fixes #298 allow a shift supporter to remove a user from shift

main
msquare 8 years ago
parent 0c15964e6b
commit 99c7e8ce1a

@ -145,11 +145,7 @@ function shift_entry_add_controller() {
* Remove somebody from a shift. * Remove somebody from a shift.
*/ */
function shift_entry_delete_controller() { function shift_entry_delete_controller() {
global $privileges; global $privileges, $user;
if (! in_array('user_shifts_admin', $privileges)) {
redirect(page_link_to('user_shifts'));
}
if (! isset($_REQUEST['entry_id']) || ! test_request_int('entry_id')) { if (! isset($_REQUEST['entry_id']) || ! test_request_int('entry_id')) {
redirect(page_link_to('user_shifts')); redirect(page_link_to('user_shifts'));
@ -157,7 +153,7 @@ function shift_entry_delete_controller() {
$entry_id = $_REQUEST['entry_id']; $entry_id = $_REQUEST['entry_id'];
$shift_entry_source = sql_select(" $shift_entry_source = sql_select("
SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type` SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type`, `AngelTypes`.`id` as `angeltype_id`
FROM `ShiftEntry` FROM `ShiftEntry`
JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`) JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`)
JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`)
@ -168,6 +164,10 @@ function shift_entry_delete_controller() {
if (count($shift_entry_source) > 0) { if (count($shift_entry_source) > 0) {
$shift_entry_source = $shift_entry_source[0]; $shift_entry_source = $shift_entry_source[0];
if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter', $privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id'])))) {
redirect(page_link_to('user_shifts'));
}
$result = ShiftEntry_delete($entry_id); $result = ShiftEntry_delete($entry_id);
if ($result === false) { if ($result === false) {
engelsystem_error('Unable to delete shift entry.'); engelsystem_error('Unable to delete shift entry.');
@ -178,7 +178,7 @@ function shift_entry_delete_controller() {
} else { } else {
error(_("Entry not found.")); error(_("Entry not found."));
} }
redirect(page_link_to('user_shifts')); redirect(shift_link($shift_entry_source));
} }
?> ?>

@ -57,7 +57,7 @@ function NeededAngelTypes_delete_by_room($room_id) {
*/ */
function NeededAngelTypes_by_shift($shiftId) { function NeededAngelTypes_by_shift($shiftId) {
$needed_angeltypes_source = sql_select(" $needed_angeltypes_source = sql_select("
SELECT `NeededAngelTypes`.*, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted` SELECT `NeededAngelTypes`.*, `AngelTypes`.`id`, `AngelTypes`.`name`, `AngelTypes`.`restricted`, `AngelTypes`.`no_self_signup`
FROM `NeededAngelTypes` FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id` JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
WHERE `shift_id`='" . sql_escape($shiftId) . "' WHERE `shift_id`='" . sql_escape($shiftId) . "'

@ -99,6 +99,11 @@ function Shift_view($shift, $shifttype, $room, $angeltypes_source, ShiftSignupSt
} }
function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin) { function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shift, $user_shift_admin) {
global $user;
$angeltype = $angeltypes[$needed_angeltype['TID']];
$angeltype_supporter = User_is_AngelType_supporter($user, $angeltype);
$needed_angels = ''; $needed_angels = '';
$class = 'progress-bar-warning'; $class = 'progress-bar-warning';
@ -110,9 +115,9 @@ function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shi
} }
$needed_angels .= '<div class="list-group-item">'; $needed_angels .= '<div class="list-group-item">';
$needed_angels .= '<div class="pull-right">' . Shift_signup_button_render($shift, $angeltypes[$needed_angeltype['TID']]) . '</div>'; $needed_angels .= '<div class="pull-right">' . Shift_signup_button_render($shift, $angeltype) . '</div>';
$needed_angels .= '<h3>' . AngelType_name_render($angeltypes[$needed_angeltype['TID']]) . '</h3>'; $needed_angels .= '<h3>' . AngelType_name_render($angeltype) . '</h3>';
$bar_max = max($needed_angeltype['count'] * 10, $needed_angeltype['taken'] * 10, 10); $bar_max = max($needed_angeltype['count'] * 10, $needed_angeltype['taken'] * 10, 10);
$bar_value = max(1, $needed_angeltype['taken'] * 10); $bar_value = max(1, $needed_angeltype['taken'] * 10);
$needed_angels .= progress_bar(0, $bar_max, $bar_value, $class, $needed_angeltype['taken'] . ' / ' . $needed_angeltype['count']); $needed_angels .= progress_bar(0, $bar_max, $bar_value, $class, $needed_angeltype['taken'] . ' / ' . $needed_angeltype['count']);
@ -120,7 +125,7 @@ function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shi
$angels = []; $angels = [];
foreach ($shift['ShiftEntry'] as $shift_entry) { foreach ($shift['ShiftEntry'] as $shift_entry) {
if ($shift_entry['TID'] == $needed_angeltype['TID']) { if ($shift_entry['TID'] == $needed_angeltype['TID']) {
$angels[] = Shift_view_render_shift_entry($shift_entry, $user_shift_admin); $angels[] = Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angeltype_supporter);
} }
} }
@ -130,14 +135,16 @@ function Shift_view_render_needed_angeltype($needed_angeltype, $angeltypes, $shi
return $needed_angels; return $needed_angels;
} }
function Shift_view_render_shift_entry($shift_entry, $user_shift_admin) { function Shift_view_render_shift_entry($shift_entry, $user_shift_admin, $angeltype_supporter) {
$entry = User_Nick_render(User($shift_entry['UID'])); $entry = User_Nick_render(User($shift_entry['UID']));
if ($shift_entry['freeloaded']) { if ($shift_entry['freeloaded']) {
$entry = '<strike>' . $entry . '</strike>'; $entry = '<strike>' . $entry . '</strike>';
} }
if ($user_shift_admin) { if ($user_shift_admin || $angeltype_supporter) {
$entry .= ' <div class="btn-group">'; $entry .= ' <div class="btn-group">';
if ($user_shift_admin) {
$entry .= button_glyph(page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'], 'pencil', 'btn-xs'); $entry .= button_glyph(page_link_to('user_myshifts') . '&edit=' . $shift_entry['id'] . '&id=' . $shift_entry['UID'], 'pencil', 'btn-xs');
}
$entry .= button_glyph(page_link_to('user_shifts') . '&entry_id=' . $shift_entry['id'], 'trash', 'btn-xs'); $entry .= button_glyph(page_link_to('user_shifts') . '&entry_id=' . $shift_entry['id'], 'trash', 'btn-xs');
$entry .= '</div>'; $entry .= '</div>';
} }

Loading…
Cancel
Save