diff options
| author | Rasmus Fuhse <fuhse@data-quest.de> | 2024-11-11 16:40:10 +0000 |
|---|---|---|
| committer | Moritz Strohm <strohm@data-quest.de> | 2024-11-11 16:40:10 +0000 |
| commit | f7e119d1c9924a827ef1d291a5dd31271e7e82d0 (patch) | |
| tree | 2de27dd5815483b27b8ec27ac5a64ccf269fad64 /app/controllers/course/basicdata.php | |
| parent | 2d2951ecdca42fac87b9e1b37cc1a33495c97f6d (diff) | |
course/basicdata: fixed adding lecturers, deputies and tutors, fixes #4846
Closes #4846
Merge request studip/studip!3631
Diffstat (limited to 'app/controllers/course/basicdata.php')
| -rw-r--r-- | app/controllers/course/basicdata.php | 54 |
1 files changed, 36 insertions, 18 deletions
diff --git a/app/controllers/course/basicdata.php b/app/controllers/course/basicdata.php index 04bf8fc..10e77d8 100644 --- a/app/controllers/course/basicdata.php +++ b/app/controllers/course/basicdata.php @@ -612,36 +612,46 @@ class Course_BasicdataController extends AuthenticatedController public function add_member_action($course_id, $status = 'dozent') { + if (!$GLOBALS['perm']->have_studip_perm('dozent', $course_id)) { + throw new AccessDeniedException(); + } + // We don't need to check the csrf protection at this point since it // is already checked by the multiperson search endpoint // load MultiPersonSearch object $mp = MultiPersonSearch::load("add_member_{$status}{$course_id}"); - switch($status) { - case 'tutor' : - $func = 'addTutor'; - break; - case 'deputy': - $func = 'addDeputy'; - break; - default: - $func = 'addTeacher'; - break; - } + $course = Course::find($course_id); + $succeeded = []; - $failed = []; + $failed = []; foreach ($mp->getAddedUsers() as $a) { - $result = $this->$func($a, $course_id); - if ($result !== false) { - $succeeded[] = User::find($a)->getFullName('no_title_rev'); + $user = User::find($a); + $result = false; + if ($status === 'deputy') { + $result = Deputy::addDeputy($user->id, $course->id) > 0; + } else { + try { + $course->addMember( + $user, + $status === 'tutor' ? 'tutor' : 'dozent' + ); + $result = true; + } catch (\Studip\EnrolmentException $e) { + $result = $e->getMessage(); + } + } + if ($result === true) { + $succeeded[] = $user->getFullName('no_title_rev'); + } elseif (is_string($result)) { + $failed[] = [$user->getFullName('no_title_rev'), $result]; } else { - $failed[] = User::find($a)->getFullName('no_title_rev'); + $failed[] = [$user->getFullName('no_title_rev')]; } } // Only show the success messagebox once if ($succeeded) { - $course = Course::find($course_id); $status_title = get_title_for_status($status, count($succeeded), $course->status); if (count($succeeded) > 1) { $messagetext = sprintf( @@ -664,9 +674,17 @@ class Course_BasicdataController extends AuthenticatedController // only show an error messagebox once with list of errors! if ($failed) { + $messages = []; + foreach ($failed as $fail) { + if (is_array($fail)) { + $messages[] = sprintf('%s: %s', $fail[0], $fail[1]); + } else { + $messages[] = $fail; + } + } PageLayout::postError( _('Bei den folgenden Nutzer/-innen ist ein Fehler aufgetreten') , - array_map('htmlReady', $failed) + array_map('htmlReady', $messages) ); } $this->flash['open'] = 'bd_personal'; |