From 564a06bd1c0ae00be8936827d8c8c394201c8d97 Mon Sep 17 00:00:00 2001 From: Pierre HUBERT Date: Tue, 10 Jul 2018 08:30:06 +0200 Subject: [PATCH] Can update group membership level. --- RestControllers/GroupsController.php | 44 ++++++++++++++++++++++++++ classes/components/GroupsComponent.php | 2 +- 2 files changed, 45 insertions(+), 1 deletion(-) diff --git a/RestControllers/GroupsController.php b/RestControllers/GroupsController.php index a462405..beb3ff7 100644 --- a/RestControllers/GroupsController.php +++ b/RestControllers/GroupsController.php @@ -382,6 +382,50 @@ class GroupsController { return array("success" => "The membership has been successfully deleted!"); } + /** + * Update a membership level + * + * @url POST /groups/update_membership_level + */ + public function updateMembershipLevel() : array { + + user_login_required(); + + //Get the ID of the target group + $groupID = getPostGroupIdWithAccess("groupID", GroupInfo::ADMIN_ACCESS); + + //Get target user ID + $userID = getPostUserID("userID"); + + if($userID == userID) + Rest_fatal_error(400, "You can not update your own membership!"); + + //Get current user membership + $level = components()->groups->getMembershipLevel($userID, $groupID); + + //Check if the user is at least a member of the group + if($level > GroupMember::MEMBER) + Rest_fatal_error(401, "This user is not a member of the group!"); + + //Get the new membership level of the user + $levels = array_flip(self::GROUPS_MEMBERSHIP_LEVELS); + + $new_level_str = postString("level"); + if(!isset($levels[$new_level_str])) + Rest_fatal_error(401, "Specified membership level not found!"); + $newLevel = $levels[$new_level_str]; + + if($newLevel > GroupMember::MEMBER) + Rest_fatal_error(401, "You can not assign this visibility level to a group member!"); + + //Try to update the membership of the user + if(!components()->groups->updateMembershipLevel($userID, $groupID, $newLevel)) + Rest_fatal_error(500, "Could not update membership level!"); + + //Success + return array("success" => "User membership has been updated!"); + } + /** * Respond to a membership request * diff --git a/classes/components/GroupsComponent.php b/classes/components/GroupsComponent.php index 868f9e0..f98afdb 100644 --- a/classes/components/GroupsComponent.php +++ b/classes/components/GroupsComponent.php @@ -224,7 +224,7 @@ class GroupsComponent { * @param int $level The target level * @return bool TRUE for a success / FALSE else */ - private function updateMembershipLevel(int $userID, int $groupID, int $level) : bool { + public function updateMembershipLevel(int $userID, int $groupID, int $level) : bool { return db()->updateDB( self::GROUPS_MEMBERS_TABLE, "user_id = ? AND groups_id = ?",