From 6a268ec5c439ae8109d577d147d4fc0b4a1d50de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20Fa=C3=9Fbender?= Date: Thu, 21 Oct 2021 07:40:02 +0200 Subject: [PATCH] User session object not updated of role added or removed #1121 --- .../groups-roles/members_assignment.php | 10 ++++---- .../modules/profile/profile_function.php | 12 ++++++++++ adm_program/modules/profile/roles_save.php | 24 +++++++++---------- 3 files changed, 30 insertions(+), 16 deletions(-) diff --git a/adm_program/modules/groups-roles/members_assignment.php b/adm_program/modules/groups-roles/members_assignment.php index a9ef369672..196c013d30 100644 --- a/adm_program/modules/groups-roles/members_assignment.php +++ b/adm_program/modules/groups-roles/members_assignment.php @@ -90,13 +90,11 @@ $leadership = true; } - // Member + $gDb->startTransaction(); $member = new TableMembers($gDb); - - // Datensatzupdate $memCount = $role->countMembers($getUserId); - // Wenn Rolle weniger mitglieder hätte als zugelassen oder Leiter hinzugefügt werden soll + // If role would have less members than allowed or leader is to be added if($leadership || (!$leadership && $membership && ($role->getValue('rol_max_members') > $memCount || (int) $role->getValue('rol_max_members') === 0))) { $member->startMembership((int) $role->getValue('rol_id'), $getUserId, $leadership, $memberApproved); @@ -121,6 +119,10 @@ $gMessage->show($gL10n->get('SYS_ROLE_MAX_MEMBERS', array($role->getValue('rol_name')))); // => EXIT } + + // refresh session user object to update the user rights because of the new or removed role + $gCurrentSession->renewUserObject($getUserId); + $gDb->endTransaction(); } catch(AdmException $e) { diff --git a/adm_program/modules/profile/profile_function.php b/adm_program/modules/profile/profile_function.php index 58bd95b618..fac35412ab 100644 --- a/adm_program/modules/profile/profile_function.php +++ b/adm_program/modules/profile/profile_function.php @@ -69,7 +69,13 @@ { try { + $gDb->startTransaction(); + $member->stopMembership(); + // refresh session user object to update the user rights because of the removed role + $gCurrentSession->renewUserObject($member->getValue('mem_usr_id')); + + $gDb->endTransaction(); } catch(AdmException $e) { @@ -191,8 +197,14 @@ $formatedEndDate = DATE_MAX; } + $gDb->startTransaction(); + // save role membership $user->editRoleMembership($getMemberId, $formatedStartDate, $formatedEndDate); + // refresh session user object to update the user rights because of the possible changed role assignment + $gCurrentSession->renewUserObject($user->getValue('usr_id')); + + $gDb->endTransaction(); echo 'success'; } diff --git a/adm_program/modules/profile/roles_save.php b/adm_program/modules/profile/roles_save.php index 17f721f409..fee6769967 100644 --- a/adm_program/modules/profile/roles_save.php +++ b/adm_program/modules/profile/roles_save.php @@ -72,7 +72,7 @@ if($gCurrentUser->manageRoles()) { - // Benutzer mit Rollenrechten darf ALLE Rollen zuordnen + // User with role rights may assign ALL roles $sql = 'SELECT rol_id, rol_name, rol_max_members, rol_administrator, mem_id, mem_begin, mem_end FROM '.TBL_ROLES.' INNER JOIN '.TBL_CATEGORIES.' @@ -91,7 +91,7 @@ } else { - // Ein Leiter darf nur Rollen zuordnen, bei denen er auch Leiter ist + // A roll leader may only assign roles where he is also a leader $sql = 'SELECT rol_id, rol_name, rol_max_members, rol_administrator, mgl.mem_id, mgl.mem_begin, mgl.mem_end FROM '.TBL_MEMBERS.' AS bm INNER JOIN '.TBL_ROLES.' @@ -121,12 +121,12 @@ $assignedCount = 0; $parentRoles = array(); -// Ergebnisse durchlaufen und kontrollieren ob maximale Teilnehmerzahl ueberschritten wuerde +// Run results and check if maximum number of participants would be exceeded foreach($rolesList as $row) { if($row['rol_max_members'] > 0) { - // erst einmal schauen, ob der Benutzer dieser Rolle bereits zugeordnet ist + // first check if the user is already assigned to this role $sql = 'SELECT COUNT(*) AS count FROM '.TBL_MEMBERS.' WHERE mem_rol_id = ? -- $row[\'rol_id\'] @@ -138,7 +138,7 @@ if((int) $pdoStatement->fetchColumn() === 0) { - // Benutzer ist der Rolle noch nicht zugeordnet, dann schauen, ob die Anzahl ueberschritten wird + // User is not yet assigned to the role, then see if the number is exceeded $sql = 'SELECT COUNT(*) AS count FROM '.TBL_MEMBERS.' WHERE mem_rol_id = ? -- $row[\'rol_id\'] @@ -147,7 +147,7 @@ AND mem_end > ? -- DATE_NOW'; $pdoStatement = $gDb->queryPrepared($sql, array($row['rol_id'], DATE_NOW, DATE_NOW)); - // Bedingungen fuer Abbruch und Abbruch + // maximum number of participiants exceeded and it's not a role leader assignement if($pdoStatement->fetchColumn() >= $row['rol_max_members'] && isset($_POST['leader-'.$row['rol_id']]) && $_POST['leader-'.$row['rol_id']] == false && isset($_POST['role-'.$row['rol_id']]) && $_POST['role-'.$row['rol_id']] == true) @@ -168,7 +168,7 @@ $user = new User($gDb, $gProfileFields, $getUserId); -// Ergebnisse durchlaufen und Datenbankupdate durchfuehren +// Run through results and perform database update foreach($rolesList as $row) { // if role is administrator than only administrator can add new user, @@ -243,9 +243,8 @@ $gNavigation->deleteLastUrl(); } -// all active users must renew their user data because maybe their -// rights have been changed if they where new members of this role -$gCurrentSession->renewUserObject(); +// refresh session user object to update the user rights because of the new or removed role +$gCurrentSession->renewUserObject($user->getValue('usr_id')); // Check if a new user get's at least one role if($getNewUser > 0 && $assignedCount === 0) @@ -262,10 +261,11 @@ } } -// zur Ausgangsseite zurueck +// back to the starting page + if(str_contains($gNavigation->getUrl(), 'new_user_assign.php')) { - // von hier aus direkt zur Registrierungsuebersicht zurueck + // go directly back to the registration overview $gNavigation->deleteLastUrl(); }