Ejemplo n.º 1
0
 /**
  * Save an entry
  *
  * @return  void
  */
 public function saveTask()
 {
     // [SECURITY] Check for request forgeries
     Request::checkToken();
     if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option)) {
         App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
     }
     // Incoming
     $fields = Request::getVar('fields', array(), 'post', 'none', 2);
     $team = Request::getVar('team', '', 'post', 2, 'none');
     // Bind the incoming data to our mdoel
     $row = Application::oneOrNew($fields['id'])->set($fields);
     // Validate and save the data
     if (!$row->save()) {
         Notify::error($row->getError());
         return $this->editTask($row);
     }
     // parse incoming team
     $team = array_map('trim', explode(',', $team));
     // clean up team
     foreach ($team as $k => $t) {
         // handle usernames & emails
         if (!is_numeric($t)) {
             // handle emails
             if (strpos($t, '@')) {
                 // load profile by email
                 $profile = \Hubzero\User\User::oneByEmail($t);
             } else {
                 // load profile by username
                 $profile = \Hubzero\User\User::oneOrNew($t);
             }
             // swap usernames for uidnumbers
             if ($profile) {
                 $team[$k] = $profile->get('id');
             } else {
                 unset($team[$k]);
             }
         }
     }
     // add creator if new
     // will only ever get added once
     $team[] = User::get('id');
     // get current team
     $currentTeam = $row->team()->rows();
     $found = array();
     // Remove members not included now
     foreach ($currentTeam as $member) {
         if (!in_array($member->get('uidNumber'), $team)) {
             $member->destroy();
         }
         $found[] = $member->get('uidNumber');
     }
     // Add each non-team member to team
     foreach ($team as $uidNumber) {
         if (!in_array($uidNumber, $found)) {
             $member = Member::blank();
             $member->set('uidNumber', $uidNumber);
             $member->set('application_id', $row->get('id'));
             $member->save();
         }
     }
     Notify::success(Lang::txt('COM_DEVELOPER_APPLICATION_SAVED'));
     if ($this->getTask() == 'apply') {
         return $this->editTask($row);
     }
     $this->cancelTask();
 }
Ejemplo n.º 2
0
 /**
  * Set the authorization level for the user
  *
  * @param   string   $assetType
  * @param   integer  $assetId
  * @return  void
  */
 protected function _authorize($assetType = 'application', $assetId = null)
 {
     // Logged in?
     if (!User::isGuest()) {
         // Set comments to viewable
         $this->config->set('access-create-' . $assetType, true);
     }
     // do we have an application?
     if ($assetId != null) {
         $app = Application::oneOrNew($assetId);
         $team = array();
         foreach ($app->team()->rows() as $member) {
             $team[] = $member->get('uidNumber');
         }
         if (in_array(User::get('id'), $team) || User::get('id') == $app->get('created_by')) {
             // Set comments to viewable
             $this->config->set('access-view-' . $assetType, true);
             $this->config->set('access-edit-' . $assetType, true);
             $this->config->set('access-delete-' . $assetType, true);
             $this->config->set('access-remove-member-' . $assetType, true);
         }
     }
 }