/
permissions.php
99 lines (90 loc) · 4.7 KB
/
permissions.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php
namespace Concrete\Controller\Event;
use Concrete\Core\Permission\Access\Entity\Entity as PermissionAccessEntity;
use Concrete\Core\Permission\Duration as PermissionDuration;
use Concrete\Core\Workflow\Workflow;
use Concrete\Core\Calendar\Calendar;
class Permissions extends \Concrete\Core\Controller\Controller
{
public function process()
{
$p = new \Permissions();
if ($p->canAccessTaskPermissions()) {
if ($_REQUEST['task'] == 'add_access_entity' && \Loader::helper("validation/token")->validate('add_access_entity')) {
$pk = \PermissionKey::getByID($_REQUEST['pkID']);
$pa = \PermissionAccess::getByID($_REQUEST['paID'], $pk);
$pe = PermissionAccessEntity::getByID($_REQUEST['peID']);
$pd = PermissionDuration::getByID($_REQUEST['pdID']);
$pa->addListItem($pe, $pd, $_REQUEST['accessType']);
}
if ($_REQUEST['task'] == 'remove_access_entity' && \Loader::helper("validation/token")->validate('remove_access_entity')) {
$pk = \PermissionKey::getByID($_REQUEST['pkID']);
$pa = \PermissionAccess::getByID($_REQUEST['paID'], $pk);
$pe = PermissionAccessEntity::getByID($_REQUEST['peID']);
$pa->removeListItem($pe);
}
if ($_REQUEST['task'] == 'save_permission' && \Loader::helper("validation/token")->validate('save_permission')) {
$pk = \PermissionKey::getByID($_REQUEST['pkID']);
$pa = \PermissionAccess::getByID($_REQUEST['paID'], $pk);
$pa->save($_POST);
$pa->clearWorkflows();
if (is_array($_POST['wfID'])) {
foreach ($_POST['wfID'] as $wfID) {
$wf = Workflow::getByID($wfID);
if (is_object($wf)) {
$pa->attachWorkflow($wf);
}
}
}
}
if ($_REQUEST['task'] == 'display_access_cell' && \Loader::helper("validation/token")->validate('display_access_cell')) {
$pk = \PermissionKey::getByID($_REQUEST['pkID']);
$pa = \PermissionAccess::getByID($_REQUEST['paID'], $pk);
\Loader::element('permission/labels', array('pk' => $pk, 'pa' => $pa));
}
}
}
public function processCalendar()
{
$calendar = Calendar::getByID($this->request->get('caID'));
$cp = new \Permissions($calendar);
if ($cp->canEditCalendarPermissions()) {
if ($_REQUEST['task'] == 'add_access_entity' && \Loader::helper("validation/token")->validate('add_access_entity')) {
$pk = \PermissionKey::getByID($_REQUEST['pkID']);
$pk->setPermissionObject($calendar);
$pa = \PermissionAccess::getByID($_REQUEST['paID'], $pk);
$pe = PermissionAccessEntity::getByID($_REQUEST['peID']);
$pd = PermissionDuration::getByID($_REQUEST['pdID']);
$pa->addListItem($pe, $pd, $_REQUEST['accessType']);
}
if ($_REQUEST['task'] == 'remove_access_entity' && \Loader::helper("validation/token")->validate('remove_access_entity')) {
$pk = \PermissionKey::getByID($_REQUEST['pkID']);
$pk->setPermissionObject($calendar);
$pa = \PermissionAccess::getByID($_REQUEST['paID'], $pk);
$pe = PermissionAccessEntity::getByID($_REQUEST['peID']);
$pa->removeListItem($pe);
}
if ($_REQUEST['task'] == 'save_permission' && \Loader::helper("validation/token")->validate('save_permission')) {
$pk = \PermissionKey::getByID($_REQUEST['pkID']);
$pk->setPermissionObject($calendar);
$pa = \PermissionAccess::getByID($_REQUEST['paID'], $pk);
$pa->save($_POST);
$pa->clearWorkflows();
if (is_array($_POST['wfID'])) {
foreach ($_POST['wfID'] as $wfID) {
$wf = Workflow::getByID($wfID);
if (is_object($wf)) {
$pa->attachWorkflow($wf);
}
}
}
}
if ($_REQUEST['task'] == 'display_access_cell' && \Loader::helper("validation/token")->validate('display_access_cell')) {
$pk = \PermissionKey::getByID($_REQUEST['pkID']);
$pk->setPermissionObject($calendar);
$pa = \PermissionAccess::getByID($_REQUEST['paID'], $pk);
\Loader::element('permission/labels', array('pk' => $pk, 'pa' => $pa));
}
}
}
}