diff --git a/app/controllers/messages.php b/app/controllers/messages.php
index 2ec5d324242f1764066b2e99d114618b89fc285d..34112461348092ead460450cb33993bc84f0761e 100644
--- a/app/controllers/messages.php
+++ b/app/controllers/messages.php
@@ -269,60 +269,60 @@ class MessagesController extends AuthenticatedController {
}
//check if the message shall be sent to all members of an institute:
- if(Request::get('inst_id') && $GLOBALS['perm']->have_perm('admin')) {
- $query = "SELECT user_id FROM user_inst WHERE Institut_id = ? AND inst_perms != 'user'";
- $this->default_message->receivers = DBManager::get()->fetchAll($query, [Request::option('inst_id')], 'MessageUser::build');
+ if (Request::get('inst_id') && $GLOBALS['perm']->have_studip_perm('admin', Request::get('inst_id'))) {
+ if (Request::get('filter') === 'inst_status') {
+ $query = "SELECT user_id, 'rec' AS snd_rec
+ FROM user_inst
+ JOIN auth_user_md5 USING (user_id)
+ WHERE Institut_id = ? AND inst_perms = ?
+ ORDER BY Nachname, Vorname";
+ } else {
+ $query = "SELECT user_id, 'rec' AS snd_rec
+ FROM user_inst
+ JOIN auth_user_md5 USING (user_id)
+ WHERE Institut_id = ? AND inst_perms != 'user'
+ ORDER BY Nachname, Vorname";
+ }
+ $this->default_message->receivers = DBManager::get()->fetchAll($query, [Request::option('inst_id'), Request::option('who')], 'MessageUser::build');
}
//check if the message shall be sent to all (or some) members of a course:
$filter = Request::get('filter');
- if ($filter && Request::option("course_id")) {
- $additional = '';
- $course = new Course(Request::option('course_id'));
- $allow_tutor_filters = false;
- if ($GLOBALS['perm']->have_studip_perm('tutor', $course->id) || $course->getSemClass()['studygroup_mode'] || CourseConfig::get($course->id)->COURSE_STUDENT_MAILING) {
- $allow_tutor_filters = true;
- $additional = " AND seminar_user.visible != 'no'";
- }
- $this->default_message->receivers = [];
- $query = '';
- $params = [$course->id, Request::option('who')];
-
- if ($filter === 'send_sms_to_all' && $allow_tutor_filters) {
- $query = "SELECT user_id, 'rec' AS snd_rec
+ $course = Course::find(Request::option('course_id'));
+ if ($filter && $course) {
+ if ($GLOBALS['perm']->have_studip_perm('tutor', $course->id)
+ || ($GLOBALS['perm']->have_studip_perm('autor', $course->id)
+ && ($course->getSemClass()['studygroup_mode'] || CourseConfig::get($course->id)->COURSE_STUDENT_MAILING))) {
+ $this->default_message->receivers = [];
+ $query = '';
+ $params = [$course->id, Request::option('who')];
+ if ($GLOBALS['perm']->have_studip_perm('tutor', $course->id)) {
+ if ($filter === 'send_sms_to_all') {
+ $query = "SELECT user_id, 'rec' AS snd_rec
FROM seminar_user
JOIN auth_user_md5 USING (user_id)
- WHERE Seminar_id = ? AND status = ? {$additional}
+ WHERE Seminar_id = ? AND status = ?
ORDER BY Nachname, Vorname";
- } elseif ($filter === 'all') {
- $query = "SELECT user_id, 'rec' AS snd_rec
+ } elseif ($filter === 'all') {
+ $query = "SELECT user_id, 'rec' AS snd_rec
FROM seminar_user
JOIN auth_user_md5 USING (user_id)
- WHERE Seminar_id = ? {$additional}
+ WHERE Seminar_id = ?
ORDER BY Nachname, Vorname";
- } elseif ($filter === 'prelim' && $allow_tutor_filters) {
- $query = "SELECT user_id, 'rec' AS snd_rec
+ } elseif ($filter === 'prelim') {
+ $query = "SELECT user_id, 'rec' AS snd_rec
FROM admission_seminar_user
JOIN auth_user_md5 USING (user_id)
WHERE seminar_id = ? AND status = 'accepted'
- {$additional}
ORDER BY Nachname, Vorname";
- } elseif ($filter === 'awaiting' && $allow_tutor_filters) {
- $query = "SELECT user_id, 'rec' AS snd_rec
+ } elseif ($filter === 'awaiting') {
+ $query = "SELECT user_id, 'rec' AS snd_rec
FROM admission_seminar_user
JOIN auth_user_md5 USING (user_id)
WHERE seminar_id = ? AND status = 'awaiting'
- {$additional}
ORDER BY Nachname, Vorname";
- } elseif ($filter === 'inst_status') {
- $query = "SELECT user_id, 'rec' AS snd_rec
- FROM user_inst
- JOIN auth_user_md5 USING (user_id)
- WHERE Institut_id = ? AND inst_perms = ?
- {$additional}
- ORDER BY Nachname, Vorname";
- } elseif ($filter === 'not_grouped' && $allow_tutor_filters) {
- $query = "SELECT seminar_user.user_id, 'rec' as snd_rec
+ } elseif ($filter === 'not_grouped') {
+ $query = "SELECT seminar_user.user_id, 'rec' as snd_rec
FROM seminar_user
JOIN auth_user_md5 USING (user_id)
LEFT JOIN statusgruppen ON range_id = seminar_id
@@ -332,16 +332,24 @@ class MessagesController extends AuthenticatedController {
GROUP BY seminar_user.user_id
HAVING COUNT(statusgruppe_user.statusgruppe_id) = 0
ORDER BY Nachname, Vorname";
- } elseif ($filter === 'claiming' && $allow_tutor_filters) {
- $cs = CourseSet::getSetForCourse($course->id);
- if (is_object($cs) && !$cs->hasAlgorithmRun()) {
- foreach (AdmissionPriority::getPrioritiesByCourse($cs->getId(), $course->id) as $user_id => $p) {
- $this->default_message->receivers = MessageUser::build(['user_id' => $user_id, 'snd_rec' => 'rec']);
+ } elseif ($filter === 'claiming') {
+ $cs = CourseSet::getSetForCourse($course->id);
+ if (is_object($cs) && !$cs->hasAlgorithmRun()) {
+ foreach (AdmissionPriority::getPrioritiesByCourse($cs->getId(), $course->id) as $user_id => $p) {
+ $this->default_message->receivers[] = MessageUser::build(['user_id' => $user_id, 'snd_rec' => 'rec']);
+ }
+ }
}
+ } else {
+ $query = "SELECT user_id, 'rec' AS snd_rec
+ FROM seminar_user
+ JOIN auth_user_md5 USING (user_id)
+ WHERE Seminar_id = ? AND seminar_user.visible != 'no'
+ ORDER BY Nachname, Vorname";
+ }
+ if ($query) {
+ $this->default_message->receivers = DBManager::get()->fetchAll($query, $params, 'MessageUser::build');
}
- }
- if ($query) {
- $this->default_message->receivers = DBManager::get()->fetchAll($query, $params, 'MessageUser::build');
}
}
diff --git a/app/views/institute/members/_table_body.php b/app/views/institute/members/_table_body.php
index 284a46c38d88bec645ed7a4709c1a012faca7960..90d7c02637e912868ab32d70899e8d7673d04602 100644
--- a/app/views/institute/members/_table_body.php
+++ b/app/views/institute/members/_table_body.php
@@ -12,7 +12,7 @@
$controller->url_for('messages/write?filter=inst_status', [
'who' => $key,
'default_subject' => Context::get()->Name,
- 'course_id' => Context::getId(),
+ 'inst_id' => Context::getId(),
]),
sprintf(_('Nachricht an alle Mitglieder mit dem Status %s verschicken'), $th_title),
Icon::create('mail', 'clickable'),