public function runSetPermission(TBGRequest $request)
{
$i18n = TBGContext::getI18n();
if ($this->access_level == TBGSettings::ACCESS_FULL) {
$uid = 0;
$gid = 0;
$tid = 0;
switch ($request->getParameter('target_type')) {
case 'user':
$uid = $request->getParameter('item_id');
break;
case 'group':
$gid = $request->getParameter('item_id');
break;
case 'team':
$tid = $request->getParameter('item_id');
break;
}
switch ($request->getParameter('mode')) {
case 'allowed':
TBGContext::setPermission($request->getParameter('key'), $request->getParameter('target_id'), $request->getParameter('target_module'), $uid, $gid, $tid, true);
break;
case 'denied':
TBGContext::setPermission($request->getParameter('key'), $request->getParameter('target_id'), $request->getParameter('target_module'), $uid, $gid, $tid, false);
break;
case 'unset':
TBGContext::removePermission($request->getParameter('key'), $request->getParameter('target_id'), $request->getParameter('target_module'), $uid, $gid, $tid);
break;
}
return $this->renderJSON(array('failed' => false, 'content' => $this->getComponentHTML('configuration/permissionsinfoitem', array('key' => $request->getParameter('key'), 'target_id' => $request->getParameter('target_id'), 'type' => $request->getParameter('target_type'), 'mode' => $request->getParameter('template_mode'), 'item_id' => $request->getParameter('item_id'), 'module' => $request->getParameter('target_module'), 'access_level' => $this->access_level))));
}
return $this->renderJSON(array('failed' => true, "error" => $i18n->__("You don't have access to modify permissions")));
}
/**
* Unlock the issue
*
* @param TBGRequest $request
*/
public function runLockIssue(TBGRequest $request)
{
if ($issue_id = $request['issue_id']) {
try {
$issue = TBGContext::factory()->TBGIssue($issue_id);
if (!$issue->canEditIssueDetails()) {
$this->forward403($this->getI18n()->__("You don't have access to update the issue access policy"));
return;
}
$issue->setLocked();
$issue->save();
TBGContext::setPermission('canviewissue', $issue->getID(), 'core', 0, 0, 0, false);
TBGContext::setPermission('canviewissue', $issue->getID(), 'core', $this->getUser()->getID(), 0, 0, true);
$al_users = $request->getParameter('access_list_users', array());
$al_teams = $request->getParameter('access_list_teams', array());
$i_al = $issue->getAccessList();
foreach ($i_al as $k => $item) {
if ($item['target'] instanceof TBGTeam) {
$tid = $item['target']->getID();
if (array_key_exists($tid, $al_teams)) {
unset($i_al[$k]);
} else {
TBGContext::removePermission('canviewissue', $issue->getID(), 'core', 0, 0, $tid);
}
} elseif ($item['target'] instanceof TBGUser) {
$uid = $item['target']->getID();
if (array_key_exists($uid, $al_users)) {
unset($i_al[$k]);
} elseif ($uid != $this->getUser()->getID()) {
TBGContext::removePermission('canviewissue', $issue->getID(), 'core', $uid, 0, 0);
}
}
}
foreach ($al_users as $uid) {
TBGContext::setPermission('canviewissue', $issue->getID(), 'core', $uid, 0, 0, true);
}
foreach ($al_teams as $tid) {
TBGContext::setPermission('canviewissue', $issue->getID(), 'core', 0, 0, $tid, true);
}
} catch (Exception $e) {
$this->getResponse()->setHttpStatus(400);
return $this->renderJSON(array('message' => TBGContext::getI18n()->__('This issue does not exist')));
}
} else {
$this->getResponse()->setHttpStatus(400);
return $this->renderJSON(array('message' => TBGContext::getI18n()->__('This issue does not exist')));
}
return $this->renderJSON(array('message' => $this->getI18n()->__('Issue access policy updated')));
}
