*/
public static function addMemberToGroups($adh, $groups, $manager = false, $transaction = false)
{
- global $zdb;
+ global $zdb, $login;
+
+ $managed_groups = [];
+ if (!$login->isSuperAdmin() && !$login->isAdmin() && !$login->isStaff()) {
+ $managed_groups = $login->getManagedGroups();
+ }
+
try {
if ($transaction === false) {
$zdb->connection->beginTransaction();
//first, remove current groups members
$delete = $zdb->delete($table);
$delete->where([Adherent::PK => $adh->id]);
+ if (count($managed_groups)) {
+ $delete->where->in(Group::PK, $managed_groups);
+ }
$zdb->execute($delete);
$msg = null;
foreach ($groups as $group) {
list($gid, $gname) = explode('|', $group);
+ if (count($managed_groups) && !in_array($gid, $managed_groups)) {
+ continue;
+ }
+
$result = $stmt->execute(
array(
'group' => $gid,