Merge pull request #4471 from bozana/4340-master

#4340 Users in multicontext install are offered links to unprivileged contexts

Author: bozana

classes/context/ContextDAO.inc.php

@@ -109,6 +109,9 @@ function getAll($enabledOnly = false, $rangeInfo = null) {
 
 	/**
 	 * Retrieve available contexts.
+	 * If user-based contexts, retrieve all contexts assigned by user group
+	 *   or all contexts for site admin
+	 * If not user-based, retrieve all enabled contexts.
 	 * @param $userId int Optional user ID to find available contexts for
 	 * @param $rangeInfo Object optional
 	 * @return DAOResultFactory containing matching Contexts
@@ -122,12 +125,12 @@ function getAvailable($userId = null, $rangeInfo = null) {
 
 		$result = $this->retrieveRange(
 			'SELECT c.* FROM ' . $this->tableName . ' c
-			WHERE	c.enabled = 1 ' .
+			WHERE	' .
 				($userId?
-					'OR c.' . $this->primaryKeyColumn . ' IN (SELECT DISTINCT ug.context_id FROM user_groups ug JOIN user_user_groups uug ON (ug.user_group_id = uug.user_group_id) WHERE uug.user_id = ?)
-					OR ? IN (SELECT user_id FROM user_groups ug JOIN user_user_groups uug ON (ug.user_group_id = uug.user_group_id) WHERE ug.role_id = ?) '
-				:'') .
-			'ORDER BY seq',
+					'c.' . $this->_getPrimaryKeyColumn() . ' IN (SELECT DISTINCT ug.context_id FROM user_groups ug JOIN user_user_groups uug ON (ug.user_group_id = uug.user_group_id) WHERE uug.user_id = ?)
+					OR ? IN (SELECT user_id FROM user_groups ug JOIN user_user_groups uug ON (ug.user_group_id = uug.user_group_id) WHERE ug.role_id = ?)'
+				:'c.enabled = 1') .
+			' ORDER BY seq',
 			$params,
 			$rangeInfo
 		);

classes/security/RoleDAO.inc.php

@@ -140,12 +140,12 @@ function userHasRole($contextId, $userId, $roleId) {
 	 */
 	function getByUserId($userId, $contextId = null) {
 		$params = array((int) $userId);
-		if ($contextId) $params[] = (int) $contextId;
+		if ($contextId !== null) $params[] = (int) $contextId;
 		$result = $this->retrieve(
 			'SELECT	DISTINCT ug.role_id
 			FROM	user_groups ug
 				JOIN user_user_groups uug ON ug.user_group_id = uug.user_group_id
-			WHERE	uug.user_id = ?' . ($contextId?' AND ug.context_id = ?':''),
+			WHERE	uug.user_id = ?' . ($contextId !== null ? ' AND ug.context_id = ?' : ''),
 			$params
 		);
 

classes/services/PKPNavigationMenuService.inc.php

@@ -166,7 +166,7 @@ function getDisplayStatus(&$navigationMenuItem, &$navigationMenu) {
 				$navigationMenuItem->setIsDisplayed($isUserLoggedIn);
 				break;
 			case NMI_TYPE_ADMINISTRATION:
-				$navigationMenuItem->setIsDisplayed($isUserLoggedIn && ($currentUser->hasRole(array(ROLE_ID_SITE_ADMIN), $contextId) || $currentUser->hasRole(array(ROLE_ID_SITE_ADMIN), CONTEXT_SITE)));
+				$navigationMenuItem->setIsDisplayed($isUserLoggedIn && $currentUser->hasRole(array(ROLE_ID_SITE_ADMIN), CONTEXT_SITE));
 				break;
 			case NMI_TYPE_SEARCH:
 				$navigationMenuItem->setIsDisplayed($context);

classes/services/PKPSubmissionService.inc.php

@@ -183,7 +183,9 @@ public function getWorkflowUrlByUserRoles($submission, $userId = null) {
 		// Send authors, journal managers and site admins to the submission
 		// wizard for incomplete submissions
 		if ($submission->getSubmissionProgress() > 0 &&
-				($authorDashboard || $user->hasRole(array(ROLE_ID_MANAGER, ROLE_ID_SITE_ADMIN), $submissionContext->getId()))) {
+			($authorDashboard ||
+				$user->hasRole(array(ROLE_ID_MANAGER), $submissionContext->getId()) ||
+				$user->hasRole(array(ROLE_ID_SITE_ADMIN), CONTEXT_SITE))) {
 			return $dispatcher->url(
 				$request,
 				ROUTE_PAGE,
@@ -257,8 +259,7 @@ public function canCurrentUserDelete($submission) {
 		}
 
 		$request = Application::getRequest();
-		$context = $request->getContext();
-		$contextId = $context ? $context->getId() : 0;
+		$contextId = $submission->getContextId();
 
 		$currentUser = $request->getUser();
 		if (!$currentUser) {
@@ -269,7 +270,7 @@ public function canCurrentUserDelete($submission) {
 
 		// Only allow admins and journal managers to delete submissions, except
 		// for authors who can delete their own incomplete submissions
-		if ($currentUser->hasRole(array(ROLE_ID_MANAGER, ROLE_ID_SITE_ADMIN), $contextId)) {
+		if ($currentUser->hasRole(array(ROLE_ID_MANAGER), $contextId) || $currentUser->hasRole(array(ROLE_ID_SITE_ADMIN), CONTEXT_SITE)) {
 			$canDelete = true;
 		} else {
 			if ($submission->getSubmissionProgress() != 0 ) {
@@ -347,7 +348,7 @@ public function canUserViewAuthor($user, $submission) {
 
 		$contextId = $submission->getContextId();
 
-		if ($user->hasRole(array(ROLE_ID_MANAGER), $contextId) || $user->hasRole(array(ROLE_ID_SITE_ADMIN), CONTEXT_ID_NONE)) {
+		if ($user->hasRole(array(ROLE_ID_MANAGER), $contextId) || $user->hasRole(array(ROLE_ID_SITE_ADMIN), CONTEXT_SITE)) {
 			return true;
 		}
 

controllers/grid/queries/form/QueryForm.inc.php

@@ -231,7 +231,7 @@ function fetch($request, $template = null, $display = false, $actionArgs = array
 				}
 
 				// if current user is editor, add all reviewers
-				if ( $user->hasRole(array(ROLE_ID_MANAGER, ROLE_ID_SITE_ADMIN), $context->getId()) || array_intersect(array(ROLE_ID_SUB_EDITOR), $userRoles) ) {
+				if ( $user->hasRole(array(ROLE_ID_MANAGER), $context->getId()) || $user->hasRole(array(ROLE_ID_SITE_ADMIN), CONTEXT_SITE) || array_intersect(array(ROLE_ID_SUB_EDITOR), $userRoles) ) {
 					foreach ($reviewAssignments as $reviewAssignment) {
 						$includeUsers[] = $reviewAssignment->getReviewerId();
 					}

pages/dashboard/DashboardHandler.inc.php

@@ -94,7 +94,7 @@ function index($args, $request) {
 			),
 			'lazyLoad' => true,
 		);
-		if (!$currentUser->hasRole(array(ROLE_ID_SITE_ADMIN, ROLE_ID_MANAGER), $request->getContext()->getId())) {
+		if (!$currentUser->hasRole(array(ROLE_ID_MANAGER), $request->getContext()->getId()) && !$currentUser->hasRole(array(ROLE_ID_SITE_ADMIN), CONTEXT_SITE)) {
 			$params['getParams']['assignedTo'] = $currentUser->getId();
 		}
 		$archivedListPanel = new SubmissionsListPanel($params);

pages/user/ProfileHandler.inc.php

@@ -46,6 +46,18 @@ function authorize($request, &$args, $roleAssignments) {
 	 * @param $request PKPRequest
 	 */
 	function profile($args, $request) {
+		$context = $request->getContext();
+		if (!$context) {
+			$user = $request->getUser();
+			$contextDao = Application::getContextDAO();
+			$workingContexts = $contextDao->getAvailable($user?$user->getId():null);
+			if ($workingContexts && $workingContexts->getCount() == 1) {
+				$workingContext = $workingContexts->next();
+				$contextPath = $workingContext->getPath();
+				$request->redirect($contextPath, 'user', 'profile', null, $args);
+			}
+		}
+
 		if ($anchor = array_shift($args)) {
 			// Some requests will try to specify a tab name in the args. Redirect
 			// to use this as an anchor name instead.