Index: site-manage-tool/tool/src/java/org/sakaiproject/site/tool/SiteAction.java =================================================================== --- site-manage-tool/tool/src/java/org/sakaiproject/site/tool/SiteAction.java (revision 22819) +++ site-manage-tool/tool/src/java/org/sakaiproject/site/tool/SiteAction.java (working copy) @@ -7116,11 +7116,10 @@ || SiteService.allowUpdateSiteMembership(s.getId())) { try { AuthzGroup realmEdit = AuthzGroupService.getAuthzGroup(realmId); - // does the site has maintain type user(s) before updating - // participants? + // SAK-23029 - create list of maintainers to compare to removal list String maintainRoleString = realmEdit.getMaintainRole(); - boolean hadMaintainUser = !realmEdit.getUsersHasRole( - maintainRoleString).isEmpty(); + Set maintainers = realmEdit.getUsersHasRole(maintainRoleString); // this list will empty as maintainers are removed + boolean hadMaintainUser = !maintainers.isEmpty(); // store whether list started with some maintainers // update participant roles List participants = collectionToList((Collection) state.getAttribute(STATE_PARTICIPANT_LIST)); @@ -7204,20 +7203,29 @@ String rId = (String) removals.get(i); try { User user = UserDirectoryService.getUser(rId); - // save role for permission check - if (user != null) - { + // save role for permission check + if (user != null) { String userId = user.getId(); - Member userMember = realmEdit.getMember(userId); - if (userMember != null) - { - Role role = userMember.getRole(); - if (role != null) - { - roles.add(role.getId()); + // SAK 23029 If selected user for removal is a maintainer, remove it from the maintainers list + if (maintainers.contains(userId)) { + maintainers.remove(userId); + } + // are there no more maintainers or did the site orginally have no maintainers? + if (maintainers.isEmpty() && (hadMaintainUser == true)) { + addAlert( + state, + rb.getFormattedMessage("sitegen.siteinfolist.lastmaintainuser", new Object[]{maintainRoleString} )); + } else { + Member userMember = realmEdit + .getMember(userId); + if (userMember != null) { + Role role = userMember.getRole(); + if (role != null) { + roles.add(role.getId()); + } + realmEdit.removeMember(userId); + usersDeleted.add("uid=" + userId); } - realmEdit.removeMember(userId); - usersDeleted.add("uid=" + userId); } } } catch (UserNotDefinedException e) { @@ -7226,8 +7234,7 @@ } } - // if user doesn't have update, don't let them add - // or remove any role with site.upd in it. + // if user doesn't have update, don't let them add or remove any role with site.upd in it. if (!AuthzGroupService.allowUpdate(realmId)) { // see if any changed have site.upd @@ -7239,40 +7246,38 @@ } } } + AuthzGroupService.save(realmEdit); - if (hadMaintainUser - && realmEdit.getUsersHasRole(maintainRoleString) - .isEmpty()) { - // if after update, the "had maintain type user" status - // changed, show alert message and don't save the update - addAlert(state, rb - .getString("sitegen.siteinfolist.nomaintainuser") - + maintainRoleString + "."); - } else { - - AuthzGroupService.save(realmEdit); + // then update all related group realms for the role + doUpdate_related_group_participants(s, realmId); - // then update all related group realms for the role - doUpdate_related_group_participants(s, realmId); - - // post event about the participant update - EventTrackingService.post(EventTrackingService.newEvent(SiteService.SECURE_UPDATE_SITE_MEMBERSHIP, realmEdit.getId(),false)); - - // check the configuration setting, whether logging membership change at individual level is allowed - if (ServerConfigurationService.getBoolean(SiteHelper.WSETUP_TRACK_USER_MEMBERSHIP_CHANGE, false)) - { - // event for each individual update - for (String userChangedRole : userUpdated) - { - EventTrackingService.post(EventTrackingService.newEvent(org.sakaiproject.site.api.SiteService.EVENT_USER_SITE_MEMBERSHIP_UPDATE, userChangedRole,true)); - } - // event for each individual remove - for (String userDeleted : usersDeleted) - { - EventTrackingService.post(EventTrackingService.newEvent(org.sakaiproject.site.api.SiteService.EVENT_USER_SITE_MEMBERSHIP_REMOVE, userDeleted,true)); - } + // post event about the participant update + EventTrackingService.post(EventTrackingService.newEvent( + SiteService.SECURE_UPDATE_SITE_MEMBERSHIP, + realmEdit.getId(), false)); + + // check the configuration setting, whether logging membership + // change at individual level is allowed + if (ServerConfigurationService.getBoolean( + SiteHelper.WSETUP_TRACK_USER_MEMBERSHIP_CHANGE, false)) { + // event for each individual update + for (String userChangedRole : userUpdated) { + EventTrackingService + .post(EventTrackingService + .newEvent( + org.sakaiproject.site.api.SiteService.EVENT_USER_SITE_MEMBERSHIP_UPDATE, + userChangedRole, true)); } + // event for each individual remove + for (String userDeleted : usersDeleted) { + EventTrackingService + .post(EventTrackingService + .newEvent( + org.sakaiproject.site.api.SiteService.EVENT_USER_SITE_MEMBERSHIP_REMOVE, + userDeleted, true)); + } } + } catch (GroupNotDefinedException e) { addAlert(state, rb.getString("java.problem2")); M_log.warn(this + ".doUpdate_participant: IdUnusedException " + s.getTitle() + "(" + realmId + "). ", e); Index: site-manage-tool/tool/src/bundle/sitesetupgeneric.properties =================================================================== --- site-manage-tool/tool/src/bundle/sitesetupgeneric.properties (revision 22765) +++ site-manage-tool/tool/src/bundle/sitesetupgeneric.properties (working copy) @@ -773,6 +773,7 @@ sitegen.siteinfolist.cancel = Cancel sitegen.siteinfolist.roledes = Role Descriptions sitegen.siteinfolist.nomaintainuser = The site has to have at least one user with role +sitegen.siteinfolist.lastmaintainuser = Cannot delete last user with role ''{0}'' sitegen.siteinfolist.siteurl= Site URL sitegen.siteinfolist.close=Close (or Esc) sitegen.siteinfolist.nosd=No short description provided