/** * Builds access condition for history select query. * * @param array $operator List of operator's fields. * @return array Associative array with the following keys: * - "condition": string, additional condition that should be used in SQL * query's where clause. * - "values": array, list of additional values for placeholders. */ protected function buildAccessCondition($operator) { // Administrators can view anything if (is_capable(CAN_ADMINISTRATE, $operator)) { return array('condition' => '', 'values' => array()); } // Operators without "view threads" permission can view only their // own history. if (!is_capable(CAN_VIEWTHREADS, $operator)) { return array('condition' => ' AND {thread}.agentid = :operator_id ', 'values' => array(':operator_id' => $operator['operatorid'])); } // Operators who have "view threads" permission can be in isolation. if (in_isolation($operator)) { // This is not the best way of getting operators from adjacent // groups, but it's the only way that does not break encapsulation // of operators storage. $operators = get_operators_list(array('isolated_operator_id' => $operator['operatorid'])); $operators_placeholders = array(); $counter = 0; foreach ($operators as $op) { $operators_placeholders[':_access_op_' . $counter] = $op['operatorid']; $counter++; } $operators_in_statement = implode(', ', array_keys($operators_placeholders)); // Also the operator can view threads for the groups he belongs too. // These threads include ones that had no related operator but were // started for a specified group. $groups = get_all_groups_for_operator($operator); $groups_placeholders = array(); $counter = 0; foreach ($groups as $group) { $groups_placeholders[':_access_grp_' . $counter] = $group['groupid']; $counter++; } $groups_in_statement = implode(', ', array_keys($groups_placeholders)); return array('condition' => ' AND (' . '{thread}.agentid IN (' . $operators_in_statement . ') ' . 'OR {thread}.groupid IN (' . $groups_in_statement . ')' . ') ', 'values' => $operators_placeholders + $groups_placeholders); } // It seems that the operator can view anything. return array('condition' => '', 'values' => array()); }
/** * Generates list of available canned messages. * * @param Request $request * @return string Rendered page content */ public function indexAction(Request $request) { $operator = $this->getOperator(); $page = array( 'errors' => array(), ); // Build list of available locales $all_locales = get_available_locales(); $locales_with_label = array(); foreach ($all_locales as $id) { $locale_info = get_locale_info($id); $locales_with_label[] = array( 'id' => $id, 'name' => ($locale_info ? $locale_info['name'] : $id) ); } $page['locales'] = $locales_with_label; // Get selected locale, if any. $lang = $this->extractLocale($request); if (!$lang) { $lang = in_array(get_current_locale(), $all_locales) ? get_current_locale() : $all_locales[0]; } // Get selected group ID, if any. $group_id = $this->extractGroupId($request); if ($group_id) { $group = group_by_id($group_id); if (!$group) { $page['errors'][] = getlocal('No such group'); $group_id = false; } } // Build list of available groups $all_groups = in_isolation($operator) ? get_all_groups_for_operator($operator) : get_all_groups(); $page['groups'] = array(); $page['groups'][] = array( 'groupid' => '', 'vclocalname' => getlocal('-all operators-'), 'level' => 0, ); foreach ($all_groups as $g) { $page['groups'][] = $g; } // Get messages and setup pagination $canned_messages = load_canned_messages($lang, $group_id); foreach ($canned_messages as &$message) { $message['vctitle'] = $message['vctitle']; $message['vcvalue'] = $message['vcvalue']; } unset($message); $pagination = setup_pagination($canned_messages); $page['pagination'] = $pagination['info']; $page['pagination.items'] = $pagination['items']; // Buil form values $page['formlang'] = $lang; $page['formgroup'] = $group_id; // Set other needed page values and render the response $page['title'] = getlocal('Canned Messages'); $page['menuid'] = 'canned'; $page = array_merge($page, prepare_menu($operator)); return $this->render('canned_messages', $page); }
/** * Processes submitting of the form which is generated in * {@link \Mibew\Controller\Operator\GroupsController::showFormAction()} * method. * * @param Request $request Incoming request. * @return string Rendered page content. * @throws NotFoundException If the operator with specified ID is not found * in the system. */ public function submitFormAction(Request $request) { csrf_check_token($request); $operator = $this->getOperator(); $operator_in_isolation = in_isolation($operator); $op_id = $request->attributes->getInt('operator_id'); // Check if the target operator exists $op = operator_by_id($op_id); if (!$op) { throw new NotFoundException('The operator is not found.'); } // Get all groups that are available for the target operator. $groups = $operator_in_isolation ? get_all_groups_for_operator($operator) : get_all_groups(); // Build list of operator's new groups. $new_groups = array(); foreach ($groups as $group) { if ($request->request->get('group' . $group['groupid']) == 'on') { $new_groups[] = $group['groupid']; } } // Update operator's group and redirect the current operator to the same // page using GET method. update_operator_groups($op['operatorid'], $new_groups); $redirect_to = $this->generateUrl( 'operator_groups', array( 'operator_id' => $op_id, 'stored' => true, ) ); return $this->redirect($redirect_to); }