/
properties.php
116 lines (106 loc) · 3.79 KB
/
properties.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
<?php
namespace Concrete\Controller\Dialog\User\Bulk;
use Concrete\Controller\Backend\UserInterface as BackendInterfaceController;
use PermissionKey;
use Concrete\Core\Http\ResponseAssetGroup;
use Permissions;
use Concrete\Core\User\EditResponse as UserEditResponse;
use UserAttributeKey;
use Loader;
use UserInfo;
use Exception;
class Properties extends BackendInterfaceController
{
protected $viewPath = '/dialogs/user/bulk/properties';
protected $users = array();
protected $canEdit = false;
protected function canAccess()
{
$tp = Loader::helper('concrete/user');
if ($tp->canAccessUserSearchInterface()) {
$this->populateUsers();
}
return $this->canEdit;
}
protected function populateUsers()
{
if (is_array($_REQUEST['item'])) {
foreach ($_REQUEST['item'] as $uID) {
$ui = UserInfo::getByID($uID);
if (is_object($ui) && !$ui->isError()) {
$this->users[] = $ui;
}
}
}
$allowedEditAttributes = array();
$pk = PermissionKey::getByHandle('edit_user_properties');
$assignment = $pk->getMyAssignment();
if (is_object($assignment)) {
$this->allowedEditAttributes = $assignment->getAttributesAllowedArray();
$this->set('allowedEditAttributes', $this->allowedEditAttributes);
}
if (count($this->users) > 0) {
$this->canEdit = true;
foreach ($this->users as $ui) {
$up = new Permissions($ui);
if (!$up->canEditUser()) {
$this->canEdit = false;
}
}
} else {
$this->canEdit = false;
}
return $this->canEdit;
}
public function view()
{
$r = ResponseAssetGroup::get();
$r->requireAsset('core/app/editable-fields');
$this->populateUsers();
$form = Loader::helper('form');
$attribs = UserAttributeKey::getList();
$this->set('users', $this->users);
$this->set('attributes', $attribs);
}
public function updateAttribute()
{
$ur = new UserEditResponse();
$ak = UserAttributeKey::getByID($_REQUEST['name']);
if ($this->validateAction()) {
$this->populateUsers();
if ($this->canEdit && in_array($ak->getAttributeKeyID(), $this->allowedEditAttributes)) {
foreach ($this->users as $ui) {
$ui->saveUserAttributesForm(array($ak));
$ui->reindex();
}
$ur->setUsers($this->users);
$val = $ui->getAttributeValueObject($ak);
$ur->setAdditionalDataAttribute('value', $val->getDisplayValue());
$ur->setMessage(t('Users updated successfully.'));
} else {
throw new Exception(t("You don't have access to update this attribute."));
}
}
$ur->outputJSON();
}
public function clearAttribute()
{
$ur = new UserEditResponse();
$ak = UserAttributeKey::getByID($_REQUEST['akID']);
if ($this->validateAction()) {
$this->populateUsers();
if ($this->canEdit && in_array($ak->getAttributeKeyID(), $this->allowedEditAttributes)) {
foreach ($this->users as $ui) {
$ui->clearAttribute($ak);
$ui->reindex();
}
$ur->setUsers($this->users);
$ur->setAdditionalDataAttribute('value', false);
$ur->setMessage(t('Attributes cleared successfully.'));
} else {
throw new Exception(t("You don't have access to update this attribute."));
}
}
$ur->outputJSON();
}
}