// At least tagID and the priviledge or the owner has to be set to perform a valid operation
if (!isset($tagID) || !isset($priviledge) && !isset($tagOwnerToSet)) {
$result = json_encode(array('result' => 'KO'));
die($result);
}
// If we have to perform an owner change and we're not admin then forfait
// NOTE: Disabling the owner menu from javascript is fine but we need a function
// to check if logged user is an admin
if (isset($tagOwnerToSet) && !OC_User::isAdminUser(OC_User::getUser())) {
$result = json_encode(array('result' => 'NOTALLOWED', 'newpriviledges' => '', 'newowner' => ''));
die($result);
}
// Perform the requested operation
$ctags = new \OCA\OCLife\hTags();
$user = \OCP\User::getUser();
$tagOwner = $ctags->getTagOwner($tagID);
if ($ctags->writeAllowed($tagID, $user) || $user === $tagOwner) {
if (isset($priviledge)) {
// Set priviledges
$newPriviledges = $ctags->setTagPermission($tagID, $priviledge);
$newOwner = '';
} else {
// Set owner
$newOwner = $ctags->setTagOwner($tagID, $tagOwnerToSet);
$newPriviledges = '';
}
$result = json_encode(array('result' => 'OK', 'newpriviledges' => $newPriviledges, 'newowner' => $newOwner));
} else {
$result = json_encode(array('result' => 'NOTALLOWED', 'newpriviledges' => '', 'newowner' => ''));
}
echo $result;
