Commit 51d72a3a authored by Daniel Haag's avatar Daniel Haag
Browse files

Merge branch 'uibk' into 'uibk'

Uibk  administrative groups



See merge request !71
parents bbd1d8a1 beb84cd2
......@@ -551,6 +551,10 @@ switch($menu_mode) {
if (!$r = F_db_query($sql, $db)) {
F_display_db_error(false);
}
$sql = "SELECT * FROM set_admin_group($test_id, $group_id)";
if (!$r = F_db_query($sql, $db)) {
F_display_db_error(false);
}
}
}
......@@ -673,9 +677,12 @@ switch($menu_mode) {
if (!$r = F_db_query($sql, $db)) {
F_display_db_error(false);
}
$sql = "SELECT * FROM set_admin_group($test_id, $group_id)";
if (!$r = F_db_query($sql, $db)) {
F_display_db_error(false);
}
}
}
// update authorized SSL certificates
if (!empty($sslcerts)) {
foreach ($sslcerts as $ssl_id) {
......
......@@ -16,9 +16,70 @@ ALTER TABLE tce_user_groups ADD email2_sent character varying(255);
ALTER TABLE tce_user_groups ADD email3_sent character varying(255);
ALTER TABLE tce_user_groups ADD disabled character varying(255);
-- modifying the schema to assign group to test
ALTER TABLE tce_user_groups ADD COLUMN group_type character varying (5) DEFAULT 'T';
ALTER TABLE tce_tests ADD COLUMN test_group_id bigint;
-- restraint dropped because a user locked in VIS can be registered again in TCExam later, but of course keeps his matrikelnr.
ALTER TABLE tce_users DROP CONSTRAINT ak_user_regnumber;
-- functions for administrative group
-- Function: get_admin_group(bigint, bigint)
-- DROP FUNCTION get_admin_group(bigint, bigint);
-- Function: get_admin_group(bigint, bigint)
-- DROP FUNCTION get_admin_group(bigint, bigint);
CREATE OR REPLACE FUNCTION get_admin_group(itest_id bigint, igroup_id bigint)
RETURNS bigint AS
$BODY$
DECLARE xgroup_id bigint;
BEGIN
SELECT group_id FROM tce_user_groups
WHERE external_id = (
SELECT LEFT(external_id,strpos(external_id,':')-1)
FROM tce_user_groups
WHERE group_id = igroup_id ) || ':owner'
AND group_type = 'B'
INTO xgroup_id;
IF xgroup_id IS NULL THEN
xgroup_id = igroup_id;
END IF;
RETURN xgroup_id;
END;
$BODY$
LANGUAGE plpgsql VOLATILE SECURITY DEFINER
COST 100;
ALTER FUNCTION get_admin_group(bigint, bigint) SET search_path=tcexam, pg_temp;
ALTER FUNCTION get_admin_group(bigint, bigint)
OWNER TO tcexam;
-- Function: set_admin_group(bigint, bigint)
-- DROP FUNCTION set_admin_group(bigint, bigint);
CREATE OR REPLACE FUNCTION set_admin_group(itest_id bigint, igroup_id bigint)
RETURNS void AS
$BODY$
BEGIN
IF NOT EXISTS (SELECT * FROM tce_testgroups WHERE tstgrp_group_id = (SELECT * FROM get_admin_group(itest_id, igroup_id)) AND tstgrp_test_id = itest_id)
THEN
INSERT INTO tce_testgroups (
tstgrp_test_id,
tstgrp_group_id
) VALUES ( itest_id, (SELECT * FROM get_admin_group(itest_id, igroup_id)));
END IF;
END;
$BODY$
LANGUAGE plpgsql VOLATILE SECURITY DEFINER
COST 100;
ALTER FUNCTION set_admin_group(bigint, bigint) SET search_path=tcexam, pg_temp;
ALTER FUNCTION set_admin_group(bigint, bigint)
OWNER TO tcexam;
-- functions for tcexam esb integration
......@@ -218,15 +279,21 @@ $BODY$
DECLARE
externalid character varying;
appointmentid character varying;
groupvo xml;
groupname character varying;
grouptype character varying;
groupvo xml;
BEGIN
grouptype='T';
externalid = CONCAT (pgroupid,':',pappointmentid);
IF pappointmentid = 'owner' THEN
grouptype = 'B';
pappointmentid = 'Betreuergruppe';
END IF;
groupname = CONCAT (pgroupname ,' - ',pappointmentid);
IF NOT EXISTS(SELECT group_id FROM tce_user_groups WHERE external_id = externalid)
THEN
INSERT INTO tce_user_groups (group_name, external_id) VALUES (pgroupname,externalid);
INSERT INTO tce_user_groups (group_name, external_id,group_type) VALUES (groupname,externalid,grouptype);
END IF;
END;
......@@ -337,7 +404,7 @@ BEGIN
theKey = pgroupid || ':' || pappointmentid;
IF (SELECT group_name FROM tce_user_groups WHERE external_id = theKey) != pgroupname THEN
UPDATE tce_user_groups set group_name = pgroupname WHERE external_id = theKey;
UPDATE tce_user_groups set group_name = CONCAT(pgroupname, ' - ',pappointmentid) WHERE external_id = theKey;
END IF;
END;
$BODY$
......
......@@ -208,10 +208,8 @@ function F_isAuthorizedUser($table, $field_id_name, $value_id, $field_user_id) {
F_display_db_error();
}
if (($author_id > 1)
AND (F_count_rows(K_TABLE_USERGROUP.' AS ta, '.K_TABLE_USERGROUP.' AS tb
WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
AND ta.usrgrp_user_id='.$author_id.'
AND tb.usrgrp_user_id='.$user_id.'
AND (F_count_rows(K_TABLE_USERGROUP.' LEFT JOIN '. K_TABLE_GROUPS.' ON usrgrp_group_id = group_id
WHERE usrgrp_user_id = '.$user_id.' AND group_type = \'B\'
LIMIT 1') > 0)) {
return true;
}
......@@ -230,10 +228,12 @@ function F_getAuthorizedUsers($user_id) {
require_once('../config/tce_config.php');
$str = ''; // string to return
$user_id = intval($user_id);
$sql1 = 'SELECT usrgrp_group_id FROM '.K_TABLE_USERGROUP.' LEFT JOIN '. K_TABLE_GROUPS.' ON usrgrp_group_id = group_id
WHERE usrgrp_user_id = '.$user_id.' AND group_type = \'B\' ';
$sql = 'SELECT tb.usrgrp_user_id
FROM '.K_TABLE_USERGROUP.' AS ta, '.K_TABLE_USERGROUP.' AS tb
WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
AND ta.usrgrp_user_id='.$user_id.'';
AND ta.usrgrp_group_id IN ('.$sql1.')';
if($r = F_db_query($sql, $db)) {
while($m = F_db_fetch_array($r)) {
$str .= $m[0].',';
......
......@@ -1083,11 +1083,12 @@ function F_getAllUsersTestStat($test_id, $group_id=0, $user_id=0, $startdate=0,
if ($user_id > 0) {
$sqlr .= ' AND user_id='.$user_id.'';
}
//use only data from groups session_user is a member of
if ($_SESSION['session_user_level'] < 10) {
$sqlin = 'SELECT tstgrp_test_id FROM ' . K_TABLE_TEST_GROUPS . ' WHERE tstgrp_group_id IN (SELECT usrgrp_group_id FROM '. K_TABLE_USERGROUP . ' WHERE usrgrp_user_id = '. $_SESSION['session_user_id'].')';
$sqlr .= ' AND testuser_test_id IN ('. $sqlin . ') ';
// use only data from groups session_user is a member of
if ($_SESSION ['session_user_level'] < K_AUTH_ADMINISTRATOR) {
$sqlin = 'SELECT tstgrp_test_id FROM ' . K_TABLE_TEST_GROUPS . ' WHERE tstgrp_group_id IN (SELECT usrgrp_group_id FROM ' . K_TABLE_USERGROUP . ' LEFT JOIN '. K_TABLE_GROUPS.' ON usrgrp_group_id = group_id WHERE usrgrp_user_id = ' . $_SESSION ['session_user_id'] . ' AND group_type = \'B\')';
$sqlr .= ' AND testuser_test_id IN (' . $sqlin . ') ';
}
if (!empty($startdate)) {
$startdate_time = strtotime($startdate);
$startdate = date(K_TIMESTAMP_FORMAT, $startdate_time);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment