Commit 926d679f authored by User expired's avatar User expired
Browse files

introducing administrative group

parent bbd1d8a1
......@@ -551,6 +551,10 @@ switch($menu_mode) {
if (!$r = F_db_query($sql, $db)) {
F_display_db_error(false);
}
$sql = "SELECT * FROM set_admin_group($test_id, $group_id)";
if (!$r = F_db_query($sql, $db)) {
F_display_db_error(false);
}
}
}
......@@ -673,9 +677,12 @@ switch($menu_mode) {
if (!$r = F_db_query($sql, $db)) {
F_display_db_error(false);
}
$sql = "SELECT * FROM set_admin_group($test_id, $group_id)";
if (!$r = F_db_query($sql, $db)) {
F_display_db_error(false);
}
}
}
// update authorized SSL certificates
if (!empty($sslcerts)) {
foreach ($sslcerts as $ssl_id) {
......
......@@ -16,6 +16,10 @@ ALTER TABLE tce_user_groups ADD email2_sent character varying(255);
ALTER TABLE tce_user_groups ADD email3_sent character varying(255);
ALTER TABLE tce_user_groups ADD disabled character varying(255);
-- modifying the schema to assign group to test
ALTER TABLE tce_user_groups ADD COLUMN group_type character varying (5) DEFAULT 'T';
ALTER TABLE tce_tests ADD COLUMN test_group_id bigint;
-- restraint dropped because a user locked in VIS can be registered again in TCExam later, but of course keeps his matrikelnr.
ALTER TABLE tce_users DROP CONSTRAINT ak_user_regnumber;
......
......@@ -208,10 +208,8 @@ function F_isAuthorizedUser($table, $field_id_name, $value_id, $field_user_id) {
F_display_db_error();
}
if (($author_id > 1)
AND (F_count_rows(K_TABLE_USERGROUP.' AS ta, '.K_TABLE_USERGROUP.' AS tb
WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
AND ta.usrgrp_user_id='.$author_id.'
AND tb.usrgrp_user_id='.$user_id.'
AND (F_count_rows(K_TABLE_USERGROUP.' LEFT JOIN '. K_TABLE_GROUPS.' ON usrgrp_group_id = group_id
WHERE usrgrp_user_id = '.$user_id.' AND group_type = \'B\'
LIMIT 1') > 0)) {
return true;
}
......@@ -230,10 +228,12 @@ function F_getAuthorizedUsers($user_id) {
require_once('../config/tce_config.php');
$str = ''; // string to return
$user_id = intval($user_id);
$sql1 = 'SELECT usrgrp_group_id FROM '.K_TABLE_USERGROUP.' LEFT JOIN '. K_TABLE_GROUPS.' ON usrgrp_group_id = group_id
WHERE usrgrp_user_id = '.$user_id.' AND group_type = \'B\' ';
$sql = 'SELECT tb.usrgrp_user_id
FROM '.K_TABLE_USERGROUP.' AS ta, '.K_TABLE_USERGROUP.' AS tb
WHERE ta.usrgrp_group_id=tb.usrgrp_group_id
AND ta.usrgrp_user_id='.$user_id.'';
AND ta.usrgrp_group_id IN ('.$sql1.')';
if($r = F_db_query($sql, $db)) {
while($m = F_db_fetch_array($r)) {
$str .= $m[0].',';
......
......@@ -1083,11 +1083,12 @@ function F_getAllUsersTestStat($test_id, $group_id=0, $user_id=0, $startdate=0,
if ($user_id > 0) {
$sqlr .= ' AND user_id='.$user_id.'';
}
//use only data from groups session_user is a member of
if ($_SESSION['session_user_level'] < 10) {
$sqlin = 'SELECT tstgrp_test_id FROM ' . K_TABLE_TEST_GROUPS . ' WHERE tstgrp_group_id IN (SELECT usrgrp_group_id FROM '. K_TABLE_USERGROUP . ' WHERE usrgrp_user_id = '. $_SESSION['session_user_id'].')';
$sqlr .= ' AND testuser_test_id IN ('. $sqlin . ') ';
// use only data from groups session_user is a member of
if ($_SESSION ['session_user_level'] < K_AUTH_ADMINISTRATOR) {
$sqlin = 'SELECT tstgrp_test_id FROM ' . K_TABLE_TEST_GROUPS . ' WHERE tstgrp_group_id IN (SELECT usrgrp_group_id FROM ' . K_TABLE_USERGROUP . ' LEFT JOIN '. K_TABLE_GROUPS.' ON usrgrp_group_id = group_id WHERE usrgrp_user_id = ' . $_SESSION ['session_user_id'] . ' AND group_type = \'B\')';
$sqlr .= ' AND testuser_test_id IN (' . $sqlin . ') ';
}
if (!empty($startdate)) {
$startdate_time = strtotime($startdate);
$startdate = date(K_TIMESTAMP_FORMAT, $startdate_time);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment