/** * DataSet Security Add * @return <XiboAPIResponse> */ public function DataSetSecurityAdd() { // Auth if (!$this->user->PageAuth('dataset')) { return $this->Error(1, 'Access Denied'); } $dataSetId = $this->GetParam('dataSetId', _INT); $auth = $this->user->DataSetAuth($dataSetId, true); if (!$auth->modifyPermissions) { return $this->Error(1, 'Access Denied'); } $groupId = $this->GetParam('groupId', _INT); $view = $this->GetParam('view', _INT); $edit = $this->GetParam('edit', _INT); $del = $this->GetParam('delete', _INT); Kit::ClassLoader('datasetgroupsecurity'); $security = new DataSetGroupSecurity(); if (!($results = $security->Link($dataSetId, $groupId, $view, $edit, $del))) { return $this->Error($security->GetErrorNumber(), $security->GetErrorMessage()); } return $this->Respond($this->ReturnId('success', true)); }
public function Permissions() { // Check the token if (!Kit::CheckToken()) { trigger_error('Token does not match', E_USER_ERROR); } $db =& $this->db; $user =& $this->user; $response = new ResponseManager(); Kit::ClassLoader('datasetgroupsecurity'); $dataSetId = Kit::GetParam('datasetid', _POST, _INT); $groupIds = Kit::GetParam('groupids', _POST, _ARRAY); $auth = $this->user->DataSetAuth($dataSetId, true); if (!$auth->modifyPermissions) { trigger_error(__('You do not have permissions to edit this dataset'), E_USER_ERROR); } // Unlink all $security = new DataSetGroupSecurity($db); if (!$security->UnlinkAll($dataSetId)) { trigger_error(__('Unable to set permissions')); } // Some assignments for the loop $lastGroupId = 0; $first = true; $view = 0; $edit = 0; $del = 0; // List of groupIds with view, edit and del assignments foreach ($groupIds as $groupPermission) { $groupPermission = explode('_', $groupPermission); $groupId = $groupPermission[0]; if ($first) { // First time through $first = false; $lastGroupId = $groupId; } if ($groupId != $lastGroupId) { // The groupId has changed, so we need to write the current settings to the db. // Link new permissions if (!$security->Link($dataSetId, $lastGroupId, $view, $edit, $del)) { trigger_error(__('Unable to set permissions'), E_USER_ERROR); } // Reset $lastGroupId = $groupId; $view = 0; $edit = 0; $del = 0; } switch ($groupPermission[1]) { case 'view': $view = 1; break; case 'edit': $edit = 1; break; case 'del': $del = 1; break; } } // Need to do the last one if (!$first) { if (!$security->Link($dataSetId, $lastGroupId, $view, $edit, $del)) { trigger_error(__('Unable to set permissions'), E_USER_ERROR); } } $response->SetFormSubmitResponse(__('Permissions Changed')); $response->Respond(); }