Batch process on users (#38596)

administrator/components/com_users/src/Model/UserModel.php

@@ -720,18 +720,59 @@ public function batchUser($groupId, $userIds, $action)
 
         // Remove the users from the group if requested.
         if (isset($doDelete)) {
-            $query = $db->getQuery(true);
+            /*
+            * First we need to check that the user is part of more than one group
+            * otherwise we will end up with a user that is not part of any group
+            * unless we are moving the user to a new group.
+            */
+            if ($doDelete === 'group') {
+                $query = $db->getQuery(true);
+                $query->select($db->quoteName('user_id'))
+                    ->from($db->quoteName('#__user_usergroup_map'))
+                    ->whereIn($db->quoteName('user_id'), $userIds);
+
+                // Add the group by clause to remove users who are only in one group
+                $query->group($db->quoteName('user_id'))
+                    ->having('COUNT(user_id) > 1');
+                $db->setQuery($query);
+                $users = $db->loadColumn();
+
+                // If we have no users to process, throw an error to notify the user
+                if (empty($users)) {
+                    $this->setError(Text::_('COM_USERS_ERROR_ONLY_ONE_GROUP'));
+
+                    return false;
+                }
+
+                // Check to see if the users are in the group to be removed
+                $query->clear()
+                    ->select($db->quoteName('user_id'))
+                    ->from($db->quoteName('#__user_usergroup_map'))
+                    ->whereIn($db->quoteName('user_id'), $users)
+                    ->where($db->quoteName('group_id') . ' = :group_id')
+                    ->bind(':group_id', $groupId, ParameterType::INTEGER);
+                $db->setQuery($query);
+                $users = $db->loadColumn();
 
-            // Remove users from the group
-            $query->delete($db->quoteName('#__user_usergroup_map'))
-                ->whereIn($db->quoteName('user_id'), $userIds);
+                // If we have no users to process, throw an error to notify the user
+                if (empty($users)) {
+                    $this->setError(Text::_('COM_USERS_ERROR_NOT_IN_GROUP'));
 
-            // Only remove users from selected group
-            if ($doDelete == 'group') {
-                $query->where($db->quoteName('group_id') . ' = :group_id')
+                    return false;
+                }
+
+                // Finally remove the users from the group
+                $query->clear()
+                    ->delete($db->quoteName('#__user_usergroup_map'))
+                    ->whereIn($db->quoteName('user_id'), $users)
+                    ->where($db->quoteName('group_id') . '= :group_id')
                     ->bind(':group_id', $groupId, ParameterType::INTEGER);
+                $db->setQuery($query);
+            } elseif ($doDelete === 'all') {
+                $query = $db->getQuery(true);
+                $query->delete($db->quoteName('#__user_usergroup_map'))
+                    ->whereIn($db->quoteName('user_id'), $users);
             }
-
             $db->setQuery($query);
 
             try {

administrator/language/en-GB/com_users.ini

@@ -100,6 +100,8 @@ COM_USERS_ERROR_CANNOT_BATCH_SUPERUSER="A non-Super User can't perform batch ope
 COM_USERS_ERROR_INVALID_GROUP="Invalid Group"
 COM_USERS_ERROR_LEVELS_NOLEVELS_SELECTED="No View Permission Level(s) selected."
 COM_USERS_ERROR_NO_ADDITIONS="The selected user(s) are already assigned to the selected group."
+COM_USERS_ERROR_NOT_IN_GROUP="The selected user(s) are not in the selected group."
+COM_USERS_ERROR_ONLY_ONE_GROUP="A user must belong to at least one group."
 COM_USERS_ERROR_VIEW_LEVEL_IN_USE="You can't delete the view access level '%d:%s' because it is being used by content."
 COM_USERS_FIELDS_USER_FIELDS_TITLE="Users: Fields"
 COM_USERS_FIELDS_USER_FIELD_ADD_TITLE="Users: New Field"