<?php include_once "../includes/webservice.inc.php"; $webService = new Webservices_Writer(); $webService->init(); $groupsObj = new Groups(); $data = isset($_POST['data']) ? $_POST['data'] : ''; $resultgroups = $groupsObj->getUserGroups($data); if ($resultgroups) { $webService->createXMLInstance(); $webService->appendArrayToRootNode('', $resultgroups); $webService->displayXML(); } else { $xmls = $webService->errorXML(join(",", $messageObj->errorMessages)); $webService->outputXML($xmls); }
* In accordance with Section 7(b) of the GNU Affero General Public License version 3, * these Appropriate Legal Notices must retain the display of the "Powered by * X2Engine" logo. If the display of the logo is not reasonably feasible for * technical reasons, the Appropriate Legal Notices must display the words * "Powered by X2Engine". *****************************************************************************************/ Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/activityFeed.js', CClientScript::POS_END); Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/EnlargeableImage.js', CClientScript::POS_END); Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/jquery-expander/jquery.expander.js', CClientScript::POS_END); // used for rich editing in new post text field Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/ckeditor/ckeditor.js'); Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/ckeditor/adapters/jquery.js'); Yii::app()->clientScript->registerScriptFile(Yii::app()->request->baseUrl . '/js/emailEditor.js'); Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/multiselect/js/ui.multiselect.js'); Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/lib/moment-with-locales.min.js'); $groups = Groups::getUserGroups(Yii::app()->user->getId()); $tempUserList = array(); foreach ($groups as $groupId) { $userLinks = GroupToUser::model()->findAllByAttributes(array('groupId' => $groupId)); foreach ($userLinks as $link) { $user = User::model()->findByPk($link->userId); if (isset($user)) { $tempUserList[] = $user->username; } } } $userList = array_keys(User::getNames()); $tempUserList = array_diff($userList, $tempUserList); $usersGroups = implode(",", $tempUserList); Yii::app()->clientScript->registerScript('setUpActivityFeedManager', "\n\nx2.activityFeed = new x2.ActivityFeed ({\n translations: " . CJSON::encode(array('Unselect All' => Yii::t('app', 'Unselect All'), 'Select All' => Yii::t('app', 'Select All'), 'Uncheck All' => Yii::t('app', 'Uncheck All'), 'Check All' => Yii::t('app', 'Check All'), 'Enter text here...' => Yii::t('app', 'Enter text here...'), 'Broadcast Event' => Yii::t('app', 'Broadcast Event'), 'Make Important' => Yii::t('app', 'Make Important'), 'Broadcast' => Yii::t('app', 'Broadcast'), 'broadcast error message 1' => Yii::t('app', 'Select at least one user to broadcast to'), 'broadcast error message 2' => Yii::t('app', 'Select at least one broadcast method'), 'Okay' => Yii::t('app', 'Okay'), 'Nevermind' => Yii::t('app', 'Cancel'), 'Create' => Yii::t('app', 'Create'), 'Cancel' => Yii::t('app', 'Cancel'), 'Read more' => Yii::t('app', 'Read') . ' ' . Yii::t('app', 'More'), 'Read less' => Yii::t('app', 'Read') . ' ' . Yii::t('app', 'Less'))) . ",\n usersGroups: '" . $usersGroups . "',\n minimizeFeed: " . (Yii::app()->params->profile->minimizeFeed == 1 ? 'true' : 'false') . ",\n commentFlag: false,\n lastEventId: " . (!empty($lastEventId) ? $lastEventId : 0) . ",\n lastTimestamp: " . (!empty($lastTimestamp) ? $lastTimestamp : 0) . ",\n profileId: " . $profileId . ",\n myProfileId: " . Yii::app()->params->profile->id . ",\n deletePostUrl: '" . $this->createUrl('/profile/deletePost') . "'\n});\n\n", CClientScript::POS_END); ?>
/** * Adds parameters that are used to determine user access * @param type $userId */ private function setUserAccessParameters($userId) { $this->owner->params->groups = Groups::getUserGroups($userId); $this->owner->params->roles = Roles::getUserRoles($userId); $this->owner->params->isAdmin = $userId !== null ? $this->owner->authManager->checkAccess('AdminIndex', $userId) : false; }
/** * Checks credentials for API access * * @param CFilterChain $filterChain */ public function filterAuthenticate($filterChain) { $haveCred = false; $this->log("Checking user record."); if (Yii::app()->request->requestType == 'POST') { $haveCred = isset($_POST['userKey']) && isset($_POST['user']); $params = $_POST; } else { $haveCred = isset($_GET['userKey']) && isset($_GET['user']); $params = $_GET; } if ($haveCred) { $this->user = User::model()->findByAttributes(array('username' => $params['user'], 'userKey' => $params['userKey'])); if ((bool) $this->user) { Yii::app()->suModel = $this->user; if (!empty($this->user->userKey)) { Yii::app()->params->groups = Groups::getUserGroups($this->user->id); Yii::app()->params->roles = Roles::getUserRoles($this->user->id); // Determine if the API user is admin (so that Yii::app()->params->isAdmin gets set properly): $roles = RoleToUser::model()->findAllByAttributes(array('userId' => $this->user->id)); $access = false; $auth = Yii::app()->authManager; foreach ($roles as $role) { $access = $access || $auth->checkAccess('AdminIndex', $role->roleId); } if ($access) { Yii::app()->params->isAdmin = true; } $filterChain->run(); } else { $this->_sendResponse(403, "User \"{$this->user->username}\" cannot use API; userKey not set."); } } else { $this->log("Authentication failed; invalid user credentials; IP = {$_SERVER['REMOTE_ADDR']}; get or post params = " . CJSON::encode($params) . ''); $this->_sendResponse(401, "Invalid user credentials."); } } else { $this->log('No user credentials provided; IP = ' . $_SERVER['REMOTE_ADDR']); $this->_sendResponse(401, "No user credentials provided."); } }
/** * Returns regex for performing SQL assignedTo field comparisons. * @return string This can be inserted (with parameter binding) into SQL queries to * determine if an action is assigned to a given group. */ public static function getGroupIdRegex($username = null) { if ($username !== null) { $user = User::model()->findByAttributes(array('username' => $username)); if (!$user) { throw new CException('invalid username: '******''; $i = 0; foreach ($groupIds as $id) { if ($i++ > 0) { $groupIdRegex .= '|'; } $groupIdRegex .= '((^|, )' . $id . '($|,))'; } return $groupIdRegex; }
<ul class="nav nav-sidebar"> <li><a href="/Views/Business/manager.php">Buisness</a></li> </ul> </div> <div class="col-sm-9 col-sm-offset-3 col-md-10 col-md-offset-2 main"> <div class="row"> <div class="col-md-8"> <h1>My Groups</h1></div> <div class="col-md-4"><a class="btn btn-info btn-raised" style="float: right;" data-toggle="modal" data-dismiss="modal" data-target="#CreateG">Create Group</a></div> </div> <div class="row placeholders panel panel-primary" style="padding:20px;"> <!-- <div class="panel-heading" style="margin-bottom:20px; text-align: left; font-size: 20px;">Your Groups</div> --> <?php $myGroups = $groups->getUserGroups(); $hasGs = false; echo "<script>console.log('results_row: " . json_encode($myGroups) . "');</script>"; if ($myGroups->num_rows >= 1) { $hasGs = true; } if ($hasGs) { while ($row = $myGroups->fetch_object()) { echo '<div class="col-xs-6 col-sm-3 placeholder" style="margin-bottom:0px;">'; echo '<button onclick="location.href = ' . "'" . "/Views/Groups/open.php?group=" . $row->id_group . "'" . ';" class="btn btn-flat btn-primary" style="padding: 3px;border-radius: 50%;" data-toggle="tooltip" data-placement="bottom" title="" data-original-title="Profile">'; echo '<img src="/images/stock/members.png" width="100" height="100" class="img-responsive" alt="Generic placeholder thumbnail">'; echo '</button>'; echo '<h4>' . $row->name . '</h4>'; echo '<span class="text-muted">' . $row->description . '</span>'; echo '</div>'; }
$tree->name = 'Users'; $tree->nodeType = "base"; $tree->width = "350px"; $tree->value = ' <div class="boxTopBlue"><div class="a"></div><div class="b"></div><div class="c"></div></div> <div class="boxContentBlue"> <table width="100%" style="margin:0px;" cellspacing="0" cellpadding="0"> <tr> <td class="userGroupTitle">' . G::loadTranslation("ID_USER_GROUPS") . ' ' . $aRow['USR_FIRSTNAME'] . ' ' . $aRow['USR_LASTNAME'] . '</td> </tr> </table> </div> <div class="boxBottomBlue"><div class="a"></div><div class="b"></div><div class="c"></div></div> <div class="userGroupLink"><a href="#" onclick="showUserGroupInterface(\'' . $_GET['sUserUID'] . '\');return false;">' . G::LoadTranslation('ID_ASSIGN_GROUP') . '</a></div>'; $tree->showSign = false; $allGroups = $groups->getUserGroups($_GET['sUserUID']); foreach ($allGroups as $group) { $ID_DELETE = G::LoadTranslation('ID_DELETE'); $groupUID = htmlentities($group->getGrpUid()); $userUID = $_GET['sUserUID']; $GROUP_TITLE = strip_tags($group->getGrpTitle()); $html = <<<innerHTML \t <table cellspacing='0' cellpadding='0' border='1' style='border:0px;'> \t <tr> \t <td width='250px' class='treeNode' style='border:0px;background-color:transparent;'>{$GROUP_TITLE}</td>\t \t <td class='treeNode' style='border:0px;background-color:transparent;'>[<a href="#" onclick="deleteGroup('{$groupUID}','{$userUID}');return false;">{$ID_DELETE}</a>]</td> \t </tr> \t </table> innerHTML; $ch =& $tree->addChild($group->getGrpUid(), $html, array('nodeType' => 'child')); $ch->point = '<img src="/images/users.png" />';