public function execute()
{
$data = waRequest::post('data', null);
if (!$data) {
return;
}
foreach ($data as $name => $value) {
if (in_array($name, $this->allowed_fields) === false) {
throw new waException("Can't update post: editing of this field is denied");
}
if ($name == 'status') {
if (in_array($value, array(blogPostModel::STATUS_DRAFT, blogPostModel::STATUS_DEADLINE, blogPostModel::STATUS_SCHEDULED, blogPostModel::STATUS_PUBLISHED)) === false) {
throw new waException("Can't change status: unknown value");
}
}
}
$post_id = waRequest::post('post_id', null, waRequest::TYPE_INT);
$post_model = new blogPostModel();
$post = null;
if ($post_id) {
$post = $post_model->getFieldsById($post_id, array('id', 'blog_id', 'contact_id', 'datetime'));
}
if (!$post) {
throw new waException("Unknown post");
}
$contact = wa()->getUser();
$contact_id = $contact->getId();
$allow = blogHelper::checkRights($post['blog_id'], $contact_id, $contact_id != $post['contact_id'] ? blogRightConfig::RIGHT_FULL : blogRightConfig::RIGHT_READ_WRITE);
if (!$allow) {
throw new waException("Access denied");
}
if (!$post_model->updateById($post_id, $data)) {
throw new waException("Error when updating data");
}
$post = array_merge($post, $data);
if ($post['status'] == blogPostModel::STATUS_DEADLINE) {
$user = wa()->getUser();
$timezone = $user->getTimezone();
$current_datetime = waDateTime::date("Y-m-d", null, $timezone);
$datetime = waDateTime::date("Y-m-d", $post['datetime'], $timezone);
if ($datetime <= $current_datetime) {
$post['overdue'] = true;
}
}
$this->response['post'] = $post;
}
public function execute()
{
$this->getResponse()->addHeader('Content-type', 'application/json');
$post_id = waRequest::post('post_id', null);
$date = waRequest::post('date');
if (!is_null($post_id)) {
$post_model = new blogPostModel();
$post = $post_model->getFieldsById($post_id, array('status'));
$status = $post['status'];
if ($status == blogPostModel::STATUS_DEADLINE || $status == blogPostModel::STATUS_DRAFT) {
if (strlen($date) == 0) {
$this->response['valid'] = true;
return;
}
}
}
$this->response['valid'] = true;
if (!waDateTime::parse('date', $date, wa()->getUser()->getTimezone())) {
$this->response['valid'] = false;
}
}
private function delete($post)
{
$post_model = new blogPostModel();
$post = $post_model->getFieldsById($post['id'], array('id', 'blog_id'));
if ($post) {
if (!$this->getUser()->isAdmin($this->getApp())) {
// author of post
if ($post['contact_id'] == $this->getUser()->getId()) {
blogHelper::checkRights($post['blog_id'], $this->getUser()->getId(), blogRightConfig::RIGHT_READ_WRITE);
} else {
blogHelper::checkRights($post['blog_id'], $this->getUser()->getId(), blogRightConfig::RIGHT_FULL);
}
}
$post_model->deleteById($post['id']);
$this->response['redirect'] = '?blog=' . $post['blog_id'];
} else {
$this->response['redirect'] = '?';
}
}
