Skip to content
Permalink
Browse files

Add conf limit_session_admin_list_users - refs BT#15003

Limits that a session admin has access to list users
  • Loading branch information...
AngelFQC committed Oct 24, 2018
1 parent 339b448 commit ed0d11a7c5ee9fd66dabebcc2e74b145a1662d0f
Showing with 35 additions and 5 deletions.
  1. +18 −5 main/admin/index.php
  2. +2 −0 main/admin/user_list.php
  3. +13 −0 main/inc/lib/api.lib.php
  4. +2 −0 main/install/configuration.dist.php
@@ -113,18 +113,31 @@
if (api_get_configuration_value('show_link_request_hrm_user')) {
$items[] = ['url' => 'user_linking_requests.php', 'label' => get_lang('UserLinkingRequests')];
}
} elseif (api_is_session_admin() && api_get_configuration_value('limit_session_admin_role')) {
$items = [
['url' => 'user_list.php', 'label' => get_lang('UserList')],
['url' => 'user_add.php', 'label' => get_lang('AddUsers')],
];
} else {
$items = [
['url' => 'user_list.php', 'label' => get_lang('UserList')],
['url' => 'user_add.php', 'label' => get_lang('AddUsers')],
['url' => 'user_import.php', 'label' => get_lang('ImportUserListXMLCSV')],
['url' => 'usergroups.php', 'label' => get_lang('Classes')],
];
if (api_is_session_admin()) {
if (true === api_get_configuration_value('limit_session_admin_role')) {
$items = array_filter($items, function (array $item) {
$urls = ['user_list.php', 'user_add.php'];
return in_array($item['url'], $urls);
});
}
if (true === api_get_configuration_value('limit_session_admin_list_users')) {
$items = array_filter($items, function (array $item) {
$urls = ['user_list.php'];
return !in_array($item['url'], $urls);
});
}
}
}
$blocks['users']['items'] = $items;
@@ -12,6 +12,8 @@
$cidReset = true;
require_once __DIR__.'/../inc/global.inc.php';
api_protect_session_admin_list_users();
$urlId = api_get_current_access_url_id();
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
@@ -8993,6 +8993,19 @@ function api_protect_limit_for_session_admin()
}
}
/**
* Limits that a session admin has access to list users.
* When limit_session_admin_list_users configuration variable is set to true.
*/
function api_protect_session_admin_list_users()
{
$limitAdmin = api_get_configuration_value('limit_session_admin_list_users');
if (api_is_session_admin() && true === $limitAdmin) {
api_not_allowed(true);
}
}
/**
* @return bool
*/
@@ -411,6 +411,8 @@
//$_configuration['system_announce_extra_roles'] = false;
// Limits the features that a session admin has access to from the main admin panel (removes users import and usergroups)
//$_configuration['limit_session_admin_role'] = false;
// Limits that a session admin has access to list users
//$_configuration['limit_session_admin_list_users'] = false;
// Course tools visibility edition in sessions
//$_configuration['allow_edit_tool_visibility_in_session'] = false;
// Enable the support to ODF files

0 comments on commit ed0d11a

Please sign in to comment.
You can’t perform that action at this time.