X-Git-Url: http://git.roojs.org/?p=Pman.Core;a=blobdiff_plain;f=GroupCountries.php;h=e694d8d8668675773cd932c36d01202837cbae7e;hp=288cef9e7f545a81e0bacb057978ab68845f1c49;hb=refs%2Fheads%2Fwip_alan_T5884_add_photo_to_report;hpb=56b7340769403487d5b236642555582d0dae8e16 diff --git a/GroupCountries.php b/GroupCountries.php index 288cef9e..e694d8d8 100644 --- a/GroupCountries.php +++ b/GroupCountries.php @@ -1,16 +1,82 @@ getAuthUser(); + if (!$au) { + $this->jerr("Not authenticated", array('authFailure' => true)); + } + if ($au->company()->comptype != 'OWNER') { + $this->jerr("Permission Denied" ); + } + $this->authUser = $au; + return true; + } + + function get($v, $opts=array()) + { + $this->post($v); + } + + function post($v) + { + if (!$this->hasPerm( 'Core.Groups','E')) { // editing groups.. + $this->jerr("PERMISSION DENIED"); + } + + $users = explode(',', $_REQUEST['user_ids']); + + $cls = $_REQUEST['action'].'PersonToCountry';// add or sup + $this->$cls($users); + + print_r($_REQUEST); + } + + function addPersonToCountry($users) + { + foreach($users as $id){ + $p = DB_DataObject::factory('core_person'); + if(!$p->get($id)){ + $this->jerr('This Person is not exsiting'); + } + $c = explode(',', $p->countries); + $c[] = $_REQUEST['country']; + sort($c); +// print_r($c); + $p->countries = implode(',', $c); + $p->update(); + } + $this->jok(true); + } + + function subPersonToCountry($users) + { + foreach($users as $id){ + $p = DB_DataObject::factory('core_person'); + if(!$p->get($id)){ + $this->jerr('This Person is not exsiting'); + } + $c = explode(',', $p->countries); + if(($key = array_search($_REQUEST['country'], $c)) !== false) { + unset($c[$key]); + } + sort($c); +// print_r($c); + $p->countries = implode(',', $c); + $p->update(); + } + $this->jok(true); + } + }