X-Git-Url: http://git.roojs.org/?p=Pman.Core;a=blobdiff_plain;f=RooPostTrait.php;h=456aa7aa74fde6a79c2611ea8e8561f75ab5d5a8;hp=bd4b27130d88404c4b261bddf476b8130e7fde16;hb=a1a3ecba68d2fedabc8203e88b40759401d7472d;hpb=8796f7a504ece9bd35b52e0ea4f41aad7f2004e6 diff --git a/RooPostTrait.php b/RooPostTrait.php index bd4b2713..456aa7aa 100644 --- a/RooPostTrait.php +++ b/RooPostTrait.php @@ -66,7 +66,7 @@ trait Pman_Core_RooPostTrait { * * CALLS BEFORE change occurs: * - * beforeDelete($dependants_array, $roo) + * beforeDelete($dependants_array, $roo, $request) * Argument is an array of un-find/fetched dependant items. * - jerr() will stop insert.. (Prefered) * - return false for fail and set DO->err; @@ -119,7 +119,6 @@ trait Pman_Core_RooPostTrait { // do we really delete stuff!?!?!? return $this->delete($x,$_REQUEST); } - $old = false; @@ -171,7 +170,8 @@ trait Pman_Core_RooPostTrait { $affects = array(); - $all_links = $GLOBALS['_DB_DATAOBJECT']['LINKS'][$x->_database]; + $all_links = $x->databaseLinks(); + foreach($all_links as $tbl => $links) { foreach($links as $col => $totbl_col) { $to = explode(':', $totbl_col); @@ -242,7 +242,7 @@ trait Pman_Core_RooPostTrait { $match_total = 0; if ( $has_beforeDelete ) { - if ($xx->beforeDelete($match_ar, $this) === false) { + if ($xx->beforeDelete($match_ar, $this, $req) === false) { $errs[] = "Delete failed ({$xx->id})\n". (isset($xx->err) ? $xx->err : ''); continue; @@ -283,9 +283,7 @@ trait Pman_Core_RooPostTrait { } - DB_DataObject::Factory('Events')->logDeletedRecord($x); - - $this->addEvent("DELETE", $x); + $this->logDeleteEvent($x); $xx->delete(); @@ -301,4 +299,240 @@ trait Pman_Core_RooPostTrait { $this->jok("Deleted"); } + + function logDeleteEvent($object) + { + + DB_DataObject::Factory('Events')->logDeletedRecord($object); + + $this->addEvent("DELETE", $object); + + + } + + + function update($x, $req, $with_perm_check = true) + { + if ( $with_perm_check && !$this->checkPerm($x,'E', $req) ) { + $this->jerr("PERMISSION DENIED - No Edit permissions on this element"); + } + + // check any locks.. + // only done if we recieve a lock_id. + // we are very trusing here.. that someone has not messed around with locks.. + // the object might want to check in their checkPerm - if locking is essential.. + $lock = $this->updateLock($x,$req); + + $old = clone($x); + $this->old = $x; + // this lot is generic.. needs moving + if (method_exists($x, 'setFromRoo')) { + $res = $x->setFromRoo($req, $this); + if (is_string($res)) { + $this->jerr($res); + } + } else { + $x->setFrom($req); + } + + + + //echo '
';print_r($old);print_r($x);exit; + //print_r($old); + + $cols = $x->table(); + //print_r($cols); + if (isset($cols['modified'])) { + $x->modified = date('Y-m-d H:i:s'); + } + if (isset($cols['modified_dt'])) { + $x->modified_dt = date('Y-m-d H:i:s'); + } + if (isset($cols['modified_by']) && $this->authUser) { + $x->modified_by = $this->authUser->id; + } + + if (isset($cols['updated'])) { + $x->updated = date('Y-m-d H:i:s'); + } + if (isset($cols['updated_dt'])) { + $x->updated_dt = date('Y-m-d H:i:s'); + } + if (isset($cols['updated_by']) && $this->authUser) { + $x->updated_by = $this->authUser->id; + } + + if (method_exists($x, 'beforeUpdate')) { + $x->beforeUpdate($old, $req, $this); + } + + if ($with_perm_check && !empty($_FILES) && method_exists($x, 'onUpload')) { + $x->onUpload($this, $_REQUEST); + } + + //DB_DataObject::DebugLevel(1); + $res = $x->update($old); + if ($res === false) { + $this->jerr($x->_lastError->toString()); + } + + if (method_exists($x, 'onUpdate')) { + $x->onUpdate($old, $req, $this); + } + $ev = $this->addEvent("EDIT", $x); + if ($ev) { + $ev->audit($x, $old); + } + + + return $this->selectSingle( + DB_DataObject::factory($x->tableName()), + $x->{$this->key} + ); + + } + + function updateLock($x, $req ) + { + $this->permitError = true; // allow it to fail without dieing + + $lock = DB_DataObjecT::factory('core_locking'); + $this->permitError = false; + if (is_a($lock,'DB_DataObject') && $this->authUser) { + + $lock->on_id = $x->{$this->key}; + $lock->on_table= strtolower($x->tableName()); + if (!empty($_REQUEST['_lock_id'])) { + $lock->whereAdd('id != ' . ((int)$_REQUEST['_lock_id'])); + } else { + $lock->whereAdd('person_id !=' . $this->authUser->id); + } + + $llc = clone($lock); + $exp = date('Y-m-d', strtotime('NOW - 1 WEEK')); + $llc->whereAdd("created < '$exp'"); + if ($llc->count()) { + $llc->find(); + while($llc->fetch()) { + $llcd = clone($llc); + $llcd->delete(); + } + } + + $lock->limit(1); + if ($lock->find(true)) { + // it's locked by someone else.. + $p = $lock->person(); + + + $this->jerr( "Record was locked by " . $p->name . " at " .$lock->created. + " - Please confirm you wish to save" + , array('needs_confirm' => true)); + + + } + // check the users lock.. - no point.. ??? - if there are no other locks and it's not the users, then they can + // edit it anyways... + + // can we find the user's lock. + $lock = DB_DataObjecT::factory('core_locking'); + $lock->on_id = $x->{$this->key}; + $lock->on_table= strtolower($x->tableName()); + $lock->person_id = $this->authUser->id; + $lock->orderBy('created DESC'); + $lock->limit(1); + + if ( + $lock->find(true) && + isset($x->modified_dt) && + strtotime($x->modified_dt) > strtotime($lock->created) && + empty($req['_submit_confirmed']) && + $x->modified_by != $this->authUser->id + ) + { + $p = DB_DataObject::factory('core_person'); + $p->get($x->modified_by); + $this->jerr($p->name . " saved the record since you started editing,\nDo you really want to update it?", array('needs_confirm' => true)); + + } + } + + return $lock; + + } + + function insert($x, $req, $with_perm_check = true) + { + if (method_exists($x, 'setFromRoo')) { + $res = $x->setFromRoo($req, $this); + if (is_string($res)) { + $this->jerr($res); + } + } else { + $x->setFrom($req); + } + + if ( $with_perm_check && !$this->checkPerm($x,'A', $req)) { + $this->jerr("PERMISSION DENIED (i)"); + } + $cols = $x->table(); + + if (isset($cols['created'])) { + $x->created = date('Y-m-d H:i:s'); + } + if (isset($cols['created_dt'])) { + $x->created_dt = date('Y-m-d H:i:s'); + } + if (isset($cols['created_by'])) { + $x->created_by = $this->authUser->id; + } + + + if (isset($cols['modified'])) { + $x->modified = date('Y-m-d H:i:s'); + } + if (isset($cols['modified_dt'])) { + $x->modified_dt = date('Y-m-d H:i:s'); + } + if (isset($cols['modified_by'])) { + $x->modified_by = $this->authUser->id; + } + + if (isset($cols['updated'])) { + $x->updated = date('Y-m-d H:i:s'); + } + if (isset($cols['updated_dt'])) { + $x->updated_dt = date('Y-m-d H:i:s'); + } + if (isset($cols['updated_by'])) { + $x->updated_by = $this->authUser->id; + } + + if (method_exists($x, 'beforeInsert')) { + $x->beforeInsert($_REQUEST, $this); + } + + $res = $x->insert(); + if ($res === false) { + $this->jerr($x->_lastError->toString()); + } + if (method_exists($x, 'onInsert')) { + $x->onInsert($_REQUEST, $this); + } + $ev = $this->addEvent("ADD", $x); + if ($ev) { + $ev->audit($x); + } + + // note setFrom might handle this before hand...!??! + if (!empty($_FILES) && method_exists($x, 'onUpload')) { + $x->onUpload($this, $_REQUEST); + } + + return $this->selectSingle( + DB_DataObject::factory($x->tableName()), + $x->pid() + ); + + } } \ No newline at end of file