/**
* Builds a page with form for edit operator's permissions.
*
* @param Request $request Incoming request.
* @return string Rendered page content.
* @throws NotFoundException If the operator with specified ID is not found
* in the system.
*/
public function showFormAction(Request $request)
{
$operator = $this->getOperator();
$op_id = $request->attributes->get('operator_id');
$page = array('opid' => $op_id, 'canmodify' => is_capable(CAN_ADMINISTRATE, $operator) ? '1' : '', 'errors' => array());
$op = operator_by_id($op_id);
if (!$op) {
throw new NotFoundException('The operator is not found.');
}
// Check if the target operator exists
$page['currentop'] = $op ? get_operator_name($op) . ' (' . $op['vclogin'] . ')' : getlocal('-not found-');
// Build list of permissions which belongs to the target operator.
$checked_permissions = array();
foreach (permission_ids() as $perm => $id) {
if (is_capable($perm, $op)) {
$checked_permissions[] = $id;
}
}
// Build list of all available permissions
$page['permissionsList'] = array();
foreach (get_permission_list() as $perm) {
$perm['checked'] = in_array($perm['id'], $checked_permissions);
$page['permissionsList'][] = $perm;
}
$page['stored'] = $request->query->has('stored');
$page['title'] = getlocal('Permissions');
$page['menuid'] = $operator['operatorid'] == $op_id ? 'profile' : 'operators';
$page = array_merge($page, prepare_menu($operator));
$page['tabs'] = $this->buildTabs($request);
return $this->render('operator_permissions', $page);
}
if (verifyparam("permissions{$id}", "/^on\$/", "") == "on") {
$new_permissions |= 1 << $perm;
} else {
$new_permissions &= ~(1 << $perm);
}
}
if (count($errors) == 0) {
update_operator_permissions($op['operatorid'], $new_permissions);
if ($opId && $_SESSION["{$mysqlprefix}operator"] && $operator['operatorid'] == $opId) {
$_SESSION["{$mysqlprefix}operator"]['iperm'] = $new_permissions;
}
header("Location: {$webimroot}/operator/permissions.php?op={$opId}&stored");
exit;
}
}
}
$page['permissionsList'] = get_permission_list();
$page['formpermissions'] = array("");
$page['currentop'] = $op ? topage(get_operator_name($op)) . " (" . $op['vclogin'] . ")" : "-not found-";
if ($op) {
foreach ($permission_ids as $perm => $id) {
if (is_capable($perm, $op)) {
$page['formpermissions'][] = $id;
}
}
}
$page['stored'] = isset($_GET['stored']);
prepare_menu($operator);
setup_operator_settings_tabs($opId, 3);
start_html_output();
require '../view/permissions.php';
