Example #1
0
function userHasEditLayerDataPerm($layer_tablename, $row_id) {
  $user = $GLOBALS['user'];
  if($user->uid) {

    if(in_array(SITE_ADMIN_ROLE, $user->roles)) {
      return TRUE;
    }

    $user_role = getUserRoleForLayer($layer_tablename);
    $for_role = $layer_tablename . ' ' . $user_role;
    $arr_perms = getRoleMLOCATEPerms($for_role);
    if(in_array("edit any feature", $arr_perms)) {
      return TRUE;
    } elseif(in_array("edit own feature", $arr_perms)) {
      $query = 'SELECT '.AUTO_DBCOL_PREFIX.'created_by FROM "%s" WHERE '.AUTO_DBCOL_PREFIX.'id = %d';
      $result = db_query($query, $layer_tablename, $row_id);
      if(!$result) {
        return FALSE;
      } else {
        $obj = db_fetch_object($result);
        if($user->uid == $obj->{AUTO_DBCOL_PREFIX.'created_by'}) {
          return TRUE;
        } else {
          return FALSE;
        }
      }
    }
  }
  return FALSE;
}
Example #2
0
function validateFeature($layer_tablename, $row_id) {
  $user=$GLOBALS['user'];
  $user_role=getUserRoleForLayer($layer_tablename);
  if($user->uid && ($user_role == "admin" || $user_role == "validator")) {
    $query='UPDATE "%s" SET ' . AUTO_DBCOL_PREFIX . 'status = 1, ' . AUTO_DBCOL_PREFIX . 'validated_by = %d, ' . AUTO_DBCOL_PREFIX . 'validated_date = now() WHERE ' . AUTO_DBCOL_PREFIX . 'id = %d';
    $result=db_query($query, $layer_tablename, $user->uid, $row_id);
    if(!$result) {
      return "Error. Record could not be saved.";
    }
    else {
      return "Record saved.";
    }
  }
  else {
    return "Error. Your are not authorized.";
  }
}