parent::getAuth(); // load company!
$au = $this->getAuthUser();
if (!$au) {
- $this->jerr("Not authenticated", array('authFailure' => true));
+ $this->jerror("LOGIN-NOAUTH", "Not authenticated", array('authFailure' => true));
}
if ($au->company()->comptype !='OWNER') {
// FOR PERMS - SEE THE DATAOBJECT!
- function get()
+ function get($v, $opts = Array())
{
// must recieve a group..
if (!isset($_GET['group_id']) || (int)$_GET['group_id'] < 0) {
$this->jerr("NO GROUP");
}
- if (!$this->hasPerm( 'Core.Groups','S')) { // listing groups..
+
+ if (!$this->checkPerm('E')) { // editing groups..
$this->jerr("PERMISSION DENIED");
}
- $g = DB_DataObject::Factory('groups');
+ $g = DB_DataObject::Factory('core_group');
if (!$g->get($_GET['group_id'])) {
$this->jerr("group is invalid");
}
//print_r($g);
// DB_DataObject::debugLevel(1);
- $p = DB_DataObject::factory('group_rights');
+ $p = DB_DataObject::factory('core_group_right');
$p->group_id = (int)$_GET['group_id'];
$p->find();
$cur = array();
while ($p->fetch()) {
$cur[$p->rightname] = clone($p);
}
+
+// print_r($cur);exit;
+
$e = -1;
$ar = array();
// echo "<PRE>"; print_r($p->defaultPermData() );
if (!isset($cur[$k])) {
// then there is no current access right for it..
//DB_DataObject::debugLevel(1);
- $gr = DB_DataObject::factory('group_rights');
+ $gr = DB_DataObject::factory('core_group_right');
$gr->group_id = (int)$_GET['group_id'];
$gr->rightname = $k;
$gr->accessmask = $g->type == 2 ? '' : $defdata[1]; // set to defaults.. unless it's a contact group.
$cur[$k] = clone($gr);
}
-
+ $short = explode('.',$k);
$ar[] = array(
'id' => $cur[$k]->id * 1, //
'rightname' => $k,
'descript' => isset($defdata[2]) ? $defdata[2] : '' ,
'accessmask' => $cur[$k]->accessmask,
'FullMask' => $defdata[0],
- 'group_id' => (int)$_GET['group_id']
+ 'group_id' => (int)$_GET['group_id'],
+ 'shortname' => $short[0]
);
}
+
+ if (isset($_GET['_sort'])) {
+ foreach ($ar as $key => $row) {
+ $shortname[$key] = $row['shortname'];
+ $descript[$key] = $row['descript'];
+ }
+
+ array_multisort($shortname, SORT_ASC, $descript, SORT_ASC, $ar);
+ }
+
$this->jdata($ar);
// post..
- function post()
+ function post($v)
{
if (!isset($_POST['group_id']) || (int)$_POST['group_id'] < 0) {
$this->jerr("NO GROUP");
}
- if (!$this->hasPerm( 'Core.Groups','E')) { // editing groups..
+
+ if (!$this->checkPerm('E')) { // editing groups..
$this->jerr("PERMISSION DENIED");
}
-
-
-
-
// add or update..
if (!empty($_POST['dataUpdate'])) {
foreach($_POST['dataUpdate'] as $id => $ac) {
- $p = DB_DataObject::factory('group_rights');
+ $id = (int)$id;
+ $p = DB_DataObject::factory('core_group_right');
$p->group_id = (int)$_POST['group_id'];
if (!$p->get($id)) {
$this->jerr("could not find gid:{$p->group_id} and $id");
}
if (!empty($_POST['dataAdd'])) {
foreach($_POST['dataAdd'] as $perm => $ac) {
- $p = DB_DataObject::factory('group_rights');
+ $p = DB_DataObject::factory('core_group_right');
$p->group_id = (int)$_POST['group_id'];
$p->rightname = $perm;
$p->accessmask = $ac;
}
-
-
-
+ function checkPerm($lvl)
+ {
+ return $this->hasPerm('Core.Groups', $lvl);
+ }
}
\ No newline at end of file
projects / Pman.Admin / blobdiff