dashboard_add_users_to_user.php 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * Interface for assigning users to Human Resources Manager
  5. * @package chamilo.admin
  6. */
  7. // resetting the course id
  8. $cidReset = true;
  9. require_once __DIR__.'/../inc/global.inc.php';
  10. $ajax_search = false;
  11. // create an ajax object
  12. $xajax = new xajax();
  13. $xajax->registerFunction('search_users');
  14. // setting the section (for the tabs)
  15. $this_section = SECTION_PLATFORM_ADMIN;
  16. // Access restrictions
  17. api_protect_admin_script(true);
  18. // setting breadcrumbs
  19. $interbreadcrumb[] = array('url' => 'index.php', 'name' => get_lang('PlatformAdmin'));
  20. $interbreadcrumb[] = array('url' => 'user_list.php', 'name' => get_lang('UserList'));
  21. // Database Table Definitions
  22. $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
  23. $tbl_access_url_rel_user = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
  24. // initializing variables
  25. $user_id = intval($_GET['user']);
  26. $user_info = api_get_user_info($user_id);
  27. $user_anonymous = api_get_anonymous_id();
  28. $current_user_id = api_get_user_id();
  29. $userStatus = api_get_user_status($user_id);
  30. $firstLetterUser = isset($_POST['firstLetterUser']) ? $_POST['firstLetterUser'] : null;
  31. // setting the name of the tool
  32. $isAdmin = UserManager::is_admin($user_id);
  33. if ($isAdmin) {
  34. $userStatus = PLATFORM_ADMIN;
  35. $tool_name = get_lang('AssignUsersToPlatformAdministrator');
  36. } else if ($user_info['status'] == SESSIONADMIN) {
  37. $tool_name = get_lang('AssignUsersToSessionsAdministrator');
  38. } else if ($user_info['status'] == STUDENT_BOSS) {
  39. $tool_name = get_lang('AssignUsersToBoss');
  40. } else {
  41. $tool_name = get_lang('AssignUsersToHumanResourcesManager');
  42. }
  43. $add_type = 'multiple';
  44. if (isset($_GET['add_type']) && $_GET['add_type'] != '') {
  45. $add_type = Security::remove_XSS($_REQUEST['add_type']);
  46. }
  47. if (!api_is_platform_admin()) {
  48. api_not_allowed(true);
  49. }
  50. function search_users($needle, $type)
  51. {
  52. global $tbl_access_url_rel_user, $tbl_user, $user_anonymous, $current_user_id, $user_id, $userStatus;
  53. $xajax_response = new xajaxResponse();
  54. $return = '';
  55. if (!empty($needle) && !empty($type)) {
  56. $assigned_users_to_hrm = array();
  57. switch ($userStatus) {
  58. case DRH:
  59. //no break;
  60. case PLATFORM_ADMIN:
  61. $assigned_users_to_hrm = UserManager::get_users_followed_by_drh($user_id);
  62. break;
  63. case STUDENT_BOSS:
  64. $assigned_users_to_hrm = UserManager::getUsersFollowedByStudentBoss($user_id);
  65. break;
  66. }
  67. $assigned_users_id = array_keys($assigned_users_to_hrm);
  68. $without_assigned_users = '';
  69. $westernOrder = api_is_western_name_order();
  70. if ($westernOrder) {
  71. $order_clause = " ORDER BY firstname, lastname";
  72. } else {
  73. $order_clause = " ORDER BY lastname, firstname";
  74. }
  75. if (count($assigned_users_id) > 0) {
  76. $without_assigned_users = " AND user.user_id NOT IN(".implode(',', $assigned_users_id).")";
  77. }
  78. if (api_is_multiple_url_enabled()) {
  79. $sql = "SELECT user.user_id, username, lastname, firstname
  80. FROM $tbl_user user
  81. LEFT JOIN $tbl_access_url_rel_user au ON (au.user_id = user.user_id)
  82. WHERE
  83. ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND
  84. status NOT IN(".DRH.", ".SESSIONADMIN.", ".STUDENT_BOSS.") AND
  85. user.user_id NOT IN ($user_anonymous, $current_user_id, $user_id)
  86. $without_assigned_users AND
  87. access_url_id = ".api_get_current_access_url_id()."
  88. $order_clause
  89. ";
  90. } else {
  91. $sql = "SELECT user_id, username, lastname, firstname
  92. FROM $tbl_user user
  93. WHERE
  94. ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%' AND
  95. status NOT IN(".DRH.", ".SESSIONADMIN.", ".STUDENT_BOSS.") AND
  96. user_id NOT IN ($user_anonymous, $current_user_id, $user_id)
  97. $without_assigned_users
  98. $order_clause
  99. ";
  100. }
  101. $rs = Database::query($sql);
  102. $xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
  103. if ($type == 'single') {
  104. $tbl_user_rel_access_url = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
  105. $access_url_id = api_get_current_access_url_id();
  106. $sql = 'SELECT user.user_id, username, lastname, firstname
  107. FROM '.$tbl_user.' user
  108. INNER JOIN '.$tbl_user_rel_access_url.' url_user ON (url_user.user_id=user.user_id)
  109. WHERE
  110. access_url_id = '.$access_url_id.' AND
  111. (
  112. username LIKE "'.$needle.'%" OR
  113. firstname LIKE "'.$needle.'%" OR
  114. lastname LIKE "'.$needle.'%"
  115. ) AND ';
  116. switch ($userStatus) {
  117. case DRH:
  118. $sql .= " user.status <> 6 AND user.status <> ".DRH;
  119. break;
  120. case STUDENT_BOSS:
  121. $sql .= " user.status <> 6 AND user.status <> ".STUDENT_BOSS;
  122. break;
  123. }
  124. $sql .= " $order_clause LIMIT 11";
  125. $rs = Database::query($sql);
  126. $i = 0;
  127. while ($user = Database :: fetch_array($rs)) {
  128. $i++;
  129. if ($i <= 10) {
  130. $person_name = api_get_person_name($user['firstname'], $user['lastname']);
  131. $return .= '<a href="javascript: void(0);" onclick="javascript: add_user_to_user(\''.$user['user_id'].'\',\''.$person_name.' ('.$user['username'].')'.'\')">'.$person_name.' ('.$user['username'].')</a><br />';
  132. } else {
  133. $return .= '...<br />';
  134. }
  135. }
  136. $xajax_response->addAssign(
  137. 'ajax_list_users_single',
  138. 'innerHTML',
  139. api_utf8_encode($return)
  140. );
  141. } else {
  142. $return .= '<select id="origin" class="form-control" name="NoAssignedUsersList[]" multiple="multiple" size="15" ">';
  143. while ($user = Database :: fetch_array($rs)) {
  144. $person_name = api_get_person_name($user['firstname'], $user['lastname']);
  145. $return .= '<option value="'.$user['user_id'].'" title="'.htmlspecialchars($person_name, ENT_QUOTES).'">'.$person_name.' ('.$user['username'].')</option>';
  146. }
  147. $return .= '</select>';
  148. $xajax_response->addAssign('ajax_list_users_multiple', 'innerHTML', api_utf8_encode($return));
  149. }
  150. }
  151. return $xajax_response;
  152. }
  153. $xajax->processRequests();
  154. $htmlHeadXtra[] = $xajax->getJavascript('../inc/lib/xajax/');
  155. $htmlHeadXtra[] = '<script>
  156. function add_user_to_user (code, content) {
  157. document.getElementById("user_to_add").value = "";
  158. document.getElementById("ajax_list_users_single").innerHTML = "";
  159. destination = document.getElementById("destination");
  160. for (i=0;i<destination.length;i++) {
  161. if(destination.options[i].text == content) {
  162. return false;
  163. }
  164. }
  165. destination.options[destination.length] = new Option(content,code);
  166. destination.selectedIndex = -1;
  167. sortOptions(destination.options);
  168. }
  169. function moveItem(origin , destination) {
  170. for(var i = 0 ; i<origin.options.length ; i++) {
  171. if(origin.options[i].selected) {
  172. destination.options[destination.length] = new Option(origin.options[i].text,origin.options[i].value);
  173. origin.options[i]=null;
  174. i = i-1;
  175. }
  176. }
  177. destination.selectedIndex = -1;
  178. sortOptions(destination.options);
  179. }
  180. function sortOptions(options) {
  181. var newOptions = new Array();
  182. for (i = 0 ; i<options.length ; i++) {
  183. newOptions[i] = options[i];
  184. }
  185. newOptions = newOptions.sort(mysort);
  186. options.length = 0;
  187. for(i = 0 ; i < newOptions.length ; i++){
  188. options[i] = newOptions[i];
  189. }
  190. }
  191. function mysort(a, b) {
  192. if (a.text.toLowerCase() > b.text.toLowerCase()) {
  193. return 1;
  194. }
  195. if (a.text.toLowerCase() < b.text.toLowerCase()) {
  196. return -1;
  197. }
  198. return 0;
  199. }
  200. function valide() {
  201. var options = document.getElementById("destination").options;
  202. for (i = 0 ; i<options.length ; i++) {
  203. options[i].selected = true;
  204. }
  205. document.forms.formulaire.submit();
  206. }
  207. function remove_item(origin) {
  208. for(var i = 0 ; i<origin.options.length ; i++) {
  209. if(origin.options[i].selected) {
  210. origin.options[i]=null;
  211. i = i-1;
  212. }
  213. }
  214. }
  215. </script>';
  216. $formSent = 0;
  217. $errorMsg = '';
  218. $UserList = array();
  219. // Filters
  220. $filters = array(
  221. array('type' => 'text', 'name' => 'username', 'label' => get_lang('Username')),
  222. array('type' => 'text', 'name' => 'firstname', 'label' => get_lang('FirstName')),
  223. array('type' => 'text', 'name' => 'lastname', 'label' => get_lang('LastName')),
  224. array('type' => 'text', 'name' => 'official_code', 'label' => get_lang('OfficialCode')),
  225. array('type' => 'text', 'name' => 'email', 'label' => get_lang('Email'))
  226. );
  227. $searchForm = new FormValidator('search', 'get', api_get_self().'?user='.$user_id);
  228. $searchForm->addHeader(get_lang('AdvancedSearch'));
  229. $renderer = & $searchForm->defaultRenderer();
  230. $searchForm->addElement('hidden', 'user', $user_id);
  231. foreach ($filters as $param) {
  232. $searchForm->addElement($param['type'], $param['name'], $param['label']);
  233. }
  234. $searchForm->addButtonSearch(get_lang('Search'));
  235. $filterData = array();
  236. if ($searchForm->validate()) {
  237. $filterData = $searchForm->getSubmitValues();
  238. }
  239. $conditions = array();
  240. if (!empty($filters) && !empty($filterData)) {
  241. foreach ($filters as $filter) {
  242. if (isset($filter['name']) && isset($filterData[$filter['name']])) {
  243. $value = $filterData[$filter['name']];
  244. if (!empty($value)) {
  245. $conditions[$filter['name']] = $value;
  246. }
  247. }
  248. }
  249. }
  250. if (isset($_POST['formSent']) && intval($_POST['formSent']) == 1) {
  251. $user_list = $_POST['UsersList'];
  252. switch ($userStatus) {
  253. case DRH:
  254. //no break;
  255. case PLATFORM_ADMIN:
  256. $affected_rows = UserManager::subscribeUsersToHRManager($user_id, $user_list);
  257. break;
  258. case STUDENT_BOSS:
  259. $affected_rows = UserManager::subscribeBossToUsers($user_id, $user_list);
  260. break;
  261. default:
  262. $affected_rows = 0;
  263. }
  264. Display::addFlash(
  265. Display::return_message(
  266. get_lang('AssignedUsersHaveBeenUpdatedSuccessfully'),
  267. 'normal'
  268. )
  269. );
  270. }
  271. // Display header
  272. Display::display_header($tool_name);
  273. // actions
  274. $actionsLeft = '';
  275. if ($userStatus != STUDENT_BOSS) {
  276. $actionsLeft = Display::url(
  277. Display::return_icon('course-add.png', get_lang('AssignCourses'), null, ICON_SIZE_MEDIUM),
  278. "dashboard_add_courses_to_user.php?user=$user_id"
  279. );
  280. $actionsLeft .= Display::url(
  281. Display::return_icon('session-add.png', get_lang('AssignSessions'), null, ICON_SIZE_MEDIUM),
  282. "dashboard_add_sessions_to_user.php?user=$user_id"
  283. );
  284. }
  285. $actionsRight = Display::url(
  286. '<em class="fa fa-search"></em> '.get_lang('AdvancedSearch'),
  287. '#',
  288. array('class' => 'btn btn-default advanced_options', 'id' => 'advanced_search')
  289. );
  290. $toolbar = Display::toolbarAction('toolbar-dashboard', [$actionsLeft, $actionsRight]);
  291. echo $toolbar;
  292. echo '<div id="advanced_search_options" style="display:none">';
  293. $searchForm->display();
  294. echo '</div>';
  295. echo Display::page_header(
  296. sprintf(
  297. get_lang('AssignUsersToX'),
  298. api_get_person_name($user_info['firstname'], $user_info['lastname'])
  299. ),
  300. null,
  301. 'h3'
  302. );
  303. $assigned_users_to_hrm = array();
  304. switch ($userStatus) {
  305. case DRH:
  306. //no break;
  307. case PLATFORM_ADMIN:
  308. $assigned_users_to_hrm = UserManager::get_users_followed_by_drh($user_id);
  309. break;
  310. case STUDENT_BOSS:
  311. $assigned_users_to_hrm = UserManager::getUsersFollowedByStudentBoss($user_id);
  312. break;
  313. }
  314. $assigned_users_id = array_keys($assigned_users_to_hrm);
  315. $without_assigned_users = '';
  316. if (count($assigned_users_id) > 0) {
  317. $without_assigned_users = " user.user_id NOT IN(".implode(',', $assigned_users_id).") AND ";
  318. }
  319. $search_user = '';
  320. if (!empty($firstLetterUser)) {
  321. $needle = Database::escape_string($firstLetterUser);
  322. $search_user = "AND ".(api_sort_by_first_name() ? 'firstname' : 'lastname')." LIKE '$needle%'";
  323. }
  324. $sqlConditions = null;
  325. if (!empty($conditions)) {
  326. $temp_conditions = array();
  327. foreach ($conditions as $field => $value) {
  328. $field = Database::escape_string($field);
  329. $value = Database::escape_string($value);
  330. $temp_conditions[] = $field.' LIKE \'%'.$value.'%\'';
  331. }
  332. if (!empty($temp_conditions)) {
  333. $sqlConditions .= implode(' AND ', $temp_conditions);
  334. }
  335. if (!empty($sqlConditions)) {
  336. $sqlConditions = " AND $sqlConditions";
  337. }
  338. }
  339. if (api_is_multiple_url_enabled()) {
  340. $sql = "SELECT user.user_id, username, lastname, firstname
  341. FROM $tbl_user user LEFT JOIN $tbl_access_url_rel_user au
  342. ON (au.user_id = user.user_id)
  343. WHERE
  344. $without_assigned_users
  345. user.user_id NOT IN ($user_anonymous, $current_user_id, $user_id) AND
  346. status NOT IN(".DRH.", ".SESSIONADMIN.") $search_user AND
  347. access_url_id = ".api_get_current_access_url_id()."
  348. $sqlConditions
  349. ORDER BY firstname";
  350. } else {
  351. $sql = "SELECT user_id, username, lastname, firstname
  352. FROM $tbl_user user
  353. WHERE
  354. $without_assigned_users
  355. user_id NOT IN ($user_anonymous, $current_user_id, $user_id) AND
  356. status NOT IN(".DRH.", ".SESSIONADMIN.")
  357. $search_user
  358. $sqlConditions
  359. ORDER BY firstname ";
  360. }
  361. $result = Database::query($sql);
  362. ?>
  363. <form name="formulaire" method="post" action="<?php echo api_get_self(); ?>?user=<?php echo $user_id ?>" class="form-horizontal" <?php if ($ajax_search) {echo ' onsubmit="valide();"'; }?>>
  364. <input type="hidden" name="formSent" value="1" />
  365. <div class="row">
  366. <div class="col-md-4">
  367. <?php echo get_lang('UserListInPlatform') ?>
  368. <div class="form-group">
  369. <div class="col-sm-12">
  370. <div id="ajax_list_users_multiple">
  371. <select id="origin" class="form-control" name="NoAssignedUsersList[]" multiple="multiple" size="15">
  372. <?php
  373. while ($enreg = Database::fetch_array($result)) {
  374. $person_name = api_get_person_name($enreg['firstname'], $enreg['lastname']); ?>
  375. <option value="<?php echo $enreg['user_id']; ?>" <?php echo 'title="'.htmlspecialchars($person_name, ENT_QUOTES).'"'; ?>>
  376. <?php echo $person_name.' ('.$enreg['username'].')'; ?>
  377. </option>
  378. <?php } ?>
  379. </select>
  380. </div>
  381. </div>
  382. </div>
  383. </div>
  384. <div class="col-md-4">
  385. <div class="code-course">
  386. <?php if ($add_type == 'multiple') { ?>
  387. <p><?php echo get_lang('FirstLetterUser'); ?></p>
  388. <select class="selectpicker show-tick form-control" name="firstLetterUser" onchange = "xajax_search_users(this.value,'multiple')">
  389. <option value="%">--</option>
  390. <?php echo Display::get_alphabet_options($firstLetterUser); ?>
  391. </select>
  392. <?php } ?>
  393. </div>
  394. <div class="control-course">
  395. <?php if ($ajax_search) { ?>
  396. <div class="separate-action">
  397. <button class="btn btn-primary" type="button" onclick="remove_item(document.getElementById('destination'))"></button>
  398. </div>
  399. <?php } else { ?>
  400. <div class="separate-action">
  401. <button class="btn btn-primary" type="button" onclick="moveItem(document.getElementById('origin'), document.getElementById('destination'))" onclick="moveItem(document.getElementById('origin'), document.getElementById('destination'))">
  402. <em class="fa fa-chevron-right"></em>
  403. </button>
  404. </div>
  405. <div class="separate-action">
  406. <button class="btn btn-primary" type="button" onclick="moveItem(document.getElementById('destination'), document.getElementById('origin'))" onclick="moveItem(document.getElementById('destination'), document.getElementById('origin'))">
  407. <em class="fa fa-chevron-left"></em>
  408. </button>
  409. </div>
  410. <?php } ?>
  411. <div class="separate-action">
  412. <?php
  413. echo '<button class="btn btn-success" type="button" value="" onclick="valide()" >'.$tool_name.'</button>';
  414. ?>
  415. </div>
  416. </div>
  417. </div>
  418. <div class="col-md-4">
  419. <?php
  420. if (UserManager::is_admin($user_id)) {
  421. echo get_lang('AssignedUsersListToPlatformAdministrator');
  422. } else {
  423. if ($user_info['status'] == SESSIONADMIN) {
  424. echo get_lang('AssignedUsersListToSessionsAdministrator');
  425. } else {
  426. if ($user_info['status'] == STUDENT_BOSS) {
  427. echo get_lang('AssignedUsersListToStudentBoss');
  428. } else {
  429. echo get_lang('AssignedUsersListToHumanResourcesManager');
  430. }
  431. }
  432. }
  433. ?>
  434. <div class="form-group">
  435. <div class="col-sm-12">
  436. <br>
  437. <select id='destination' class="form-control" name="UsersList[]" multiple="multiple" size="15" >
  438. <?php
  439. if (is_array($assigned_users_to_hrm)) {
  440. foreach ($assigned_users_to_hrm as $enreg) {
  441. $person_name = api_get_person_name($enreg['firstname'], $enreg['lastname']);
  442. ?>
  443. <option value="<?php echo $enreg['user_id']; ?>" <?php echo 'title="'.htmlspecialchars($person_name, ENT_QUOTES).'"'; ?>>
  444. <?php echo $person_name.' ('.$enreg['username'].')'; ?>
  445. </option>
  446. <?php }
  447. }?>
  448. </select>
  449. </div>
  450. </div>
  451. </div>
  452. </div>
  453. </form>
  454. <?php
  455. Display::display_footer();