extended circular mail functionality in room management, closes #5804

Closes #5804 Merge request studip/studip!4427
author: Moritz Strohm <strohm@data-quest.de> 2025-10-02 07:31:04 +0000
committer: Moritz Strohm <strohm@data-quest.de> 2025-10-02 07:31:04 +0000
commit: 2dc5aaea055932df52d0b08992dfdd4b76718411 (patch)
tree: f931e38591f2b64abe7a800209d82ebf0d44204d /app
parent: 11ca5b13005a3338515aa49381e41fa5ef56f3a1 (diff)
3 files changed, 54 insertions, 16 deletions
diff --git a/app/controllers/resources/messages.php b/app/controllers/resources/messages.php
index da3ca87..ae966e0 100644
--- a/app/controllers/resources/messages.php
+++ b/app/controllers/resources/messages.php
@@ -32,7 +32,11 @@ class Resources_MessagesController extends AuthenticatedController
 
         $this->current_user = User::findCurrent();
 
-        if (!ResourceManager::userHasGlobalPermission($this->current_user, 'admin')) {
+        if (
+            !ResourceManager::userHasGlobalPermission($this->current_user)
+            && !RoomManager::userHasRooms($this->current_user)
+        ) {
+            //The user has neither global nor specific user permissions on resources.
             throw new AccessDeniedException();
         }
 
@@ -40,7 +44,23 @@ class Resources_MessagesController extends AuthenticatedController
         $this->recipient_selection = 'permission';
         $this->clipboard_id = '';
         $this->min_permission = '';
+        $this->room_ids = Request::getArray('room_ids');
         $this->selected_rooms = [];
+        $new_room_id_list     = [];
+        if (count($this->room_ids) > 0) {
+            $rooms = Room::findMany($this->room_ids, 'ORDER BY name ASC');
+            foreach ($rooms as $room) {
+                //The current user must have at least user permissions to preselect a room.
+                if ($room->userHasPermission($this->current_user)) {
+                    //Set the room as selected room and put its ID in the new room-ID list.
+                    $this->selected_rooms[] = $room;
+                    $new_room_id_list[]     = $room->id;
+                }
+            }
+        }
+        //Filter out all rooms from the room-ID list where the user does not have user permissions:
+        $old_room_id_list = $this->room_ids;
+        $this->room_ids   = $new_room_id_list;
 
         $this->room_search = new QuickSearch(
             'room_name',
@@ -66,12 +86,19 @@ class Resources_MessagesController extends AuthenticatedController
 
             $this->recipient_selection = Request::get('recipient_selection');
             $this->room_selection = Request::get('room_selection');
-            $this->room_ids = Request::getArray('room_ids');
-            $this->selected_rooms = Room::findMany($this->room_ids);
             $this->clipboard_id = Request::int('clipboard_id');
 
             //First validation:
 
+            if (empty($this->room_ids)) {
+                if (empty($old_room_id_list)) {
+                    PageLayout::postError(_('Sie haben keinen Raum ausgewählt.'));
+                } else {
+                    PageLayout::postError(_('Sie haben an den ausgewählten Räumen nicht die erforderlichen Berechtigungen, um eine Rundmail zu senden.'));
+                }
+                return;
+            }
+
             if (!in_array($this->room_selection, ['search', 'clipboard'])) {
                 PageLayout::postError(
                     _('Die Raumauswahl ist ungültig!')
@@ -227,7 +254,9 @@ class Resources_MessagesController extends AuthenticatedController
                 PageLayout::postInfo(
                     _('Für die gewählten Räume gibt es keine Empfänger!')
                 );
-                $this->relocate('resources/messages/index');
+                if (!Request::isDialog()) {
+                    $this->relocate('resources/messages/index');
+                }
                 return;
             }
 
diff --git a/app/views/resources/_common/_room_tr.php b/app/views/resources/_common/_room_tr.php
index 01c70df..adb18e0 100644
--- a/app/views/resources/_common/_room_tr.php
+++ b/app/views/resources/_common/_room_tr.php
@@ -4,27 +4,27 @@
  *
  * Template variables:
  *
- * $room: A Room object.
- * $show_admin_actions: Boolean: Whether to display actions which are
+ * @var Room $room A Room object.
+ * @var bool $show_admin_actions Whether to display actions which are
  *     designed for users with 'admin' resource permissions.
  *     Defaults to false (do not show actions).
- * $show_tutor_actions: Boolean: Whether to display actions which are
+ * @var bool $show_tutor_actions Whether to display actions which are
  *     designed for users with 'tutor' resource permissions.
  *     Defaults to false (do not show actions).
- * $show_autor_actions: Boolean: Whether to display actions which are
+ * @var bool $show_autor_actions Whether to display actions which are
  *     designed for users with 'autor' resource permissions.
  *     Defaults to false (do not show actions).
- * $show_user_actions: Boolean: Whether to display actions which are
+ * @var bool $show_user_actions Whether to display actions which are
  *     designed for users with 'user' resource permissions.
  *     Defaults to false (do not show actions).
- * $user_has_booking_rights: Boolean: Whether the user for which this template
+ * @var bool $user_has_booking_rights Whether the user for which this template
  *     is rendered has booking rights on the resource (true) or not (false).
- * $show_picture: Boolean: Whether to display the room picture or not.
+ * @var bool $show_picture Whether to display the room picture or not.
  *     Defaults to false (do not show picture).
- * $additional_properties: Array: Additional properties
+ * @var array $additional_properties Additional properties
  *     that shall be displayed in extra columns.
- * $additional_columns: Array: Additional columns for the table.
- * $additional_actions: Array: Additional actions for the action menu.
+ * @var array $additional_columns Additional columns for the table.
+ * @var array $additional_actions Additional actions for the action menu.
  *     This array contains associative arrays where each of those arrays
  *     has the following structure and indexes:
  *     [
@@ -47,7 +47,16 @@ if ($room->requestable && $show_autor_actions) {
             ['target' => '_blank']
         ]
     ];
-} ?>
+}
+if ($show_user_actions) {
+    $room_actions['0021'] = [
+        URLHelper::getLink('dispatch.php/resources/messages/index', ['room_ids[]' => $room->id]),
+        _('Rundmail schreiben'),
+        Icon::create('mail'),
+        ['data-dialog' => 'size=auto']
+    ];
+}
+?>
 
 <?= $this->render_partial(
     'resources/_common/_resource_tr.php',
diff --git a/app/views/resources/messages/index.php b/app/views/resources/messages/index.php
index 0bd4767..15f233e 100644
--- a/app/views/resources/messages/index.php
+++ b/app/views/resources/messages/index.php
@@ -1,4 +1,4 @@
-<form class="default resources_messages-form" method="post" data-dialog="size=auto"
+<form class="default resources_messages-form" method="post" <?= Request::isDialog() ? 'data-dialog="size=auto"' : '' ?>
       action="<?= URLHelper::getLink('dispatch.php/resources/messages/index') ?>">
     <?= CSRFProtection::tokenTag() ?>
     <fieldset>
author	Moritz Strohm <strohm@data-quest.de>	2025-10-02 07:31:04 +0000
committer	Moritz Strohm <strohm@data-quest.de>	2025-10-02 07:31:04 +0000
commit	2dc5aaea055932df52d0b08992dfdd4b76718411 (patch)
tree	f931e38591f2b64abe7a800209d82ebf0d44204d /app
parent	11ca5b13005a3338515aa49381e41fa5ef56f3a1 (diff)