<?php
include_once "../includes/webservice.inc.php";
$webService = new Webservices_Writer();
$webService->init();
$groupsObj = new Groups();
$data = isset($_POST['data']) ? $_POST['data'] : '';
$resultgroups = $groupsObj->getUserGroups($data);
if ($resultgroups) {
$webService->createXMLInstance();
$webService->appendArrayToRootNode('', $resultgroups);
$webService->displayXML();
} else {
$xmls = $webService->errorXML(join(",", $messageObj->errorMessages));
$webService->outputXML($xmls);
}
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "Powered by
* X2Engine" logo. If the display of the logo is not reasonably feasible for
* technical reasons, the Appropriate Legal Notices must display the words
* "Powered by X2Engine".
*****************************************************************************************/
Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/activityFeed.js', CClientScript::POS_END);
Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/EnlargeableImage.js', CClientScript::POS_END);
Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/jquery-expander/jquery.expander.js', CClientScript::POS_END);
// used for rich editing in new post text field
Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/ckeditor/ckeditor.js');
Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/ckeditor/adapters/jquery.js');
Yii::app()->clientScript->registerScriptFile(Yii::app()->request->baseUrl . '/js/emailEditor.js');
Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/multiselect/js/ui.multiselect.js');
Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/lib/moment-with-locales.min.js');
$groups = Groups::getUserGroups(Yii::app()->user->getId());
$tempUserList = array();
foreach ($groups as $groupId) {
$userLinks = GroupToUser::model()->findAllByAttributes(array('groupId' => $groupId));
foreach ($userLinks as $link) {
$user = User::model()->findByPk($link->userId);
if (isset($user)) {
$tempUserList[] = $user->username;
}
}
}
$userList = array_keys(User::getNames());
$tempUserList = array_diff($userList, $tempUserList);
$usersGroups = implode(",", $tempUserList);
Yii::app()->clientScript->registerScript('setUpActivityFeedManager', "\n\nx2.activityFeed = new x2.ActivityFeed ({\n translations: " . CJSON::encode(array('Unselect All' => Yii::t('app', 'Unselect All'), 'Select All' => Yii::t('app', 'Select All'), 'Uncheck All' => Yii::t('app', 'Uncheck All'), 'Check All' => Yii::t('app', 'Check All'), 'Enter text here...' => Yii::t('app', 'Enter text here...'), 'Broadcast Event' => Yii::t('app', 'Broadcast Event'), 'Make Important' => Yii::t('app', 'Make Important'), 'Broadcast' => Yii::t('app', 'Broadcast'), 'broadcast error message 1' => Yii::t('app', 'Select at least one user to broadcast to'), 'broadcast error message 2' => Yii::t('app', 'Select at least one broadcast method'), 'Okay' => Yii::t('app', 'Okay'), 'Nevermind' => Yii::t('app', 'Cancel'), 'Create' => Yii::t('app', 'Create'), 'Cancel' => Yii::t('app', 'Cancel'), 'Read more' => Yii::t('app', 'Read') . ' ' . Yii::t('app', 'More'), 'Read less' => Yii::t('app', 'Read') . ' ' . Yii::t('app', 'Less'))) . ",\n usersGroups: '" . $usersGroups . "',\n minimizeFeed: " . (Yii::app()->params->profile->minimizeFeed == 1 ? 'true' : 'false') . ",\n commentFlag: false,\n lastEventId: " . (!empty($lastEventId) ? $lastEventId : 0) . ",\n lastTimestamp: " . (!empty($lastTimestamp) ? $lastTimestamp : 0) . ",\n profileId: " . $profileId . ",\n myProfileId: " . Yii::app()->params->profile->id . ",\n deletePostUrl: '" . $this->createUrl('/profile/deletePost') . "'\n});\n\n", CClientScript::POS_END);
?>
/**
* Adds parameters that are used to determine user access
* @param type $userId
*/
private function setUserAccessParameters($userId)
{
$this->owner->params->groups = Groups::getUserGroups($userId);
$this->owner->params->roles = Roles::getUserRoles($userId);
$this->owner->params->isAdmin = $userId !== null ? $this->owner->authManager->checkAccess('AdminIndex', $userId) : false;
}
/**
* Checks credentials for API access
*
* @param CFilterChain $filterChain
*/
public function filterAuthenticate($filterChain)
{
$haveCred = false;
$this->log("Checking user record.");
if (Yii::app()->request->requestType == 'POST') {
$haveCred = isset($_POST['userKey']) && isset($_POST['user']);
$params = $_POST;
} else {
$haveCred = isset($_GET['userKey']) && isset($_GET['user']);
$params = $_GET;
}
if ($haveCred) {
$this->user = User::model()->findByAttributes(array('username' => $params['user'], 'userKey' => $params['userKey']));
if ((bool) $this->user) {
Yii::app()->suModel = $this->user;
if (!empty($this->user->userKey)) {
Yii::app()->params->groups = Groups::getUserGroups($this->user->id);
Yii::app()->params->roles = Roles::getUserRoles($this->user->id);
// Determine if the API user is admin (so that Yii::app()->params->isAdmin gets set properly):
$roles = RoleToUser::model()->findAllByAttributes(array('userId' => $this->user->id));
$access = false;
$auth = Yii::app()->authManager;
foreach ($roles as $role) {
$access = $access || $auth->checkAccess('AdminIndex', $role->roleId);
}
if ($access) {
Yii::app()->params->isAdmin = true;
}
$filterChain->run();
} else {
$this->_sendResponse(403, "User \"{$this->user->username}\" cannot use API; userKey not set.");
}
} else {
$this->log("Authentication failed; invalid user credentials; IP = {$_SERVER['REMOTE_ADDR']}; get or post params = " . CJSON::encode($params) . '');
$this->_sendResponse(401, "Invalid user credentials.");
}
} else {
$this->log('No user credentials provided; IP = ' . $_SERVER['REMOTE_ADDR']);
$this->_sendResponse(401, "No user credentials provided.");
}
}
/**
* Returns regex for performing SQL assignedTo field comparisons.
* @return string This can be inserted (with parameter binding) into SQL queries to
* determine if an action is assigned to a given group.
*/
public static function getGroupIdRegex($username = null)
{
if ($username !== null) {
$user = User::model()->findByAttributes(array('username' => $username));
if (!$user) {
throw new CException('invalid username: '******'';
$i = 0;
foreach ($groupIds as $id) {
if ($i++ > 0) {
$groupIdRegex .= '|';
}
$groupIdRegex .= '((^|, )' . $id . '($|,))';
}
return $groupIdRegex;
}
<ul class="nav nav-sidebar">
<li><a href="/Views/Business/manager.php">Buisness</a></li>
</ul>
</div>
<div class="col-sm-9 col-sm-offset-3 col-md-10 col-md-offset-2 main">
<div class="row">
<div class="col-md-8"> <h1>My Groups</h1></div>
<div class="col-md-4"><a class="btn btn-info btn-raised" style="float: right;" data-toggle="modal" data-dismiss="modal" data-target="#CreateG">Create Group</a></div>
</div>
<div class="row placeholders panel panel-primary" style="padding:20px;">
<!-- <div class="panel-heading" style="margin-bottom:20px; text-align: left; font-size: 20px;">Your Groups</div> -->
<?php
$myGroups = $groups->getUserGroups();
$hasGs = false;
echo "<script>console.log('results_row: " . json_encode($myGroups) . "');</script>";
if ($myGroups->num_rows >= 1) {
$hasGs = true;
}
if ($hasGs) {
while ($row = $myGroups->fetch_object()) {
echo '<div class="col-xs-6 col-sm-3 placeholder" style="margin-bottom:0px;">';
echo '<button onclick="location.href = ' . "'" . "/Views/Groups/open.php?group=" . $row->id_group . "'" . ';" class="btn btn-flat btn-primary" style="padding: 3px;border-radius: 50%;" data-toggle="tooltip" data-placement="bottom" title="" data-original-title="Profile">';
echo '<img src="/images/stock/members.png" width="100" height="100" class="img-responsive" alt="Generic placeholder thumbnail">';
echo '</button>';
echo '<h4>' . $row->name . '</h4>';
echo '<span class="text-muted">' . $row->description . '</span>';
echo '</div>';
}
$tree->name = 'Users';
$tree->nodeType = "base";
$tree->width = "350px";
$tree->value = '
<div class="boxTopBlue"><div class="a"></div><div class="b"></div><div class="c"></div></div>
<div class="boxContentBlue">
<table width="100%" style="margin:0px;" cellspacing="0" cellpadding="0">
<tr>
<td class="userGroupTitle">' . G::loadTranslation("ID_USER_GROUPS") . ' ' . $aRow['USR_FIRSTNAME'] . ' ' . $aRow['USR_LASTNAME'] . '</td>
</tr>
</table>
</div>
<div class="boxBottomBlue"><div class="a"></div><div class="b"></div><div class="c"></div></div>
<div class="userGroupLink"><a href="#" onclick="showUserGroupInterface(\'' . $_GET['sUserUID'] . '\');return false;">' . G::LoadTranslation('ID_ASSIGN_GROUP') . '</a></div>';
$tree->showSign = false;
$allGroups = $groups->getUserGroups($_GET['sUserUID']);
foreach ($allGroups as $group) {
$ID_DELETE = G::LoadTranslation('ID_DELETE');
$groupUID = htmlentities($group->getGrpUid());
$userUID = $_GET['sUserUID'];
$GROUP_TITLE = strip_tags($group->getGrpTitle());
$html = <<<innerHTML
\t <table cellspacing='0' cellpadding='0' border='1' style='border:0px;'>
\t <tr>
\t <td width='250px' class='treeNode' style='border:0px;background-color:transparent;'>{$GROUP_TITLE}</td>\t
\t <td class='treeNode' style='border:0px;background-color:transparent;'>[<a href="#" onclick="deleteGroup('{$groupUID}','{$userUID}');return false;">{$ID_DELETE}</a>]</td>
\t </tr>
\t </table>
innerHTML;
$ch =& $tree->addChild($group->getGrpUid(), $html, array('nodeType' => 'child'));
$ch->point = '<img src="/images/users.png" />';
