib/usermanager.class.php (line 40)
construct a UserManager object
This initialises the UserManager and also dispatches the task to do. This also loads the loginlib: we need that in order to manipulate the user password.
manipulate the current state if indicator(s) for 'open' and 'closed' areas
this manipulates the current state of 'open' and 'closed' areas in $areas_open. If $area_id is NULL, we don't have to do anything but simply return the current state. If $area_id is 0 (zero), we need to toggle all areas at once (area_id = 0 implies the site level toggle) If $area_id is an integer, it is assumed to be a valid area_id and that area should be toggled.
shorthand for the anchor parameters that lead to the user manager
determine the acl_id for user user_id
remove all records relating to a single acl_id from various acl-tables
this bluntly removes all records from the various user-related tables for user $user_id. Whenever there's an error deleting records, the routine bails out immediately and returns FALSE. If all goes well, TRUE is returned. Any errors are logged, success is logged to DEBUG-log.
Note that the order of deletion is important: we must first get rid of the foreign key constraints.
construct the add userdialog
construct a dialogdef for selecting a group/capacity
construct the edit user dialog
construct the edit user dialog
shorthand for the first readable name in a dialogdef item
construct a clickable icon to delete this user
construct a clickable icon to edit the properties of this user
construct a clickable icon to delete a membership from this user
calculate the total number of users in a specific group
this calculates the total number of users in group $group_id. If $group_id equates to GROUP_SELECT_ALL_USERS, the grand total is returned, if it equates to GROUP_SELECT_NO_GROUP the number of users without a group is calculated.
construct a list of groups still available for this user
this constructs an array with available groups/capacities for the user $user_id If the user is already a member of all available groups or there are no groups at all, the list consists of a single option 'No groups available'.
The values in this list are constructed from the primary key values of the underlying groups_capacities table. These two numbers (group_id and capacity_code) are separated with a colon ':' to make it easier to parse once we are to save the values (in the table users_groups_capacities).
The SQL-statement looks quite complex. What it does is using the table groups_capacities as a starting point for _all_ valid (ie capacity_id != CAPACITY_NONE) combinations of group and capacity. By left-joining the table users_groups_capacities with a very specific ON-clause, and leaving out the column capacity_code, the resulting list consists of all combinations of group and capacity buy without any entries that have a group of which the user is already a member, no matter what capacity. In other words: if a user is already a member of a group with capacity A, this user cannot be member of the same group with capacity B. Finally, the table groups is used to retrieve the group information such as the groupname and the active-flag.
The resulting list is ordered by groupname and subsequently by the sort_order of the capacity_code. However, inactive groups are sorted after the active groups so they appear near the bottom of the list.
shortcut to retrieve the username and full name of the selected user
retrieve a single user's record possibly from the cache
retrieve (a selection of) all user records from the database
this retrieves a subset of all existing user accounts from the database. The selection depends on the value of $group_id:
determine whether a user has permissions for a particular job
this determines whether this user has permissions to access the specified job, e.g. do they have access to the page manager. If so, we can display the menu option, otherwise we can suppress it and keep the menu clean(er).
display breadcrumb trail that leads to the add new user dialog
display breadcrumb trail that leads to users overview screen
display breadcrumb trail that leads to the edit user dialog
display a menu showing groups of users (if any) + corresponding breadcrumb trail
this constructs a list of links allowing for a quick selection of a subset of users This looks a little like this:
All users (66) No group (5) faculty (14) grade12 (7) ... webmasters (2)
The indication of the current selection in the menu is based on $group_id. Most of the time this is a genuine group_id. However, 'All users' and 'No group' are special cases:
show the user menu with current option highlighted
this constructs the user menu. Only the relevant options are displayed (eg. if the user is not an admin, no pagemanager option is displayed).
display a list of existing users and an option to add a user
This constructs the heart of the user manager: a link to add a user, followed by a list of links for deleting an modifying selected (see below) users. The list of users is ordered as follows. First the active users are displayed, an after that the inactive users are displayed. The sort order is based on the short name of the user.
Note that a selection is made of all user accounts, based on a choice the user makes from the menu (see show_menu_overview()). This list to show is selected as follows:
Note that the list of existing users shows the full name and the username in parenthese. If a 'real' group is selected (ie. not the collection of users without a group or all users), the capacity of that user in that group is also displayed.
Example: Amelia Cackle, a 'Principal' in the 'faculty' group, is displayed like this in the faculty group: Amelia Cackle (acackl) (Principal)
present 'add user' dialog where the user can enter minimal properties for a new user
this displays a dialog where the user can enter the minimal necessary properties of a new user. These properties are:
The new user is saved via performing the task TASK_USER_SAVE_NEW
show a dialog for modifying admin permissions for a user
delete a user after confirmation
after some basic tests this either presents a confirmation dialog to the user OR deletes a user with associated acls and other records.
Note that this routine could have been split into two routines, with the first one displaying the confirmation dialog and the second one 'saving the changes'. However, I think it is counter-intuitive to perform a deletion of data under the name of 'saving'. So, I decided to use the same routine for both displaying the dialog and acting on the dialog.
Note that the (user)files should be removed before the account can be removed, see userdir_is_empty(). It is up to the user or the admin to remove those files.
A special test is performed to prevent users from killing their own account (which would immediately kick them out of admin.php never to be seen again).
present an 'edit user' dialog filled with existing data
this prepares the basic user properties dialog, based on the parameter $user_id. If that is not specified, we read the $user_id from $_GET. (Currently only user_savenew() and user_save_basic() call us with $user_id set).
present 'add membership' dialog
this displays a simple dialog where the user can add a membership to a user account, one at a time. Basically we show a picklist with all available group/capacity-combinations. Here "available" means:
$param int $user_id identifies the user to edit
end the group membership for the selected user
present an overview of group memberships for the specified user
this constructs a link to add a membership to the user account and a list of existing memberships, if any, including a delete button per membership.
The SQL-query retrieves the list of existing memberships from the database, ordered by the short groupname. The data is validated by joining to the table groups_capacities. If for some reason there exists an invalid combination of group_id and capacity_code in users_groups_capacities table, it will not show up in the list here.
Note that it is currently not possible to change a users' group membership, i.e. you cannot promote a user from 'Member' to 'Chair' for a group: you have to delete the group membership first, and subsequently add it again with the correct capacity.
save the new group/capacity for the selected user
this adds a record to the users_groups_capacities table, indicating the group membership and the corresponding capacity for the user.
show a dialog for modifying intranet permissions for a user
show a dialog for modifying page manager permissions for a user
save edited user data to the database
save a new user to the database
this saves a new user to the database. This involves at least two tables: a record in the users table with basic information and also a record with access control in the acls table.
save basic properties of user account
Documentation generated on Tue, 28 Jun 2016 19:12:33 +0200 by phpDocumentor 1.4.0