/**
* Syncronize user privilege types with group privilege types
* Add privtypes but not change uprivs levels
* Remove privtypes and privs if group hasn't privtype
*
* @param integer $id_user User ID
* @param array $areas array of area objects
* @return array Array(0, boolean)
*/
private function sync_upriv($id_user, $areas)
{
// get group's privilege types
$group = new Group_model();
$g = $group->get_group_by_user($id_user);
$gp = X4Utils_helper::obj2array($this->get_gprivs($g->id), 'what', 'level');
$sql = array();
foreach ($areas as $i) {
// get User privilege types on area
$up = X4Utils_helper::obj2array($this->get_uprivs($id_user, $i->id_area), 'privtype', 'id');
// check group privilege types
foreach ($gp as $k => $v) {
if (isset($up[$k])) {
// if user have a group's privilege do none
unset($up[$k]);
} else {
if ($i->id_area == 1 || !in_array($k, $this->admin_privtypes)) {
// if user don't have then add the missing privilege type
$sql[] = 'INSERT INTO uprivs (updated, id_area, id_user, privtype, level, xon) VALUES (NOW(), ' . $i->id_area . ', ' . $id_user . ', \'' . $k . '\', ' . $v . ', 1)';
}
}
}
// in array 'up' now you have only the privileges that the group did not so delete it
foreach ($up as $k => $v) {
$sql[] = 'DELETE u.*, p.* FROM uprivs u
JOIN privs p ON u.id_user = p.id_who AND u.privtype = p.what AND u.id_area = p.id_area
WHERE u.id = ' . $v . ' AND p.id_who = ' . $id_user . ' AND p.what = \'' . $k . '\' AND p.id_area = ' . $i->id_area;
}
}
return empty($sql) ? array(0, 1) : $this->db->multi_exec($sql);
}
/**
* Delete Group
*
* @access private
* @param array $_post _POST array
* @return void
*/
private function deleting($_post)
{
$msg = null;
// check permissions
$msg = AdmUtils_helper::chk_priv_level($_SESSION['xuid'], 'groups', $_post['id'], 4);
if (is_null($msg)) {
// action
$group = new Group_model();
$result = $group->delete($_post['id']);
// set message
$msg = AdmUtils_helper::set_msg($result);
// clear useless permissions
if ($result[1]) {
$perm = new Permission_model();
$perm->deleting_by_what('groups', $_post['id']);
// set what update
$msg->update[] = array('element' => 'topic', 'url' => BASE_URL . 'users', 'title' => null);
}
}
$this->response($msg);
}
/**
* New / Edit user form (use Ajax)
*
* @param integer $id User ID (if 0 then is a new item)
* @param integer $id_group Group ID (if 0 then is a new item)
* @return void
*/
public function edit($id, $id_group = 0)
{
// load dictionaries
$this->dict->get_wordarray(array('form', 'login', 'users'));
$lang = X4Route_core::$lang;
// get object
$user = new User_model();
$u = $id ? $user->get_by_id($id) : new User_obj($id_group, $lang);
// get group
$group = new Group_model();
$g = $group->get_by_id($u->id_group, 'groups', 'id_area, name');
// build the form
$fields = array();
$fields[] = array('label' => null, 'type' => 'hidden', 'value' => $u->id_group, 'name' => 'id_group');
$fields[] = array('label' => null, 'type' => 'hidden', 'value' => $g->id_area, 'name' => 'id_area');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '<h4>' . _GROUP . ': ' . $g->name . '</h4>');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '<div class="band inner-pad clearfix"><div class="one-half xs-one-whole">');
// languages
$lmod = new Language_model();
$fields[] = array('label' => ucfirst(_LANGUAGE), 'type' => 'select', 'value' => $u->lang, 'options' => array($lmod->get_languages(), 'code', 'language'), 'name' => 'lang', 'extra' => 'class="large"');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '</div><div class="one-half xs-one-whole">');
$fields[] = array('label' => _USERNAME, 'type' => 'text', 'value' => $u->username, 'name' => 'username', 'suggestion' => _USERNAME_RULE, 'rule' => 'required|minlength§6|alphanumeric', 'extra' => 'class="large"');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '</div></div>');
// password
if ($id) {
$fields[] = array('label' => null, 'type' => 'html', 'value' => '<h4 class="acenter zerom">' . _PASSWORD_CHANGE_MSG . '</h4>');
$rule = '';
} else {
// for a new user you must insert a password
$rule = 'required|';
}
$fields[] = array('label' => null, 'type' => 'html', 'value' => '<div class="band inner-pad clearfix"><div class="one-half xs-one-whole">');
$fields[] = array('label' => _PASSWORD, 'type' => 'password', 'value' => '', 'name' => 'password', 'suggestion' => _PASSWORD_RULE, 'rule' => $rule . 'minlength§6|alphanumeric', 'extra' => 'class="large"');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '</div><div class="one-half xs-one-whole">');
$fields[] = array('label' => _REPEAT_PASSWORD, 'type' => 'password', 'value' => '', 'name' => 'password2', 'rule' => $rule . 'equal-password', 'extra' => 'class="large"');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '</div></div>');
$fields[] = array('label' => _DESCRIPTION, 'type' => 'textarea', 'value' => $u->description, 'name' => 'description', 'sanitize' => 'string', 'rule' => 'required');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '<div class="band inner-pad clearfix"><div class="one-half xs-one-whole">');
$fields[] = array('label' => _EMAIL, 'type' => 'text', 'value' => $u->mail, 'name' => 'mail', 'rule' => 'required|mail', 'extra' => 'class="large"');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '</div><div class="one-half xs-one-whole">');
$fields[] = array('label' => _PHONE, 'type' => 'text', 'value' => $u->phone, 'name' => 'phone', 'rule' => 'phone', 'extra' => 'class="large"');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '</div></div><div class="band inner-pad clearfix"><div class="one-half xs-one-whole">');
$fields[] = array('label' => _LEVEL, 'type' => 'select', 'value' => $u->level, 'options' => array($user->get_levels(), 'id', 'name'), 'name' => 'level', 'extra' => 'class="large"');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '</div><div class="one-half xs-one-whole">');
// permissions on areas
$perm = new Permission_model();
$area = new Area_model();
$fields[] = array('label' => _DOMAIN, 'type' => 'select', 'value' => X4Utils_helper::obj2array($perm->get_aprivs($id), null, 'id_area'), 'options' => array($area->get_areas($g->id_area, false), 'id', 'name'), 'multiple' => 4, 'name' => 'domain', 'extra' => 'class="large"');
$fields[] = array('label' => null, 'type' => 'html', 'value' => '</div></div>');
// if submitted
if (X4Route_core::$post) {
$e = X4Validation_helper::form($fields, 'editor');
if ($e) {
$this->editing($id, $_POST);
} else {
$this->notice($fields);
}
die;
}
// contents
$view = new X4View_core('editor');
$view->title = $id ? _EDIT_USER : _ADD_USER;
// form builder
$view->form = X4Form_helper::doform('editor', $_SERVER["REQUEST_URI"], $fields, array(_RESET, _SUBMIT, 'buttons'), 'post', '', 'onclick="setForm(\'editor\');"');
$view->render(TRUE);
}
