* [ADD] Allow to change the account's owner and main group when the user is the account's owner. Related #705

Signed-off-by: Rubén D <nuxsmin@syspass.org>
2026-03-07 08:56:59 +01:00 · 2019-02-24 23:32:45 +01:00
parent 4e26b3918e
commit 5f37d466dd
2 changed files with 54 additions and 23 deletions
--- a/app/modules/web/themes/material-blue/views/account/account-permissions.inc
+++ b/app/modules/web/themes/material-blue/views/account/account-permissions.inc
@@ -18,7 +18,9 @@
                    <div class="account-permissions">
                        <div class="tag-list-box">
                            <?php if (!$_getvar('isView')): ?>
-                                <select id="other_users_view" name="other_users_view[]" multiple="multiple"
+                                <select id="other_users_view"
+                                        name="other_users_view[]"
+                                        multiple="multiple"
                                        class="select-box-tags" <?php echo $_getvar('disabled'); ?>>
                                    <option value=""><?php echo __('Select Users'); ?></option>
                                    <?php /** @var \SP\Mvc\View\Components\SelectItem $otherUser */
@@ -49,7 +51,9 @@

                        <div class="tag-list-box">
                            <?php if (!$_getvar('isView')): ?>
-                                <select id="other_users_edit" name="other_users_edit[]" multiple="multiple"
+                                <select id="other_users_edit"
+                                        name="other_users_edit[]"
+                                        multiple="multiple"
                                        class="select-box-tags" <?php echo $_getvar('disabled'); ?>>
                                    <option value=""><?php echo __('Select Users'); ?></option>
                                    <?php /** @var \SP\Mvc\View\Components\SelectItem $otherUser */
@@ -86,7 +90,9 @@
                    <div class="account-permissions">
                        <div class="tag-list-box">
                            <?php if (!$_getvar('isView')): ?>
-                                <select id="other_usergroups_view" name="other_usergroups_view[]" multiple="multiple"
+                                <select id="other_usergroups_view"
+                                        name="other_usergroups_view[]"
+                                        multiple="multiple"
                                        class="select-box-tags" <?php echo $_getvar('disabled'); ?>>
                                    <option value=""><?php echo __('Select Groups'); ?></option>
                                    <?php /** @var \SP\Mvc\View\Components\SelectItem $otherUserGroup */
@@ -117,7 +123,9 @@

                        <div class="tag-list-box">
                            <?php if (!$_getvar('isView')): ?>
-                                <select id="other_usergroups_edit" name="other_usergroups_edit[]" multiple="multiple"
+                                <select id="other_usergroups_edit"
+                                        name="other_usergroups_edit[]"
+                                        multiple="multiple"
                                        class="select-box-tags" <?php echo $_getvar('disabled'); ?>>
                                    <option value=""><?php echo __('Select Groups'); ?></option>
                                    <?php /** @var \SP\Mvc\View\Components\SelectItem $otherUserGroup */
@@ -152,21 +160,23 @@
            <?php if ($_getvar('copyAction')): // Forces an update of permissions when copying from another account ?>
                <input type="hidden" name="other_users_view_update" value="1">
                <input type="hidden" name="other_users_edit_update" value="1">
-                <input type="hidden" name="other_usergroups_view_update" value="1">
-                <input type="hidden" name="other_usergroups_edit_update" value="1">
+                <input type="hidden" name="other_usergroups_view_update"
+                       value="1">
+                <input type="hidden" name="other_usergroups_edit_update"
+                       value="1">
            <?php endif; ?>
        <?php endif; ?>

-        <?php if (($_getvar('editAction')
-                || $_getvar('createAction')
-                || $_getvar('copyAction'))
+        <?php if (!$_getvar('isView')
            && ($_getvar('ctx_userIsAdminApp')
                || $_getvar('ctx_userIsAdminAcc')
-                || $_getvar('ctx_userId') === $accountData->getUserId())): ?>
+                || ($gotData && $_getvar('ctx_userId') === $accountData->getUserId()))
+        ): ?>
            <tr>
                <td class="descField"><?php echo __('Owner'); ?></td>
                <td class="valField">
-                    <select id="owner_id" name="owner_id" class="select-box" <?php echo $_getvar('disabled'); ?>>
+                    <select id="owner_id" name="owner_id"
+                            class="select-box" <?php echo $_getvar('disabled'); ?>>
                        <option value=""><?php echo __('Select User'); ?></option>
                        <?php /** @var \SP\Mvc\View\Components\SelectItem $user */
                        foreach ($_getvar('users') as $user): ?>
@@ -179,7 +189,13 @@
            </tr>
        <?php endif; ?>

-        <?php if ($_getvar('ctx_userIsAdminApp') || $_getvar('ctx_userIsAdminAcc')): ?>
+        <?php if (!$_getvar('isView')
+            && ($_getvar('ctx_userIsAdminApp')
+                || $_getvar('ctx_userIsAdminAcc')
+                || ($gotData
+                    && ($_getvar('ctx_userId') === $accountData->getUserId()
+                        || $_getvar('ctx_userGroupId') === $accountData->getUserGroupId())))
+        ): ?>
            <tr>
                <td class="descField"><?php echo __('Main Group'); ?></td>
                <td class="valField">
@@ -203,8 +219,10 @@
            <tr>
                <td class="descField"><?php echo __('Private Account'); ?></td>
                <td class="valField">
-                    <label class="mdl-switch mdl-js-switch mdl-js-ripple-effect" for="private_enabled">
-                        <input name="private_enabled" type="checkbox" id="private_enabled"
+                    <label class="mdl-switch mdl-js-switch mdl-js-ripple-effect"
+                           for="private_enabled">
+                        <input name="private_enabled" type="checkbox"
+                               id="private_enabled"
                               class="mdl-switch__input" <?php echo $checked ? 'checked' : '';
                        echo $_getvar('disabled'); ?>/>
                        <span class="mdl-switch__label"><?php echo __('Private'); ?></span>
@@ -219,8 +237,10 @@
            <tr>
                <td class="descField"><?php echo __('Private Account for Group'); ?></td>
                <td class="valField">
-                    <label class="mdl-switch mdl-js-switch mdl-js-ripple-effect" for="private_group_enabled">
-                        <input name="private_group_enabled" type="checkbox" id="private_group_enabled"
+                    <label class="mdl-switch mdl-js-switch mdl-js-ripple-effect"
+                           for="private_group_enabled">
+                        <input name="private_group_enabled" type="checkbox"
+                               id="private_group_enabled"
                               class="mdl-switch__input" <?php echo $checked ? 'checked' : '';
                        echo $_getvar('disabled'); ?>/>
                        <span class="mdl-switch__label"><?php echo __('Private for Group'); ?></span>
--- a/lib/SP/Services/Account/AccountService.php
+++ b/lib/SP/Services/Account/AccountService.php
@@ -425,16 +425,27 @@ final class AccountService extends Service implements AccountServiceInterface
    {
        $this->transactionAware(function () use ($accountRequest) {
            $userData = $this->context->getUserData();
+            $userProfile = $this->context->getUserProfile();

-            $accountRequest->changePermissions = AccountAclService::getShowPermission(
-                $userData,
-                $this->context->getUserProfile());
+            $accountRequest->changePermissions =
+                AccountAclService::getShowPermission($userData, $userProfile);

-            $accountRequest->changeOwner = $accountRequest->userId > 0
-                && ($userData->getIsAdminApp() || $userData->getIsAdminAcc());
+            if ($accountRequest->changePermissions) {
+                $account = $this->getById($accountRequest->id)->getAccountVData();

-            $accountRequest->changeUserGroup = $accountRequest->userGroupId > 0
-                && $accountRequest->changePermissions;
+                $accountRequest->changeOwner = $accountRequest->userId > 0
+                    && ($userData->getIsAdminApp()
+                        || $userData->getIsAdminAcc()
+                        || ($userProfile->isAccPermission()
+                            && $userData->getId() === $account->getUserId()));
+
+                $accountRequest->changeUserGroup = $accountRequest->userGroupId > 0
+                    && ($userData->getIsAdminApp()
+                        || $userData->getIsAdminAcc()
+                        || ($userProfile->isAccPermission()
+                            && ($userData->getUserGroupId() === $account->getUserGroupId())
+                            || $userData->getId() === $account->getUserId()));
+            }

            $this->addHistory($accountRequest->id);