public function postProcess() { global $cookie; /* PrestaShop demo mode */ if (_PS_MODE_DEMO_) { $this->_errors[] = Tools::displayError('This functionnality has been disabled.'); return; } /* PrestaShop demo mode*/ if (Tools::isSubmit('deleteemployee') or Tools::isSubmit('status') or Tools::isSubmit('statusemployee')) { if ($cookie->id_employee == Tools::getValue('id_employee')) { $this->_errors[] = Tools::displayError('You cannot disable or delete your own account.'); return false; } $employee = new Employee(Tools::getValue('id_employee')); if ($employee->isLastAdmin()) { $this->_errors[] = Tools::displayError('You cannot disable or delete the last administrator account.'); return false; } } elseif (Tools::isSubmit('submitAddemployee')) { $employee = new Employee((int) Tools::getValue('id_employee')); if (!(int) $this->tabAccess['edit']) { $_POST['id_profile'] = $_GET['id_profile'] = $employee->id_profile; } if ($employee->isLastAdmin()) { if (Tools::getValue('id_profile') != (int) _PS_ADMIN_PROFILE_) { $this->_errors[] = Tools::displayError('You should have at least one employee in the administrator group.'); return false; } if (Tools::getvalue('active') == 0) { $this->_errors[] = Tools::displayError('You cannot disable or delete the last administrator account.'); return false; } } } return parent::postProcess(); }
public function postProcess() { if (Tools::isSubmit('deleteemployee') || Tools::isSubmit('status') || Tools::isSubmit('statusemployee')) { /* PrestaShop demo mode */ if (_PS_MODE_DEMO_ && ($id_employee = Tools::getValue('id_employee') && (int) $id_employee == _PS_DEMO_MAIN_BO_ACCOUNT_)) { $this->errors[] = Tools::displayError('This functionality has been disabled.'); return; } if ($this->context->employee->id == Tools::getValue('id_employee')) { $this->errors[] = Tools::displayError('You cannot disable or delete your own account.'); return false; } $employee = new Employee(Tools::getValue('id_employee')); if ($employee->isLastAdmin()) { $this->errors[] = Tools::displayError('You cannot disable or delete the last administrator account.'); return false; } // It is not possible to delete an employee if he manages warehouses $warehouses = Warehouse::getWarehousesByEmployee((int) Tools::getValue('id_employee')); if (Tools::isSubmit('deleteemployee') && count($warehouses) > 0) { $this->errors[] = Tools::displayError('You cannot delete this account because it manages warehouses. Check your warehouses first.'); return false; } } elseif (Tools::isSubmit('submitAddemployee')) { $employee = new Employee((int) Tools::getValue('id_employee')); // If the employee is editing its own account if ($this->restrict_edition) { $_POST['id_profile'] = $_GET['id_profile'] = $employee->id_profile; $_POST['active'] = $_GET['active'] = $employee->active; // Unset set shops foreach ($_POST as $postkey => $postvalue) { if (strstr($postkey, 'checkBoxShopAsso_' . $this->table) !== false) { unset($_POST[$postkey]); } } foreach ($_GET as $postkey => $postvalue) { if (strstr($postkey, 'checkBoxShopAsso_' . $this->table) !== false) { unset($_GET[$postkey]); } } // Add current shops associated to the employee $result = Shop::getShopById((int) $employee->id, $this->identifier, $this->table); foreach ($result as $row) { $key = 'checkBoxShopAsso_' . $this->table; if (!isset($_POST[$key])) { $_POST[$key] = array(); } if (!isset($_GET[$key])) { $_GET[$key] = array(); } $_POST[$key][$row['id_shop']] = 1; $_GET[$key][$row['id_shop']] = 1; } } //if profile is super admin, manually fill checkBoxShopAsso_employee because in the form they are disabled. if ($_POST['id_profile'] == _PS_ADMIN_PROFILE_) { $result = Db::getInstance()->executeS('SELECT id_shop FROM ' . _DB_PREFIX_ . 'shop'); foreach ($result as $row) { $key = 'checkBoxShopAsso_' . $this->table; if (!isset($_POST[$key])) { $_POST[$key] = array(); } if (!isset($_GET[$key])) { $_GET[$key] = array(); } $_POST[$key][$row['id_shop']] = 1; $_GET[$key][$row['id_shop']] = 1; } } if ($employee->isLastAdmin()) { if (Tools::getValue('id_profile') != (int) _PS_ADMIN_PROFILE_) { $this->errors[] = Tools::displayError('You should have at least one employee in the administrator group.'); return false; } if (Tools::getvalue('active') == 0) { $this->errors[] = Tools::displayError('You cannot disable or delete the last administrator account.'); return false; } } if (!in_array(Tools::getValue('bo_theme'), $this->themes)) { $this->errors[] = Tools::displayError('Invalid theme.'); return false; } $assos = $this->getSelectedAssoShop($this->table); if (!$assos && ($this->table = 'employee')) { if (Shop::isFeatureActive() && _PS_ADMIN_PROFILE_ != $_POST['id_profile']) { $this->errors[] = Tools::displayError('The employee must be associated with at least one shop'); } } } return parent::postProcess(); }
public function processSave() { $employee = new Employee((int) Tools::getValue('id_employee')); // If the employee is editing its own account if ($this->restrict_edition) { $current_password = trim(Tools::getValue('old_passwd')); if (Tools::getValue('passwd') && (empty($current_password) || !Validate::isPasswdAdmin($current_password) || !$employee->getByEmail($employee->email, $current_password))) { $this->errors[] = Tools::displayError('Your current password is invalid.'); } elseif (Tools::getValue('passwd') && (!Tools::getValue('passwd2') || Tools::getValue('passwd') !== Tools::getValue('passwd2'))) { $this->errors[] = Tools::displayError('The confirmation password does not match.'); } $_POST['id_profile'] = $_GET['id_profile'] = $employee->id_profile; $_POST['active'] = $_GET['active'] = $employee->active; // Unset set shops foreach ($_POST as $postkey => $postvalue) { if (strstr($postkey, 'checkBoxShopAsso_' . $this->table) !== false) { unset($_POST[$postkey]); } } foreach ($_GET as $postkey => $postvalue) { if (strstr($postkey, 'checkBoxShopAsso_' . $this->table) !== false) { unset($_GET[$postkey]); } } // Add current shops associated to the employee $result = Shop::getShopById((int) $employee->id, $this->identifier, $this->table); foreach ($result as $row) { $key = 'checkBoxShopAsso_' . $this->table; if (!isset($_POST[$key])) { $_POST[$key] = array(); } if (!isset($_GET[$key])) { $_GET[$key] = array(); } $_POST[$key][$row['id_shop']] = 1; $_GET[$key][$row['id_shop']] = 1; } } else { $_POST['id_last_order'] = $employee->getLastElementsForNotify('order'); $_POST['id_last_customer_message'] = $employee->getLastElementsForNotify('customer_message'); $_POST['id_last_customer'] = $employee->getLastElementsForNotify('customer'); } //if profile is super admin, manually fill checkBoxShopAsso_employee because in the form they are disabled. if ($_POST['id_profile'] == _PS_ADMIN_PROFILE_) { $result = Db::getInstance()->executeS('SELECT id_shop FROM ' . _DB_PREFIX_ . 'shop'); foreach ($result as $row) { $key = 'checkBoxShopAsso_' . $this->table; if (!isset($_POST[$key])) { $_POST[$key] = array(); } if (!isset($_GET[$key])) { $_GET[$key] = array(); } $_POST[$key][$row['id_shop']] = 1; $_GET[$key][$row['id_shop']] = 1; } } if ($employee->isLastAdmin()) { if (Tools::getValue('id_profile') != (int) _PS_ADMIN_PROFILE_) { $this->errors[] = Tools::displayError('You should have at least one employee in the administrator group.'); return false; } if (Tools::getvalue('active') == 0) { $this->errors[] = Tools::displayError('You cannot disable or delete the administrator account.'); return false; } } if (Tools::getValue('bo_theme_css')) { $bo_theme = explode('|', Tools::getValue('bo_theme_css')); $_POST['bo_theme'] = $bo_theme[0]; if (!in_array($bo_theme[0], scandir(_PS_ADMIN_DIR_ . DIRECTORY_SEPARATOR . 'themes'))) { $this->errors[] = Tools::displayError('Invalid theme'); return false; } if (isset($bo_theme[1])) { $_POST['bo_css'] = $bo_theme[1]; } } $assos = $this->getSelectedAssoShop($this->table); if (!$assos && ($this->table = 'employee')) { if (Shop::isFeatureActive() && _PS_ADMIN_PROFILE_ != $_POST['id_profile']) { $this->errors[] = Tools::displayError('The employee must be associated with at least one shop.'); } } if (count($this->errors)) { return false; } return parent::processSave(); }
public function postProcess() { global $cookie; if (Tools::isSubmit('deleteemployee') or Tools::isSubmit('status')) { if ($cookie->id_employee == Tools::getValue('id_employee')) { $this->_errors[] = Tools::displayError('You can\'t disable or delete your own account.'); return false; } $employee = new Employee(Tools::getValue('id_employee')); if ($employee->isLastAdmin()) { $this->_errors[] = Tools::displayError('You can\'t disable or delete the last administrator account.'); return false; } } elseif (Tools::isSubmit('submitAddemployee')) { if ($cookie->id_employee == Tools::getValue('id_employee') && Tools::getvalue('active') == 0) { $this->_errors[] = Tools::displayError('You can\'t disable your own account.'); return false; } $employee = new Employee(Tools::getValue('id_employee')); if ($employee->isLastAdmin()) { if (Tools::getValue('id_profile') != intval(_PS_ADMIN_PROFILE_)) { $this->_errors[] = Tools::displayError('You should have at least one employee in the administrator group.'); return false; } if (Tools::getvalue('active') == 0) { $this->_errors[] = Tools::displayError('You can\'t disable or delete the last administrator account.'); return false; } } } return parent::postProcess(); }