parent::getAuth(); // load company!
$au = $this->getAuthUser();
if (!$au) {
- $this->jerr("Not authenticated", array('authFailure' => true));
+ $this->jerror("LOGIN-NOAUTH", "Not authenticated", array('authFailure' => true));
}
if ($au->company()->comptype !='OWNER') {
if (!isset($_GET['group_id']) || (int)$_GET['group_id'] < 0) {
$this->jerr("NO GROUP");
}
- if (!$this->hasPerm( 'Core.Groups','S')) { // listing groups..
+
+ if (!$this->checkPerm('E')) { // editing groups..
$this->jerr("PERMISSION DENIED");
}
- print_R('run??');exit;
+
$g = DB_DataObject::Factory('core_group');
if (!$g->get($_GET['group_id'])) {
$this->jerr("group is invalid");
$cur[$k] = clone($gr);
}
-
+ $short = explode('.',$k);
$ar[] = array(
'id' => $cur[$k]->id * 1, //
'rightname' => $k,
'descript' => isset($defdata[2]) ? $defdata[2] : '' ,
'accessmask' => $cur[$k]->accessmask,
'FullMask' => $defdata[0],
- 'group_id' => (int)$_GET['group_id']
+ 'group_id' => (int)$_GET['group_id'],
+ 'shortname' => $short[0]
);
}
+
+ if (isset($_GET['_sort'])) {
+ foreach ($ar as $key => $row) {
+ $shortname[$key] = $row['shortname'];
+ $descript[$key] = $row['descript'];
+ }
+
+ array_multisort($shortname, SORT_ASC, $descript, SORT_ASC, $ar);
+ }
+
$this->jdata($ar);
if (!isset($_POST['group_id']) || (int)$_POST['group_id'] < 0) {
$this->jerr("NO GROUP");
}
- if (!$this->hasPerm( 'Core.Groups','E')) { // editing groups..
+
+ if (!$this->checkPerm('E')) { // editing groups..
$this->jerr("PERMISSION DENIED");
}
-
-
-
-
// add or update..
if (!empty($_POST['dataUpdate'])) {
foreach($_POST['dataUpdate'] as $id => $ac) {
}
-
-
-
+ function checkPerm($lvl)
+ {
+ return $this->hasPerm('Core.Groups', $lvl);
+ }
}
\ No newline at end of file
projects / Pman.Admin / blobdiff