public function execute()
 {
     $data = waRequest::post('data', null);
     if (!$data) {
         return;
     }
     foreach ($data as $name => $value) {
         if (in_array($name, $this->allowed_fields) === false) {
             throw new waException("Can't update post: editing of this field is denied");
         }
         if ($name == 'status') {
             if (in_array($value, array(blogPostModel::STATUS_DRAFT, blogPostModel::STATUS_DEADLINE, blogPostModel::STATUS_SCHEDULED, blogPostModel::STATUS_PUBLISHED)) === false) {
                 throw new waException("Can't change status: unknown value");
             }
         }
     }
     $post_id = waRequest::post('post_id', null, waRequest::TYPE_INT);
     $post_model = new blogPostModel();
     $post = null;
     if ($post_id) {
         $post = $post_model->getFieldsById($post_id, array('id', 'blog_id', 'contact_id', 'datetime'));
     }
     if (!$post) {
         throw new waException("Unknown post");
     }
     $contact = wa()->getUser();
     $contact_id = $contact->getId();
     $allow = blogHelper::checkRights($post['blog_id'], $contact_id, $contact_id != $post['contact_id'] ? blogRightConfig::RIGHT_FULL : blogRightConfig::RIGHT_READ_WRITE);
     if (!$allow) {
         throw new waException("Access denied");
     }
     if (!$post_model->updateById($post_id, $data)) {
         throw new waException("Error when updating data");
     }
     $post = array_merge($post, $data);
     if ($post['status'] == blogPostModel::STATUS_DEADLINE) {
         $user = wa()->getUser();
         $timezone = $user->getTimezone();
         $current_datetime = waDateTime::date("Y-m-d", null, $timezone);
         $datetime = waDateTime::date("Y-m-d", $post['datetime'], $timezone);
         if ($datetime <= $current_datetime) {
             $post['overdue'] = true;
         }
     }
     $this->response['post'] = $post;
 }
 public function execute()
 {
     $this->getResponse()->addHeader('Content-type', 'application/json');
     $post_id = waRequest::post('post_id', null);
     $date = waRequest::post('date');
     if (!is_null($post_id)) {
         $post_model = new blogPostModel();
         $post = $post_model->getFieldsById($post_id, array('status'));
         $status = $post['status'];
         if ($status == blogPostModel::STATUS_DEADLINE || $status == blogPostModel::STATUS_DRAFT) {
             if (strlen($date) == 0) {
                 $this->response['valid'] = true;
                 return;
             }
         }
     }
     $this->response['valid'] = true;
     if (!waDateTime::parse('date', $date, wa()->getUser()->getTimezone())) {
         $this->response['valid'] = false;
     }
 }
 private function delete($post)
 {
     $post_model = new blogPostModel();
     $post = $post_model->getFieldsById($post['id'], array('id', 'blog_id'));
     if ($post) {
         if (!$this->getUser()->isAdmin($this->getApp())) {
             // author of post
             if ($post['contact_id'] == $this->getUser()->getId()) {
                 blogHelper::checkRights($post['blog_id'], $this->getUser()->getId(), blogRightConfig::RIGHT_READ_WRITE);
             } else {
                 blogHelper::checkRights($post['blog_id'], $this->getUser()->getId(), blogRightConfig::RIGHT_FULL);
             }
         }
         $post_model->deleteById($post['id']);
         $this->response['redirect'] = '?blog=' . $post['blog_id'];
     } else {
         $this->response['redirect'] = '?';
     }
 }