Make admin

exam/classes/Models/User/User.php

@@ -425,7 +425,7 @@ class User implements JsonSerializable
   }
 
   /**
-   * Update post
+   * Update user
    *
    * Does nothing if new all fields are empty
    *
@@ -515,7 +515,7 @@ class User implements JsonSerializable
   }
 
   /**
-   * Update post
+   * Update user
    *
    * Does nothing if all fields are empty
    *
@@ -600,6 +600,56 @@ class User implements JsonSerializable
     return User::getByID($this->id);
   }
 
+  /**
+   * Update user
+   *
+   * Does nothing if new all fields are empty
+   *
+   * @param ?bool $isAdmin Admin permission
+   *
+   * @throws Failed Failed to update admin status
+   */
+  public function updatePermissions(?bool $isAdmin): User
+  {
+    $db = Database::getInstance();
+
+    // Make sure we do all changes or none
+    $db->beginTransaction();
+
+    $failed = [];
+    $reasons = [];
+    if (isset($isAdmin)) {
+      $stmt = $db->prepare("UPDATE egb_benutzer SET isadmin = :ADM WHERE id = :ID");
+      $stmt->bindValue(":ADM", $isAdmin);
+      $stmt->bindValue(":ID", $this->id);
+      try {
+        if (!$stmt->execute()) {
+          array_push($failed, "username");
+          array_push($reasons, "generic");
+        }
+      } catch (Exception $e) {
+        array_push($failed, "username");
+        if ($e->getCode() === "23000") {
+          $pdoErr = $stmt->errorInfo()[1];
+          if ($pdoErr === 1062) array_push($reasons, "Duplicate");
+          else array_push($reasons, "SQL: $pdoErr");
+        } else array_push($reasons, "{$e->getCode()}");
+      }
+    }
+
+    if (count($failed) > 0) {
+      // We failed, go back
+      $db->rollBack();
+
+      throw ApiError::failedUpdate($failed, $reasons);
+    }
+
+    // Commit the changes
+    $db->commit();
+
+    return User::getByID($this->id);
+  }
+
   /**
    * Delete user and image
    *