public function Get($userID = null)
{
$user = new User();
//Guest
if ($userID == null) {
$userID = $this->GetUid();
}
if ($userID == null) {
return $user;
}
$user->setByID($userID);
return $user;
}
function privilegeAction()
{
$model = new User();
$model->allFIelds = true;
$id = AF::get($this->params, 'id', 0);
if (!$id) {
throw new AFHttpException(0, 'no_id');
}
if (!$model->setByID($id)) {
throw new AFHttpException(0, 'incorrect_id');
}
$access = new Access();
$access->fillFromUser($model);
$userAccess = $access->getUserUpdateAccess();
ksort($userAccess);
if (isset($_POST['ajax'])) {
$newAcces = AF::get($_POST, 'array');
if ($newAcces) {
$access->setUserAccess($newAcces);
// hack to get the uesrs_access table to update instead of insert
$msql = SafeMySQL::getInstance();
$sql = "SELECT * FROM ?n WHERE user_id = ?i";
$result = $msql->getRow($sql, $access->tableName(), $access->user_id);
if (!empty($result)) {
$access->setIsNewRecord(0);
}
if ($access->save()) {
$model->user_id_updated = $this->user->user_id;
$model->updated = 'NOW():sql';
$model->IsNewRecord = false;
$model->save();
Message::echoJsonSuccess(__('user_access_updated'));
} else {
Message::echoJsonError(__('user_access_not_updated'));
}
} else {
Message::echoJsonError(__('user_access_not_updated'));
}
}
Assets::js('jquery.form');
$this->addToPageTitle('User privilege');
$this->render('privilege', array('userAccess' => $userAccess, 'model' => $model));
}
