Exclude the owner group from bulk actions

diff --git a/wcfsetup/install/files/lib/acp/form/UserGroupAssignmentAddForm.class.php b/wcfsetup/install/files/lib/acp/form/UserGroupAssignmentAddForm.class.php
index 3b67e4447f9fa84c046214561dfed4824d993606..5a33b512720a32ddb43920ef83e7fc594dfcc68c 100644 (file)
--- a/wcfsetup/install/files/lib/acp/form/UserGroupAssignmentAddForm.class.php
+++ b/wcfsetup/install/files/lib/acp/form/UserGroupAssignmentAddForm.class.php
@@ -82,7 +82,8 @@ class UserGroupAssignmentAddForm extends AbstractForm {
                $this->userGroups = UserGroup::getGroupsByType([], [
                        UserGroup::EVERYONE,
                        UserGroup::GUESTS,
-                       UserGroup::USERS
+                       UserGroup::OWNER,
+                       UserGroup::USERS,
                ]);
                foreach ($this->userGroups as $key => $userGroup) {
                        if (!$userGroup->isAccessible()) {

diff --git a/wcfsetup/install/files/lib/system/bulk/processing/user/AbstractUserBulkProcessingAction.class.php b/wcfsetup/install/files/lib/system/bulk/processing/user/AbstractUserBulkProcessingAction.class.php
index ad9003140a4180c8b16cc169a6b43eaa764e3897..41c4836211524b56b79b611f2427db47eca8a4c1 100644 (file)
--- a/wcfsetup/install/files/lib/system/bulk/processing/user/AbstractUserBulkProcessingAction.class.php
+++ b/wcfsetup/install/files/lib/system/bulk/processing/user/AbstractUserBulkProcessingAction.class.php
@@ -43,9 +43,18 @@ abstract class AbstractUserBulkProcessingAction extends AbstractBulkProcessingAc
                $statement->execute($conditionBuilder->getParameters());
                $groupIDs = $statement->fetchMap('userID', 'groupID', false);
                
+               $ownerGroupID = UserGroup::getOwnerGroupID();
+               
                $users = [];
                foreach ($userList as $user) {
-                       if (empty($groupIDs[$user->userID]) || UserGroup::isAccessibleGroup($groupIDs[$user->userID])) {
+                       if (empty($groupIDs[$user->userID])) {
+                               $users[$user->userID] = $user;
+                       }
+                       else if ($ownerGroupID && in_array($ownerGroupID, $groupIDs[$user->userID])) {
+                               // Bulk actions can never affect members of the owner group.
+                               continue;
+                       }
+                       else if (UserGroup::isAccessibleGroup($groupIDs[$user->userID])) {
                                $users[$user->userID] = $user;
                        }
                }

diff --git a/wcfsetup/install/files/lib/system/bulk/processing/user/AbstractUserGroupsUserBulkProcessingAction.class.php b/wcfsetup/install/files/lib/system/bulk/processing/user/AbstractUserGroupsUserBulkProcessingAction.class.php
index ccceecf7914adcd07dce2d4935b0dbc8983d0d10..45fe0c346c545ea4919b53f7cac15b8b71e9c4db 100644 (file)
--- a/wcfsetup/install/files/lib/system/bulk/processing/user/AbstractUserGroupsUserBulkProcessingAction.class.php
+++ b/wcfsetup/install/files/lib/system/bulk/processing/user/AbstractUserGroupsUserBulkProcessingAction.class.php
@@ -45,7 +45,7 @@ abstract class AbstractUserGroupsUserBulkProcessingAction extends AbstractUserBu
        public function __construct(DatabaseObject $object) {
                parent::__construct($object);
                
-               $this->availableUserGroups = UserGroup::getAccessibleGroups([], [UserGroup::GUESTS, UserGroup::EVERYONE, UserGroup::USERS]);
+               $this->availableUserGroups = UserGroup::getAccessibleGroups([], [UserGroup::GUESTS, UserGroup::EVERYONE, UserGroup::OWNER, UserGroup::USERS]);
                
                uasort($this->availableUserGroups, function(UserGroup $groupA, UserGroup $groupB) {
                        return strcmp($groupA->getName(), $groupB->getName());