diff --git a/db/update.sql b/db/update.sql index 93f29e89..5682f1ee 100644 --- a/db/update.sql +++ b/db/update.sql @@ -3,4 +3,7 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES (NULL, ' ALTER TABLE `UserAngelTypes` CHANGE `coordinator` `supporter` BOOLEAN; -ALTER TABLE `User` ADD COLUMN `email_by_human_allowed` BOOLEAN NOT NULL; \ No newline at end of file +ALTER TABLE `User` ADD COLUMN `email_by_human_allowed` BOOLEAN NOT NULL; + +-- No Self Sign Up for some Angel Types +ALTER TABLE engelsystem.AngelTypes ADD no_self_signup TINYINT(1) NOT NULL; \ No newline at end of file diff --git a/includes/controller/angeltypes_controller.php b/includes/controller/angeltypes_controller.php index 7af05175..cd2aa3e4 100644 --- a/includes/controller/angeltypes_controller.php +++ b/includes/controller/angeltypes_controller.php @@ -118,6 +118,8 @@ function angeltype_edit_controller() { } $angeltype['restricted'] = isset($_REQUEST['restricted']); + $angeltype['no_self_signup'] = isset($_REQUEST['no_self_signup']); + $angeltype['requires_driver_license'] = isset($_REQUEST['requires_driver_license']); } @@ -192,6 +194,8 @@ function angeltypes_list_controller() { } $angeltype['restricted'] = $angeltype['restricted'] ? glyph('lock') : ''; + $angeltype['no_self_signup'] = $angeltype['no_self_signup'] ? '' : glyph('share'); + $angeltype['name'] = '' . $angeltype['name'] . ''; $angeltype['actions'] = table_buttons($actions); diff --git a/includes/controller/shift_entries_controller.php b/includes/controller/shift_entries_controller.php index 1b1a4d02..dde23bb9 100644 --- a/includes/controller/shift_entries_controller.php +++ b/includes/controller/shift_entries_controller.php @@ -36,12 +36,19 @@ function shift_entry_add_controller() { } else { $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1"); } - + + if (count($type) == 0) { redirect(page_link_to('user_shifts')); } $type = $type[0]; - + + if (isset($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id']) && in_array('user_shifts_admin', $privileges)) { + $user_id = $_REQUEST['user_id']; + } else { + $user_id = $user['UID']; + } + $shift_signup_allowed = Shift_signup_allowed(User($user_id), $shift, $type); if (! $shift_signup_allowed->isSignupAllowed()) { error(_("You are not allowed to sign up for this shift. Maybe shift is full or already running.")); @@ -51,12 +58,7 @@ function shift_entry_add_controller() { if (isset($_REQUEST['submit'])) { $selected_type_id = $type_id; if (in_array('user_shifts_admin', $privileges)) { - if (isset($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id'])) { - $user_id = $_REQUEST['user_id']; - } else { - $user_id = $user['UID']; - } - + if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0) { redirect(page_link_to('user_shifts')); } @@ -64,8 +66,6 @@ function shift_entry_add_controller() { if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0) { $selected_type_id = $_REQUEST['angeltype_id']; } - } else { - $user_id = $user['UID']; } if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID` = '" . sql_escape($user_id) . "'")) { diff --git a/includes/model/AngelType_model.php b/includes/model/AngelType_model.php index 86d64504..2ccba2ea 100644 --- a/includes/model/AngelType_model.php +++ b/includes/model/AngelType_model.php @@ -9,6 +9,7 @@ function AngelType_new() { 'id' => null, 'name' => "", 'restricted' => false, + 'no_self_signup' => false, 'description' => '', 'requires_driver_license' => false ]; @@ -43,12 +44,13 @@ function AngelType_update($angeltype) { `name`='" . sql_escape($angeltype['name']) . "', `restricted`=" . sql_bool($angeltype['restricted']) . ", `description`='" . sql_escape($angeltype['description']) . "', - `requires_driver_license`=" . sql_bool($angeltype['requires_driver_license']) . " + `requires_driver_license`=" . sql_bool($angeltype['requires_driver_license']) . ", + `no_self_signup`=" . sql_bool($angeltype['no_self_signup']) . " WHERE `id`='" . sql_escape($angeltype['id']) . "'"); if ($result === false) { engelsystem_error("Unable to update angeltype."); } - engelsystem_log("Updated angeltype: " . $angeltype['name'] . ($angeltype['restricted'] ? ", restricted" : "") . ($angeltype['requires_driver_license'] ? ", requires driver license" : "")); + engelsystem_log("Updated angeltype: " . $angeltype['name'] . ($angeltype['restricted'] ? ", restricted" : "") . ($angeltype['no_self_signup'] ? ", no_self_signup" : "") . ($angeltype['requires_driver_license'] ? ", requires driver license" : "")); return $result; } diff --git a/includes/model/Shifts_model.php b/includes/model/Shifts_model.php index 2db0a3d3..6a29c540 100644 --- a/includes/model/Shifts_model.php +++ b/includes/model/Shifts_model.php @@ -159,14 +159,16 @@ function Shift_signup_allowed($user, $shift, $angeltype, $user_angeltype = null, // you cannot join if shift is full return new ShiftSignupState(ShiftSignupState::OCCUPIED, $free_entries); } - + if ($user_angeltype == null) { $user_angeltype = UserAngelType_by_User_and_AngelType($user, $angeltype); } - if ($user_angeltype == null || ($angeltype['restricted'] == 1 && $user_angeltype != null && ! isset($user_angeltype['confirm_user_id']))) { + if ($user_angeltype == null || ($angeltype['no_self_signup'] == 1 && $user_angeltype != null) || + ($angeltype['restricted'] == 1 && $user_angeltype != null && ! isset($user_angeltype['confirm_user_id']))) { // you cannot join if user is not of this angel type // you cannot join if you are not confirmed + return new ShiftSignupState(ShiftSignupState::ANGELTYPE, $free_entries); } diff --git a/includes/view/AngelTypes_view.php b/includes/view/AngelTypes_view.php index a48f8d4c..77e2fbb6 100644 --- a/includes/view/AngelTypes_view.php +++ b/includes/view/AngelTypes_view.php @@ -64,8 +64,10 @@ function AngelType_edit_view($angeltype, $supporter_mode) { form([ $supporter_mode ? form_info(_("Name"), $angeltype['name']) : form_text('name', _("Name"), $angeltype['name']), $supporter_mode ? form_info(_("Restricted"), $angeltype['restricted'] ? _("Yes") : _("No")) : form_checkbox('restricted', _("Restricted"), $angeltype['restricted']), + $supporter_mode ? form_info(_("No Self Sign Up"), $angeltype['no_self_signup'] ? _("Yes") : _("No")) : form_checkbox('no_self_signup', _("No Self Sign Up"), $angeltype['no_self_signup']), $supporter_mode ? form_info(_("Requires driver license"), $angeltype['requires_driver_license'] ? _("Yes") : _("No")) : form_checkbox('requires_driver_license', _("Requires driver license"), $angeltype['requires_driver_license']), form_info("", _("Restricted angel types can only be used by an angel if enabled by an archangel (double opt-in).")), + form_info("", _("Disabled Self Sign Up prevents angels form self assigning to a shift. They have to been added by coordinator.")), form_textarea('description', _("Description"), $angeltype['description']), form_info("", _("Please use markdown for the description.")), form_submit('submit', _("Save")) @@ -262,6 +264,7 @@ function AngelTypes_list_view($angeltypes, $admin_angeltypes) { table([ 'name' => _("Name"), 'restricted' => glyph('lock') . _("Restricted"), + 'no_self_signup' => glyph('share') . _("Self Sign Up Allowed"), 'membership' => _("Membership"), 'actions' => "" ], $angeltypes) @@ -289,6 +292,9 @@ function AngelTypes_about_view_angeltype($angeltype) { if ($angeltype['restricted']) { $html .= info(_("This angeltype is restricted by double-opt-in by a team supporter. Please show up at the according introduction meetings."), true); } + if ($angeltype['no_self_signup']) { + $html .= info(_("This angeltype is unable to self sign up for shifts. Please show up at the according introduction meetings."), true); + } if ($angeltype['description'] != "") { $html .= '