/**
* delete level group.
*
* @param integer $level_group_id
* @return boolean
*/
public static function deleteLevel($level_group_id = '')
{
if (in_array($level_group_id, static::forge()->disallowed_edit_delete)) {
return false;
}
// delete related tables.
\DB::delete(\Model_AccountLevel::getTableName())->where('level_group_id', $level_group_id)->execute();
\DB::delete(\Model_AccountLevelPermission::getTableName())->where('level_group_id', $level_group_id)->execute();
// delete level group
\DB::delete(static::$_table_name)->where('level_group_id', $level_group_id)->execute();
// @todo [fuelstart][levelgroup][plug] after deleted level group plug.
$plugin = new \Library\Plugins();
if ($plugin->hasAction('LevelGroupAfterDeleted') !== false) {
$plugin->doAction('LevelGroupAfterDeleted', $level_group_id);
}
unset($plugin);
return true;
}
public function action_multiple()
{
$ids = \Input::post('id');
$act = trim(\Input::post('act'));
$redirect = $this->getAndSetSubmitRedirection();
if (\Extension\NoCsrf::check()) {
// if action is delete.
if ($act == 'del') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_delete_perm') == false) {
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
// get target level group id
$lvls = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $id)->execute();
// not found
if (count($lvls) <= 0) {
continue;
} else {
// format level group for check can i add, edit
$level_group = array();
foreach ($lvls as $lvl) {
$level_group[] = $lvl->level_group_id;
}
}
if (\Model_Accounts::forge()->canIAddEditAccount($level_group) == true) {
// delete account.
\Model_Accounts::deleteAccount($id);
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $id);
}
}
}
} elseif ($act == 'enable') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_delete_perm') == false) {
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
if ($id == '0') {
continue;
}
// get target level group id
$lvls = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $id)->execute();
// not found
if (count($lvls) <= 0) {
continue;
} else {
// format level group for check can i add, edit
$level_group = array();
foreach ($lvls as $lvl) {
$level_group[] = $lvl->level_group_id;
}
}
if (\Model_Accounts::forge()->canIAddEditAccount($level_group) == true) {
\DB::update(\Model_Accounts::getTableName())->where('account_id', $id)->set(['account_status' => '1', 'account_status_text' => null])->execute();
unset($entry);
}
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $id);
}
}
} elseif ($act == 'disable') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_delete_perm') == false) {
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
if ($id == '0') {
continue;
}
// get target level group id
$lvls = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $id)->execute();
// not found
if (count($lvls) <= 0) {
continue;
} else {
// format level group for check can i add, edit
$level_group = array();
foreach ($lvls as $lvl) {
$level_group[] = $lvl->level_group_id;
}
}
if (\Model_Accounts::forge()->canIAddEditAccount($level_group) == true) {
\DB::update(\Model_Accounts::getTableName())->where('account_id', $id)->set(['account_status' => '0', 'account_status_text' => null])->execute();
}
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $id);
}
}
}
}
// go back
\Response::redirect($redirect);
}
/**
* check level permission
* check permission based on user's level group id and page name and action.
*
* @param string $page_name
* @param string $action
* @param integer $account_id
* @return boolean
*/
private static function checkLevelPermission($page_name = '', $action = '', $account_id = '')
{
// check for required attribute
if (!is_numeric($account_id) || $page_name == null || $action == null) {
return false;
}
if ($account_id == '1') {
return true;
}
// permanent owner's account
$site_id = \Model_Sites::getSiteId(false);
$cache_name = 'model.accountLevelPermission-checkLevelPermission-' . $site_id . '-' . \Extension\Security::formatString($page_name, 'alphanum_dash_underscore') . '-' . \Extension\Security::formatString($action, 'alphanum_dash_underscore') . '-' . $account_id;
$cached = \Extension\Cache::getSilence($cache_name);
if (false === $cached) {
// get current user levels from db.
$result = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $account_id)->execute();
if (count($result) > 0) {
// loop each level of this user.
foreach ($result as $row) {
if ($row->level_group_id == '1') {
// this user is in super admin group.
unset($result, $row);
\Cache::set($cache_name, true, 2592000);
return true;
}
// check this level group in permission db.
$result2 = \DB::select()->from(static::$_table_name)->where('level_group_id', $row->level_group_id)->where('permission_page', $page_name)->where('permission_action', $action)->execute();
if (count($result2) > 0) {
// found.
unset($result, $result2, $row);
\Cache::set($cache_name, true, 2592000);
return true;
}
unset($result2);
}
// endforeach;
// not found in permission db. did not given any permission.
unset($result, $row);
\Cache::set($cache_name, 'false', 2592000);
return false;
}
// not found this user role?
unset($result);
\Cache::set($cache_name, 'false', 2592000);
return false;
}
if ('false' === $cached) {
return false;
} else {
return $cached;
}
}