/** * Add/Modify Permissions */ public function Permissions() { // Check the token if (!Kit::CheckToken()) { trigger_error('Token does not match', E_USER_ERROR); } $db =& $this->db; $user =& $this->user; $response = new ResponseManager(); $displayGroupId = Kit::GetParam('displayGroupId', _POST, _INT); $groupIds = Kit::GetParam('groupids', _POST, _ARRAY); $auth = $this->user->DisplayGroupAuth($displayGroupId, true); if (!$auth->modifyPermissions) { trigger_error(__('You do not have permissions to edit this display group'), E_USER_ERROR); } // Unlink all $security = new DisplayGroupSecurity($db); if (!$security->UnlinkAll($displayGroupId)) { trigger_error(__('Unable to set permissions')); } // Some assignments for the loop $lastGroupId = 0; $first = true; $view = 0; $edit = 0; $del = 0; // List of groupIds with view, edit and del assignments foreach ($groupIds as $groupPermission) { $groupPermission = explode('_', $groupPermission); $groupId = $groupPermission[0]; if ($first) { // First time through $first = false; $lastGroupId = $groupId; } if ($groupId != $lastGroupId) { // The groupId has changed, so we need to write the current settings to the db. // Link new permissions if (!$security->Link($displayGroupId, $lastGroupId, $view, $edit, $del)) { trigger_error(__('Unable to set permissions')); } // Reset $lastGroupId = $groupId; $view = 0; $edit = 0; $del = 0; } switch ($groupPermission[1]) { case 'view': $view = 1; break; case 'edit': $edit = 1; break; case 'del': $del = 1; break; } } // Need to do the last one if (!$first) { if (!$security->Link($displayGroupId, $lastGroupId, $view, $edit, $del)) { trigger_error(__('Unable to set permissions')); } } $response->SetFormSubmitResponse(__('Permissions Changed')); $response->Respond(); }
/** * Deletes an Xibo Display Group * @return * @param $displayGroupID Object */ public function Delete($displayGroupID) { if ($displayGroupID == NULL || $displayGroupID == 0) { return $this->SetError(__('Missing displayGroupId')); } try { $dbh = PDOConnect::init(); // Tidy up the schedule detail records. $schedule = new Schedule($this->db); if (!$schedule->DeleteScheduleForDisplayGroup($displayGroupID)) { throw new Exception('Unable to DeleteScheduleForDisplayGroup'); } // Remove all permissions Kit::ClassLoader('displaygroupsecurity'); $security = new DisplayGroupSecurity($this->db); if (!$security->UnlinkAll($displayGroupID)) { throw new Exception('Unable to Unlink all Display Group Permissions'); } // Delete the Display Group $sth = $dbh->prepare('DELETE FROM displaygroup WHERE DisplayGroupID = :displaygroupid'); $sth->execute(array('displaygroupid' => $displayGroupID)); Debug::LogEntry('audit', 'OUT', 'DisplayGroup', 'Delete'); return true; } catch (Exception $e) { Debug::LogEntry('error', $e->getMessage()); if (!$this->IsError()) { $this->SetError(25015, __('Unable to delete Display Group.')); } return false; } }