Ejemplo n.º 1
0
 /**
  * DataSet Security Add
  * @return <XiboAPIResponse>
  */
 public function DataSetSecurityAdd()
 {
     // Auth
     if (!$this->user->PageAuth('dataset')) {
         return $this->Error(1, 'Access Denied');
     }
     $dataSetId = $this->GetParam('dataSetId', _INT);
     $auth = $this->user->DataSetAuth($dataSetId, true);
     if (!$auth->modifyPermissions) {
         return $this->Error(1, 'Access Denied');
     }
     $groupId = $this->GetParam('groupId', _INT);
     $view = $this->GetParam('view', _INT);
     $edit = $this->GetParam('edit', _INT);
     $del = $this->GetParam('delete', _INT);
     Kit::ClassLoader('datasetgroupsecurity');
     $security = new DataSetGroupSecurity();
     if (!($results = $security->Link($dataSetId, $groupId, $view, $edit, $del))) {
         return $this->Error($security->GetErrorNumber(), $security->GetErrorMessage());
     }
     return $this->Respond($this->ReturnId('success', true));
 }
Ejemplo n.º 2
0
 public function Permissions()
 {
     // Check the token
     if (!Kit::CheckToken()) {
         trigger_error('Token does not match', E_USER_ERROR);
     }
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     Kit::ClassLoader('datasetgroupsecurity');
     $dataSetId = Kit::GetParam('datasetid', _POST, _INT);
     $groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
     $auth = $this->user->DataSetAuth($dataSetId, true);
     if (!$auth->modifyPermissions) {
         trigger_error(__('You do not have permissions to edit this dataset'), E_USER_ERROR);
     }
     // Unlink all
     $security = new DataSetGroupSecurity($db);
     if (!$security->UnlinkAll($dataSetId)) {
         trigger_error(__('Unable to set permissions'));
     }
     // Some assignments for the loop
     $lastGroupId = 0;
     $first = true;
     $view = 0;
     $edit = 0;
     $del = 0;
     // List of groupIds with view, edit and del assignments
     foreach ($groupIds as $groupPermission) {
         $groupPermission = explode('_', $groupPermission);
         $groupId = $groupPermission[0];
         if ($first) {
             // First time through
             $first = false;
             $lastGroupId = $groupId;
         }
         if ($groupId != $lastGroupId) {
             // The groupId has changed, so we need to write the current settings to the db.
             // Link new permissions
             if (!$security->Link($dataSetId, $lastGroupId, $view, $edit, $del)) {
                 trigger_error(__('Unable to set permissions'), E_USER_ERROR);
             }
             // Reset
             $lastGroupId = $groupId;
             $view = 0;
             $edit = 0;
             $del = 0;
         }
         switch ($groupPermission[1]) {
             case 'view':
                 $view = 1;
                 break;
             case 'edit':
                 $edit = 1;
                 break;
             case 'del':
                 $del = 1;
                 break;
         }
     }
     // Need to do the last one
     if (!$first) {
         if (!$security->Link($dataSetId, $lastGroupId, $view, $edit, $del)) {
             trigger_error(__('Unable to set permissions'), E_USER_ERROR);
         }
     }
     $response->SetFormSubmitResponse(__('Permissions Changed'));
     $response->Respond();
 }