Dev: Refactored deluser

LimeSurvey · Aug 9, 2016 · 014022b · 014022b
1 parent 5fe8b84
commit 014022b
Showing 1 changed file with 61 additions and 63 deletions.
diff --git a/application/controllers/admin/useraction.php b/application/controllers/admin/useraction.php
@@ -32,6 +32,17 @@ public function __construct($controller, $id)
         Yii::app()->loadHelper('database');
     }
 
+    /** 
+    * Get Post- or Paramvalue depending on where to get it
+    */
+    private function _getPostOrParam($param){
+        $value = Yii::app()->request->getPost($param);
+        if(!$value)
+        {
+            $value = Yii::app()->request->getParam($param);
+        }
+        return $value;
+    }
     /**
     * Show users table
     */
@@ -199,93 +210,80 @@ public function deluser()
             Yii::app()->setFlashMessage(gT("You do not have permission to access this page."),'error');
             $this->getController()->redirect(array("admin/user/sa/index"));
         }
-        $action = Yii::app()->request->getPost("action");
-        if(!$action)
-        {
-            $action = Yii::app()->request->getParam("action");
-        }
+
+        $action = $this->_getPostOrParam("action");
 
         $aViewUrls = array();
 
         // CAN'T DELETE ORIGINAL SUPERADMIN (with findByAttributes : found the first user without parent)
         $oInitialAdmin = User::model()->findByAttributes(array('parent_id' => 0));
 
-        $postuserid = (int) Yii::app()->request->getPost("uid");
-        if(!$postuserid)
+        $postuserid = $this->_getPostOrParam("uid");
+        $postuser = flattenText($this->_getPostOrParam("user"));
+
+        if ($oInitialAdmin && $oInitialAdmin->uid == $postuserid) // it's the original superadmin !!!
         {
-            $postuserid = (int) Yii::app()->request->getParam("uid");
+            Yii::app()->setFlashMessage(gT("Initial Superadmin cannot be deleted!"),'error');
+            $this->getController()->redirect(array("admin/user/sa/index"));
+            return;
         }
 
-        $postuser = flattenText(Yii::app()->request->getPost("user"));
-        if(!$postuser)
+        //If there was no uid transferred  
+        if (!$postuserid)
         {
-            $postuser = (int) Yii::app()->request->getParam("user");
+            Yii::app()->setFlashMessage(gT("Could not delete user. User was not supplied."),'error');
+            $this->getController()->redirect(array("admin/user/sa/index"));
+            return;
         }
 
-        if ($oInitialAdmin && $oInitialAdmin->uid == $postuserid) // it's the original superadmin !!!
+        $sresultcount = 0; // 1 if I am parent of $postuserid
+        if (!Permission::model()->hasGlobalPermission('superadmin','read'))
         {
-            Yii::app()->setFlashMessage(gT("Initial Superadmin cannot be deleted!"),'error');
-            $this->getController()->redirect(array("admin/user/sa/index"));
+            $sresult = User::model()->findAllByAttributes(array('parent_id' => $postuserid, 'parent_id' => Yii::app()->session['loginID']));
+            $sresultcount = count($sresult);
         }
-        else
+
+        if (Permission::model()->hasGlobalPermission('superadmin','read') || $sresultcount > 0 || $postuserid == Yii::app()->session['loginID'])
         {
-            if ($postuserid)
-            {
-                $sresultcount = 0; // 1 if I am parent of $postuserid
-                if (!Permission::model()->hasGlobalPermission('superadmin','read'))
-                {
-                    $sresult = User::model()->findAllByAttributes(array('parent_id' => $postuserid, 'parent_id' => Yii::app()->session['loginID']));
-                    $sresultcount = count($sresult);
-                }
+            $transfer_surveys_to = 0;
+            $ownerUser = User::model()->findAll();
+            $aData = array();
+            $aData['users'] = $ownerUser;
 
-                if (Permission::model()->hasGlobalPermission('superadmin','read') || $sresultcount > 0 || $postuserid == Yii::app()->session['loginID'])
+            $current_user = Yii::app()->session['loginID'];
+            if (count($ownerUser) == 2) {
+                $action = "finaldeluser";
+                foreach ($ownerUser as &$user)
                 {
-                    $transfer_surveys_to = 0;
-                    $ownerUser = User::model()->findAll();
-                    $aData = array();
-                    $aData['users'] = $ownerUser;
-
-                    $current_user = Yii::app()->session['loginID'];
-                    if (count($ownerUser) == 2) {
-                        $action = "finaldeluser";
-                        foreach ($ownerUser as &$user)
-                        {
-                            if ($postuserid != $user['uid'])
-                                $transfer_surveys_to = $user['uid'];
-                        }
-                    }
-
-                    $ownerUser = Survey::model()->findAllByAttributes(array('owner_id' => $postuserid));
-                    if (count($ownerUser) == 0) {
-                        $action = "finaldeluser";
-                    }
+                    if ($postuserid != $user['uid'])
+                        $transfer_surveys_to = $user['uid'];
+                }
+            }
 
-                    if ($action == "finaldeluser")
-                    {
-                        $this->deleteFinalUser($ownerUser, $transfer_surveys_to);
-                    }
-                    else
-                    {
-                        $aData['postuserid'] = $postuserid;
-                        $aData['postuser'] = $postuser;
-                        $aData['current_user'] = $current_user;
+            $ownerUser = Survey::model()->findAllByAttributes(array('owner_id' => $postuserid));
+            if (count($ownerUser) == 0) {
+                $action = "finaldeluser";
+            }
 
-                        $aViewUrls['deluser'][] = $aData;
-                        $this->_renderWrappedTemplate('user', $aViewUrls);
-                    }
-                }
-                else
-                {
-                    Yii::app()->setFlashMessage(gT("You do not have permission to access this page."),'error');
-                    $this->getController()->redirect(array("admin/user/sa/index"));
-                }
+            if ($action == "finaldeluser")
+            {
+                $this->deleteFinalUser($ownerUser, $transfer_surveys_to);
             }
             else
             {
-                Yii::app()->setFlashMessage(gT("Could not delete user. User was not supplied."),'error');
-                $this->getController()->redirect(array("admin/user/sa/index"));
+                $aData['postuserid'] = $postuserid;
+                $aData['postuser'] = $postuser;
+                $aData['current_user'] = $current_user;
+
+                $aViewUrls['deluser'][] = $aData;
+                $this->_renderWrappedTemplate('user', $aViewUrls);
             }
         }
+        else
+        {
+            Yii::app()->setFlashMessage(gT("You do not have permission to access this page."),'error');
+            $this->getController()->redirect(array("admin/user/sa/index"));
+        }
 
         return $aViewUrls;
     }