summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
efe597c)
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
return !is_null($this->profile());
}
return !is_null($this->profile());
}
+ /** Check if the user can edit to given profile.
+ */
+ public function canEdit(Profile $profile)
+ {
+ // XXX: Check permissions (e.g. secretary permission)
+ // and flags from the profile
+ return XDB::fetchOneCell('SELECT pid
+ FROM account_profiles
+ WHERE uid = {?} AND pid = {?}',
+ $this->id(), $profile->id());
+ }
+
/** Get the email alias of the user.
*/
public function emailAlias()
/** Get the email alias of the user.
*/
public function emailAlias()
-Subproject commit fed2b6d36f59c4542bd8d6fc0a137342c785d06b
+Subproject commit 179658ec4de09ec088235d91977013f64eed49db
http_redirect("http://www.polytechniciens.com/?page=AX_FICHE_ANCIEN&anc_id=$mat");
}
http_redirect("http://www.polytechniciens.com/?page=AX_FICHE_ANCIEN&anc_id=$mat");
}
- function handler_p_edit(&$page, $opened_tab = null, $mode = null)
+ function handler_p_edit(&$page, $user = null, $opened_tab = null, $mode = null)
+ if (is_null($user)) {
+ $user = S::user();
+ if (!$user->hasProfile()) {
+ return PL_NOT_FOUND;
+ } else {
+ pl_redirect('profile/edit/' . $user->profile()->hrid());
+ }
+ } else {
+ $user = Profile::get($user);
+ if (!$user) {
+ return PL_NOT_FOUND;
+ } else if (!S::user()->canEdit($user) && Platal::notAllowed()) {
+ return PL_FORBIDDEN;
+ }
+ }
+
// AX Synchronization
require_once 'synchro_ax.inc.php';
if (is_ax_key_missing()) {
// AX Synchronization
require_once 'synchro_ax.inc.php';
if (is_ax_key_missing()) {
$wiz->addPage('ProfileJobs', 'Informations professionnelles', 'emploi');
$wiz->addPage('ProfileSkills', 'Compétences diverses', 'skill');
$wiz->addPage('ProfileMentor', 'Mentoring', 'mentor');
$wiz->addPage('ProfileJobs', 'Informations professionnelles', 'emploi');
$wiz->addPage('ProfileSkills', 'Compétences diverses', 'skill');
$wiz->addPage('ProfileMentor', 'Mentoring', 'mentor');
- $wiz->apply($page, 'profile/edit', $opened_tab, $mode);
+ $wiz->apply($page, 'profile/edit/' . $user->hrid(), $opened_tab, $mode);
// Misc checks
$res = XDB::query("SELECT user_id
// Misc checks
$res = XDB::query("SELECT user_id