public function processSave() { $employee = new Employee((int) Tools::getValue('id_employee')); // If the employee is editing its own account if ($this->restrict_edition) { $current_password = trim(Tools::getValue('old_passwd')); if (Tools::getValue('passwd') && (empty($current_password) || !Validate::isPasswdAdmin($current_password) || !$employee->getByEmail($employee->email, $current_password))) { $this->errors[] = Tools::displayError('Your current password is invalid.'); } elseif (Tools::getValue('passwd') && (!Tools::getValue('passwd2') || Tools::getValue('passwd') !== Tools::getValue('passwd2'))) { $this->errors[] = Tools::displayError('The confirmation password does not match.'); } $_POST['id_profile'] = $_GET['id_profile'] = $employee->id_profile; $_POST['active'] = $_GET['active'] = $employee->active; // Unset set shops foreach ($_POST as $postkey => $postvalue) { if (strstr($postkey, 'checkBoxShopAsso_' . $this->table) !== false) { unset($_POST[$postkey]); } } foreach ($_GET as $postkey => $postvalue) { if (strstr($postkey, 'checkBoxShopAsso_' . $this->table) !== false) { unset($_GET[$postkey]); } } // Add current shops associated to the employee $result = Shop::getShopById((int) $employee->id, $this->identifier, $this->table); foreach ($result as $row) { $key = 'checkBoxShopAsso_' . $this->table; if (!isset($_POST[$key])) { $_POST[$key] = array(); } if (!isset($_GET[$key])) { $_GET[$key] = array(); } $_POST[$key][$row['id_shop']] = 1; $_GET[$key][$row['id_shop']] = 1; } } else { $_POST['id_last_order'] = $employee->getLastElementsForNotify('order'); $_POST['id_last_customer_message'] = $employee->getLastElementsForNotify('customer_message'); $_POST['id_last_customer'] = $employee->getLastElementsForNotify('customer'); } //if profile is super admin, manually fill checkBoxShopAsso_employee because in the form they are disabled. if ($_POST['id_profile'] == _PS_ADMIN_PROFILE_) { $result = Db::getInstance()->executeS('SELECT id_shop FROM ' . _DB_PREFIX_ . 'shop'); foreach ($result as $row) { $key = 'checkBoxShopAsso_' . $this->table; if (!isset($_POST[$key])) { $_POST[$key] = array(); } if (!isset($_GET[$key])) { $_GET[$key] = array(); } $_POST[$key][$row['id_shop']] = 1; $_GET[$key][$row['id_shop']] = 1; } } if ($employee->isLastAdmin()) { if (Tools::getValue('id_profile') != (int) _PS_ADMIN_PROFILE_) { $this->errors[] = Tools::displayError('You should have at least one employee in the administrator group.'); return false; } if (Tools::getvalue('active') == 0) { $this->errors[] = Tools::displayError('You cannot disable or delete the administrator account.'); return false; } } if (Tools::getValue('bo_theme_css')) { $bo_theme = explode('|', Tools::getValue('bo_theme_css')); $_POST['bo_theme'] = $bo_theme[0]; if (!in_array($bo_theme[0], scandir(_PS_ADMIN_DIR_ . DIRECTORY_SEPARATOR . 'themes'))) { $this->errors[] = Tools::displayError('Invalid theme'); return false; } if (isset($bo_theme[1])) { $_POST['bo_css'] = $bo_theme[1]; } } $assos = $this->getSelectedAssoShop($this->table); if (!$assos && ($this->table = 'employee')) { if (Shop::isFeatureActive() && _PS_ADMIN_PROFILE_ != $_POST['id_profile']) { $this->errors[] = Tools::displayError('The employee must be associated with at least one shop.'); } } if (count($this->errors)) { return false; } return parent::processSave(); }
/** * Return the list of fields value * * @param object $obj Object * @return array */ public function getFieldsValue($obj) { foreach ($this->fields_form as $fieldset) { if (isset($fieldset['form']['input'])) { foreach ($fieldset['form']['input'] as $input) { if (!isset($this->fields_value[$input['name']])) { if (isset($input['type']) && $input['type'] == 'shop') { if ($obj->id) { $result = Shop::getShopById((int) $obj->id, $this->identifier, $this->table); foreach ($result as $row) { $this->fields_value['shop'][$row['id_' . $input['type']]][] = $row['id_shop']; } } } elseif (isset($input['lang']) && $input['lang']) { foreach ($this->_languages as $language) { $fieldValue = $this->getFieldValue($obj, $input['name'], $language['id_lang']); if (empty($fieldValue)) { if (isset($input['default_value']) && is_array($input['default_value']) && isset($input['default_value'][$language['id_lang']])) { $fieldValue = $input['default_value'][$language['id_lang']]; } elseif (isset($input['default_value'])) { $fieldValue = $input['default_value']; } } $this->fields_value[$input['name']][$language['id_lang']] = $fieldValue; } } else { $fieldValue = $this->getFieldValue($obj, $input['name']); if ($fieldValue === false && isset($input['default_value'])) { $fieldValue = $input['default_value']; } $this->fields_value[$input['name']] = $fieldValue; } } } } } return $this->fields_value; }
public function postProcess() { if (Tools::isSubmit('deleteemployee') || Tools::isSubmit('status') || Tools::isSubmit('statusemployee')) { /* PrestaShop demo mode */ if (_PS_MODE_DEMO_ && ($id_employee = Tools::getValue('id_employee') && (int) $id_employee == _PS_DEMO_MAIN_BO_ACCOUNT_)) { $this->errors[] = Tools::displayError('This functionality has been disabled.'); return; } if ($this->context->employee->id == Tools::getValue('id_employee')) { $this->errors[] = Tools::displayError('You cannot disable or delete your own account.'); return false; } $employee = new Employee(Tools::getValue('id_employee')); if ($employee->isLastAdmin()) { $this->errors[] = Tools::displayError('You cannot disable or delete the last administrator account.'); return false; } // It is not possible to delete an employee if he manages warehouses $warehouses = Warehouse::getWarehousesByEmployee((int) Tools::getValue('id_employee')); if (Tools::isSubmit('deleteemployee') && count($warehouses) > 0) { $this->errors[] = Tools::displayError('You cannot delete this account because it manages warehouses. Check your warehouses first.'); return false; } } elseif (Tools::isSubmit('submitAddemployee')) { $employee = new Employee((int) Tools::getValue('id_employee')); // If the employee is editing its own account if ($this->restrict_edition) { $_POST['id_profile'] = $_GET['id_profile'] = $employee->id_profile; $_POST['active'] = $_GET['active'] = $employee->active; // Unset set shops foreach ($_POST as $postkey => $postvalue) { if (strstr($postkey, 'checkBoxShopAsso_' . $this->table) !== false) { unset($_POST[$postkey]); } } foreach ($_GET as $postkey => $postvalue) { if (strstr($postkey, 'checkBoxShopAsso_' . $this->table) !== false) { unset($_GET[$postkey]); } } // Add current shops associated to the employee $result = Shop::getShopById((int) $employee->id, $this->identifier, $this->table); foreach ($result as $row) { $key = 'checkBoxShopAsso_' . $this->table; if (!isset($_POST[$key])) { $_POST[$key] = array(); } if (!isset($_GET[$key])) { $_GET[$key] = array(); } $_POST[$key][$row['id_shop']] = 1; $_GET[$key][$row['id_shop']] = 1; } } //if profile is super admin, manually fill checkBoxShopAsso_employee because in the form they are disabled. if ($_POST['id_profile'] == _PS_ADMIN_PROFILE_) { $result = Db::getInstance()->executeS('SELECT id_shop FROM ' . _DB_PREFIX_ . 'shop'); foreach ($result as $row) { $key = 'checkBoxShopAsso_' . $this->table; if (!isset($_POST[$key])) { $_POST[$key] = array(); } if (!isset($_GET[$key])) { $_GET[$key] = array(); } $_POST[$key][$row['id_shop']] = 1; $_GET[$key][$row['id_shop']] = 1; } } if ($employee->isLastAdmin()) { if (Tools::getValue('id_profile') != (int) _PS_ADMIN_PROFILE_) { $this->errors[] = Tools::displayError('You should have at least one employee in the administrator group.'); return false; } if (Tools::getvalue('active') == 0) { $this->errors[] = Tools::displayError('You cannot disable or delete the last administrator account.'); return false; } } if (!in_array(Tools::getValue('bo_theme'), $this->themes)) { $this->errors[] = Tools::displayError('Invalid theme.'); return false; } $assos = $this->getSelectedAssoShop($this->table); if (!$assos && ($this->table = 'employee')) { if (Shop::isFeatureActive() && _PS_ADMIN_PROFILE_ != $_POST['id_profile']) { $this->errors[] = Tools::displayError('The employee must be associated with at least one shop'); } } } return parent::postProcess(); }