getAuthUser(); if (!$au) { $this->jerr("Not authenticated", array('authFailure' => true)); } $this->authUser = $au; // check that it's a supplier!!!! return true; } function get($action) { // default action is to attempt to lock.. $action = empty($action) || $action == 'lock' ? 'lock' : 'unlock'; $this->$action(); } function unlock() { if (empty($_REQUEST['id'])) { $this->jerr("No lock id"); } $curlock = DB_DataObject::factory('Core_locking'); if (!$curlock->get($_REQUEST['id'])) { $this->jerr("No lock exists"); } if ($curlock->person_id != $this->authUser->id) { $this->jerr("Lock id is invalid"); } $curlock->delete(); $this->jok('unlocked'); } function lock() { if (empty($_REQUEST['on_id']) || empty($_REQUEST['on_table'])) { $this->jerr("Missing table or id"); } $tab = str_replace('/', '',$_REQUEST['on_table']); // basic protection?? $x = DB_DataObject::factory($tab); if (!$x->get($_REQUEST['on_id'])) { $this->jerr("Item does not exist"); } // is there a current lock on the item.. $curlock = DB_DataObject::factory('Core_locking'); $curlock->setFrom(array( 'on_id' => $_REQUEST['on_id'], 'on_table' => $_REQUEST['on_table'] )); $nlocks = $curlock->count() ; if ($nlocks && empty($_REQUEST['force'])) { $curlock->selectAdd(); $curlock->selectAdd('distinct(person_id), created'); $ar = $curlock->fetchAll('person_id', 'created'); $p = DB_DataObject::factory('Person'); $p->whereAddIn('id', $ar, 'int'); $p->find(); while ($p->fetch()) { $ret[$p->id] = $p->toRooArray(); $ret[$p->id]->lock_created = $ar[$p->id]; } $this->jok(array_values($ret)); } if ($nlocks) { // trash all the locks.. $curlock->find(); while($curlock->fetch()) { $cc =clone($curlock); $cc->delete(); } } // make a lock.. $curlock = DB_DataObject::factory('Core_locking'); $curlock->setFrom(array( 'on_id' => $_REQUEST['on_id'], 'on_table' => $_REQUEST['on_table'], 'created' => date('Y-m-d H:i:s'), 'person_id' => $this->authUser->id, )); $id = $curlock->insert(); $this->jok($id); } }