/**
* Method override to check if you can edit an existing record.
* @todo: check if the user is allowed to edit/save
*
* @param array $data An array of input data.
* @param string $key The name of the key for the primary key.
*
* @return boolean
*/
protected function allowEdit($data = array(), $key = 'id')
{
// Initialise variables.
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
$user = JFactory::getUser();
$userId = $user->get('id');
$asset = 'com_jem.event.' . $recordId;
// Check general edit permission first.
if ($user->authorise('core.edit', $asset)) {
return true;
}
// Fallback on edit.own.
// First test if the permission is available.
if ($user->authorise('core.edit.own', $asset)) {
// Now test the owner is the user.
$ownerId = (int) isset($data['created_by']) ? $data['created_by'] : 0;
if (empty($ownerId) && $recordId) {
// Need to do a lookup from the model.
$record = $this->getModel()->getItem($recordId);
if (empty($record)) {
return false;
}
$ownerId = $record->created_by;
}
// If the owner matches 'me' then do the test.
if ($ownerId == $userId) {
return true;
}
}
$record = $this->getModel()->getItem($recordId);
$jemsettings = JEMHelper::config();
$editaccess = JEMUser::editaccess($jemsettings->eventowner, $record->created_by, $jemsettings->eventeditrec, $jemsettings->eventedit);
$maintainer = JEMUser::ismaintainer('edit', $record->id);
if ($maintainer || $editaccess) {
return true;
}
// Since there is no asset tracking, revert to the component permissions.
return parent::allowEdit($data, $key);
}
/**
* Store
*/
public function store($updateNulls = true)
{
$date = JFactory::getDate();
$user = JFactory::getUser();
$jinput = JFactory::getApplication()->input;
$app = JFactory::getApplication();
$jemsettings = JEMHelper::config();
$settings = JemHelper::globalattribs();
$valguest = JEMUser::validate_guest();
$guest_fldstatus = $settings->get('guest_fldstatus', '0');
// Check if we're in the front or back
if ($app->isAdmin()) {
$backend = true;
} else {
$backend = false;
}
if ($this->id) {
// Existing event
$this->modified = $date->toSql();
$this->modified_by = $user->get('id');
} else {
// New event
if (!intval($this->created)) {
$this->created = $date->toSql();
}
if (empty($this->created_by)) {
$this->created_by = $user->get('id');
}
}
// Check if image was selected
jimport('joomla.filesystem.file');
$image_dir = JPATH_SITE . '/images/jem/events/';
$allowable = array('gif', 'jpg', 'png');
$image_to_delete = false;
// get image (frontend) - allow "removal on save" (Hoffi, 2014-06-07)
if (!$backend) {
if ($jemsettings->imageenabled == 2 || $jemsettings->imageenabled == 1) {
$file = JFactory::getApplication()->input->files->get('userfile', '', 'array');
$removeimage = JFactory::getApplication()->input->get('removeimage', '', 'int');
if (!empty($file['name'])) {
//check the image
$check = JEMImage::check($file, $jemsettings);
if ($check !== false) {
//sanitize the image filename
$filename = JemHelper::sanitize($image_dir, $file['name']);
$filepath = $image_dir . $filename;
if (JFile::upload($file['tmp_name'], $filepath)) {
$image_to_delete = $this->datimage;
// delete previous image
$this->datimage = $filename;
}
}
} elseif (!empty($removeimage)) {
// if removeimage is non-zero remove image from event
// (file will be deleted later (e.g. housekeeping) if unused)
$image_to_delete = $this->datimage;
$this->datimage = '';
}
}
// end image if
}
// if (!backend)
$format = JFile::getExt($image_dir . $this->datimage);
if (!in_array($format, $allowable)) {
$this->datimage = '';
}
if (!$backend) {
/* check if the user has the required rank for autopublish */
$maintainer = JEMUser::ismaintainer('publish');
$autopubev = JEMUser::validate_user($jemsettings->evpubrec, $jemsettings->autopubl);
if (!($autopubev || $maintainer || $user->authorise('core.edit', 'com_jem'))) {
if ($valguest) {
$this->published = $guest_fldstatus;
} else {
$this->published = 0;
}
}
}
################
## RECURRENCE ##
################
# check if recurrence_groupcheck is true
$rec_groupcheck = $jinput->getInt('recurrence_check');
if ($rec_groupcheck) {
# the check returned true, so it's considered as an edit
# Retrieve id of current event from recurrence_table
# as the check was true we can skip the groupid=groupid_ref from the where statement
# but to be sure it's added here too
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('id');
$query->from($db->quoteName('#__jem_recurrence'));
$query->where(array('groupid = groupid_ref ', 'itemid= ' . $this->id));
$db->setQuery($query);
$recurrenceid = $db->loadResult();
if ($recurrenceid) {
# Retrieve recurrence-table
$recurrence_table = JTable::getInstance('Recurrence', 'JEMTable');
# Load row-data
$recurrence_table->load($recurrenceid);
# We want to skip this event from Ical output
/* $recurrence_table->exdate = $this->dates.'T'.$this->times; */
# it's a delete of the set so groupid_ref will be blanked
/* $recurrence_table->groupid_ref = ""; */
# it's an edit and not a delete so groupid_ref won't be adjusted
# but we will set the recurrence_id field, as this event has been adjusted and contains
# info that's not inline with original recurrence-info
$var2 = $recurrence_table->startdate_org;
$var3 = new JDate($var2);
$var4 = $var3->format('Ymd\\THis\\Z');
$recurrence_table->recurrence_id = $var4;
# Store fields
$recurrence_table->store();
}
}
# check if the field recurrence_group is filled and if the recurrence_type has been set
# if the type has been set then it's part of recurrence and we should have a recurrence_group number
if (empty($this->recurrence_group) && $this->recurrence_freq) {
$this->recurrence_group = mt_rand(0, 9999);
}
## END RECURRENCE ##
return parent::store($updateNulls);
}
