From b6c0d202151ae21c1c8d7a3042cc7968c03a772e Mon Sep 17 00:00:00 2001
From: Mike Koch <mkoch227@gmail.com>
Date: Sun, 7 Jun 2015 18:09:25 -0400
Subject: [PATCH] #208 Revoke manager rights if they are deactivated / deleted

Or if category access is removed
---
 admin/manage_users.php | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/admin/manage_users.php b/admin/manage_users.php
index 5e2e4d59..ba0346bc 100644
--- a/admin/manage_users.php
+++ b/admin/manage_users.php
@@ -685,6 +685,31 @@ function update_user()
         hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `owner`=0 WHERE `owner`='".intval($myuser['id'])."' AND `category` NOT IN (".$myuser['categories'].")");
     }
 
+    // Find the list of categories they are manager of. If they no longer have access to the category, revoke their manager permission.
+    if ($myuser['isadmin']) {
+        // Admins can't be managers
+        hesk_dbQuery('UPDATE `'.hesk_dbEscape($hesk_settings['db_pfix']).'categories` SET `manager` = 0 WHERE `manager` = '.intval($myuser['id']));
+    } else {
+        $currentCatRs = hesk_dbQuery("SELECT `categories` FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `id` = '".intval($myuser['id'])."' LIMIT 1");
+        $rowOfCategories = hesk_dbFetchAssoc($currentCatRs);
+        $cats = $rowOfCategories['categories'];
+        $currentCategories = explode(',', $cats);
+        $newCategories = explode(',', $myuser['categories']);
+
+        // If any any elements are in current but not in new, add them to the revoke array
+        $revokeCats = array();
+        foreach ($currentCategories as $currentCategory) {
+            if (!in_array($currentCategory, $newCategories) && $currentCategory != '') {
+                array_push($revokeCats, $currentCategory);
+            }
+        }
+
+        if (count($revokeCats) > 0) {
+            hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `manager` = 0 WHERE `id` IN (" . implode(',', $revokeCats) . ")");
+        }
+    }
+
+
 	hesk_dbQuery(
     "UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` SET
     `user`='".hesk_dbEscape($myuser['user'])."',
@@ -714,6 +739,13 @@ function update_user()
 	`autorefresh`=".intval($myuser['autorefresh'])."
     WHERE `id`='".intval($myuser['id'])."' LIMIT 1");
 
+    // If they are now inactive, remove any manager rights
+    if (!$myuser['active']) {
+        hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` SET `manager` = 0 WHERE `manager` = ".intval($myuser['id']));
+    }
+
+
+
     unset($_SESSION['save_userdata']);
     unset($_SESSION['userdata']);
 
@@ -892,6 +924,9 @@ function remove()
         hesk_process_messages($hesklang['cant_del_own'],'./manage_users.php');
     }
 
+    // Revoke manager rights
+    hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` SET `manager` = 0 WHERE `manager` = ".intval($myuser));
+
     /* Un-assign all tickets for this user */
     $res = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `owner`=0 WHERE `owner`='".intval($myuser)."'");
 
@@ -962,9 +997,14 @@ function toggle_active()
     {
         $active = 0;
         $tmp = $hesklang['user_deactivated'];
+
+        // Revoke any manager rights
+        hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` SET `manager` = 0 WHERE `manager` = ".intval($myuser));
+
         $notificationSql = ", `autoassign` = 0, `notify_new_unassigned` = 0, `notify_new_my` = 0, `notify_reply_unassigned` = 0,
         `notify_reply_my` = 0, `notify_assigned` = 0, `notify_pm` = 0, `notify_note` = 0, `notify_note_unassigned` = 0";
     }
+
     hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` SET `active` = '".$active."'".$notificationSql." WHERE `id` = '".intval($myuser)."'");
 
     if (hesk_dbAffectedRows() != 1) {