public function preSave(PropelPDO $con = null) { // verify that all role ids set are valid if ($this->roleIdsChanged) { // add new roles $idsArray = explode(',', $this->roleIds); foreach ($idsArray as $id) { if (!is_null($id) && $id != '') { // check if user role item exists $userRole = UserRolePeer::retrieveByPK($id); if (!$userRole || !in_array($userRole->getPartnerId(), array($this->getPartnerId(), PartnerPeer::GLOBAL_PARTNER))) { throw new kPermissionException("A user role with ID [{$id}] does not exist", kPermissionException::USER_ROLE_NOT_FOUND); } } } if ($this->getIsAccountOwner()) { $adminRoleId = $this->getPartner()->getAdminSessionRoleId(); if (!in_array($adminRoleId, $idsArray)) { throw new kPermissionException('Account owner must be set with a partner administrator role', kPermissionException::ACCOUNT_OWNER_NEEDS_PARTNER_ADMIN_ROLE); } } } return parent::preSave($con); }