Super User

As a super user, I could not edit user information e.g last name or first name I got this error

User may not change roles

Any idea why!

Is this possibly related to the changes you've been making dealing with the Users form?

Even a super user can't edit their own role, and the system will give this error if you include the "role" form element.

I am not sure if I understand you.
I am a super user and I login as my self and I tried to update my email address, but I could not and I got this error.

You are saying a super user can not do that, then how a super user can change his email address e.g?

Nancy

What I'm referring to is that I seem to remember you made some changes to the Users form or the Users controller.

A super user can change their own name, and their own email and other details.

What they can't do is change their role. I know you're not actually changing your role, but that Role dropdown list shouldn't even be on the form, even if you're not changing it.

The normal Omeka users form doesn't put the "Role" element on the form if a user is editing themselves. My first guess is that, if you've been modifying that form, you've lost or omitted the behavior that keeps that Role dropdown off the form.

yes yes, your right, I have integrated user's information name, with role and group list in one form and I use this form.

Hmm! I do not get the error when I change other users information, roles.... bc they are not super user.

Any ideas!

If you look at the original UsersController's _getUserForm method, you'll see it checks whether the user has permission to change this user's role (that's the hasRoleElement line).

You just need to make sure your custom form uses the same logic (or something similar).

Hi John,

I was able to solve my problem thanks.
But while I am fixing this issue, I come a cross this question and I am not sure should I create a new post for it to post it here.

I might asked this question before but I am not sure if it has been answered yet!.

I have a plug in and a controller in my plugin.
this is the code in my controller.

require_once 'Zend/Application.php';
require_once CONTROLLER_DIR.'/UsersController.php';

class Omlibrary_OmlibraryController extends UsersController {

protected $_publicActions = array('delete');

public function addAction() {
$user = new User();
try {
if ($user->saveForm($_POST)) {
$this->flashSuccess('The user "' . $user->username . '" was successfully added!');

if(!empty($user->group[0])){
$groups = $user->group;
foreach($groups as $group)
{
$newGrouping = new Omlibrarygrouping;
$newGrouping->entity_id = $user->entity_id;
$newGrouping->group_id = $group;
$newGrouping->save();
}
}
$this->_helper->redirector->gotoUrl('/users/browse');
}
} catch (Omeka_Validator_Exception $e) {
$this->flashValidationErrors($e);
}
}

I also have a two other files created under views/admin/omlibrary/form.php and add.php

My question is : Is this is the right way to connect my form to my controller and my Add function will load my form when I click on Addaction.

If yes, then what was the purpose of $this->view->form = $form; I see under Addaction in Userscontroller.php file in Omeka.

Thanks

You usually need to pass some data from the controller to the view, and that's what the $this->view->form stuff is about.

That particular case is happening because the Users form is a Zend_Form, which can be used for both displaying the form and collecting and validating the data. To do that, you need access to the form object in both the controller and the view, so we create the form in the controller, and pass it to the view to be displayed.

You don't need to do things this way, though. If you're hand-writing your form out, or you're using Zend_Form but only for display, you may very well not need to pass anything to the view for an "add" page.

Thanks John,

I will leave the Addaction as it is.

I solved the problem as a super user to edit super user own information after it was sending me an error "user may not change roles". But I am not sure if this is the right way to proceed.

My editaction in my controller looks like that:

public function editAction() {

$user = $this->findById();

$currentUser = $this->getCurrentUser();

$form = $this->_getUserForm($user);
$form->setDefaults(array(
'username' => $user->username,
'first_name' => $user->first_name,
'last_name' => $user->last_name,
'email' => $user->email,
'institution' => $user->institution,
'role' => $user->role,
'active' => $user->active,
'group' => $user->group
));

$this->view->user = $user;

try {
$values = $form->getValues();
if ((!empty($_POST)) && ($currentUser->role == 'super') && ($currentUser->id==$user->id)){
$values['email'] = $_POST['email'];
$values['username']=$_POST['username'];
$values['first_name'] = $_POST['first_name'];
$values['last_name']=$_POST['last_name'];
$values['institution'] = $_POST['institution'];
$values['active']=$_POST['active'];
$values['group']=$_POST['group'];
$_POST=$values;
}
if ($user->saveForm($_POST)) {
$this->flashSuccess('The user "' . $user->username . '" was successfully changed!');
//delete all groups related to user with this entity_id
$grouping = new Omlibrarygrouping;
$grouping->deleteGroupingRecords($user['entity_id']);
// add groups selected for this user
$groups = $user->group;

foreach($groups as $group)
{
$newGrouping = new Omlibrarygrouping;
$newGrouping->entity_id = $user->entity_id;
$newGrouping->group_id = $group;
$newGrouping->save();
}

if ($user->id == $currentUser->id) {
$this->_helper->redirector->gotoUrl('/users/browse');
} else {
$this->_helper->redirector->gotoUrl('/users/browse');
}
}
} catch (Omeka_Validator_Exception $e) {
$this->flashValidationErrors($e);

} catch (Exception $e) {
$this->flashError($e->getMessage());

}
}
}

The reason behind this solution:

My form send to the post the role element every time a user click on save, so I had to delete the role from the post and send the post again to be saved. that saved updated data and stop the error message.

My form looks like this:

<?php if(!isset($user)) {
$user = new User;
$user->setArray($_POST);
}
?>

<?php echo flash(); ?>
<fieldset>
<div class="field">
<?php echo label('username','username'); ?>
<div class="inputs">
<?php echo text(array('name'=>'username', 'class'=>'textinput', 'size'=>'30','id'=>'username'),$user->username); ?>
</div>
<?php echo form_error('username'); ?>
</div>

<div class="field">
<?php echo label('first_name','First Name'); ?>

<div class="inputs">
<?php
$firstNameValue = ((!empty($user->first_name)) ? $user->first_name : $_POST['first_name']);
echo text(array('name'=>'first_name', 'size'=>'30', 'class'=>'textinput', 'id'=>'first_name'), $firstNameValue);
?>
</div>

<?php echo form_error('first_name'); ?>

</div>
<?php if (has_permission('Users','ChangeRole') ): ?>
<div class="field">
<?php echo label('role','Role'); ?>
<div class="inputs">
<?php
$roleValue = ((!empty($user->role)) ? $user->role : $_POST['role']);
echo select(array('name'=>'role','id'=>'role'),get_user_roles(), $roleValue);
?>
</div>
<?php echo form_error('role'); ?>
</div>
<?php endif; ?>

I found out the if (has_permission('Users','ChangeRole') always return true. so I had to do the check if the current user is a super user then he can not change the role.

It would be good If I could check that in the form to not display the role element but I did not know how to access the current user data.

Thanks

John,

I am trying to access the after_save_ExhibitSection or anything similar that will trigger when the user click on save button in Section form in exhibit but the hook did not trigger even though there is a class of ExhibitSection extend from Omeka_record.

thanks
Nancy

When you say that has_permission('Users', 'changeRole') always returns true, are you logged in as the super user? I suspect that if you log in as a user the role of 'Researcher', that it will return false, as expected.

Sure I agree.

Is there an after_save hook I can use when a user save sections or pages in exhibit builder.

I tried after_save_exhibitsection, after_save_section all other compitation corresponding to the classes created under model folder in exhibitbuilder but still not the right hook!

The pattern for changing CamelCased model names to the hook names is to include an underscore before a capital letter. So the hook for ExhibitSection is after_save_exhibit_section