Ejemplo n.º 1
0
 protected function canModifyEmployee()
 {
     if ($this->restrict_edition) {
         $this->errors[] = Tools::displayError('You cannot disable or delete your own account.');
         return false;
     }
     $employee = new Employee(Tools::getValue('id_employee'));
     if ($employee->isLastAdmin()) {
         $this->errors[] = Tools::displayError('You cannot disable or delete the administrator account.');
         return false;
     }
     // It is not possible to delete an employee if he manages warehouses
     $warehouses = Warehouse::getWarehousesByEmployee((int) Tools::getValue('id_employee'));
     if (Tools::isSubmit('deleteemployee') && count($warehouses) > 0) {
         $this->errors[] = Tools::displayError('You cannot delete this account because it manages warehouses. Check your warehouses first.');
         return false;
     }
     return true;
 }
 public function postProcess()
 {
     if (Tools::isSubmit('deleteemployee') || Tools::isSubmit('status') || Tools::isSubmit('statusemployee')) {
         /* PrestaShop demo mode */
         if (_PS_MODE_DEMO_ && ($id_employee = Tools::getValue('id_employee') && (int) $id_employee == _PS_DEMO_MAIN_BO_ACCOUNT_)) {
             $this->errors[] = Tools::displayError('This functionality has been disabled.');
             return;
         }
         if ($this->context->employee->id == Tools::getValue('id_employee')) {
             $this->errors[] = Tools::displayError('You cannot disable or delete your own account.');
             return false;
         }
         $employee = new Employee(Tools::getValue('id_employee'));
         if ($employee->isLastAdmin()) {
             $this->errors[] = Tools::displayError('You cannot disable or delete the last administrator account.');
             return false;
         }
         // It is not possible to delete an employee if he manages warehouses
         $warehouses = Warehouse::getWarehousesByEmployee((int) Tools::getValue('id_employee'));
         if (Tools::isSubmit('deleteemployee') && count($warehouses) > 0) {
             $this->errors[] = Tools::displayError('You cannot delete this account because it manages warehouses. Check your warehouses first.');
             return false;
         }
     } elseif (Tools::isSubmit('submitAddemployee')) {
         $employee = new Employee((int) Tools::getValue('id_employee'));
         // If the employee is editing its own account
         if ($this->restrict_edition) {
             $_POST['id_profile'] = $_GET['id_profile'] = $employee->id_profile;
             $_POST['active'] = $_GET['active'] = $employee->active;
             // Unset set shops
             foreach ($_POST as $postkey => $postvalue) {
                 if (strstr($postkey, 'checkBoxShopAsso_' . $this->table) !== false) {
                     unset($_POST[$postkey]);
                 }
             }
             foreach ($_GET as $postkey => $postvalue) {
                 if (strstr($postkey, 'checkBoxShopAsso_' . $this->table) !== false) {
                     unset($_GET[$postkey]);
                 }
             }
             // Add current shops associated to the employee
             $result = Shop::getShopById((int) $employee->id, $this->identifier, $this->table);
             foreach ($result as $row) {
                 $key = 'checkBoxShopAsso_' . $this->table;
                 if (!isset($_POST[$key])) {
                     $_POST[$key] = array();
                 }
                 if (!isset($_GET[$key])) {
                     $_GET[$key] = array();
                 }
                 $_POST[$key][$row['id_shop']] = 1;
                 $_GET[$key][$row['id_shop']] = 1;
             }
         }
         //if profile is super admin, manually fill checkBoxShopAsso_employee because in the form they are disabled.
         if ($_POST['id_profile'] == _PS_ADMIN_PROFILE_) {
             $result = Db::getInstance()->executeS('SELECT id_shop FROM ' . _DB_PREFIX_ . 'shop');
             foreach ($result as $row) {
                 $key = 'checkBoxShopAsso_' . $this->table;
                 if (!isset($_POST[$key])) {
                     $_POST[$key] = array();
                 }
                 if (!isset($_GET[$key])) {
                     $_GET[$key] = array();
                 }
                 $_POST[$key][$row['id_shop']] = 1;
                 $_GET[$key][$row['id_shop']] = 1;
             }
         }
         if ($employee->isLastAdmin()) {
             if (Tools::getValue('id_profile') != (int) _PS_ADMIN_PROFILE_) {
                 $this->errors[] = Tools::displayError('You should have at least one employee in the administrator group.');
                 return false;
             }
             if (Tools::getvalue('active') == 0) {
                 $this->errors[] = Tools::displayError('You cannot disable or delete the last administrator account.');
                 return false;
             }
         }
         if (!in_array(Tools::getValue('bo_theme'), $this->themes)) {
             $this->errors[] = Tools::displayError('Invalid theme.');
             return false;
         }
         $assos = $this->getSelectedAssoShop($this->table);
         if (!$assos && ($this->table = 'employee')) {
             if (Shop::isFeatureActive() && _PS_ADMIN_PROFILE_ != $_POST['id_profile']) {
                 $this->errors[] = Tools::displayError('The employee must be associated with at least one shop');
             }
         }
     }
     return parent::postProcess();
 }