function handler_ajax_todo_add($page)
{
S::assert_xsrf_token();
if (Json::has('tobedone')) {
XDB::execute('INSERT INTO todo
SET uid = {?}, sent = NOW(), checked = 0, tobedone = {?}', S::user()->id(), Json::s('tobedone'));
if (XDB::affectedRows() > 0) {
$page->jsonAssign('todo_id', XDB::insertId());
} else {
$page->jsonAssign('error', "Impossible d'ajouter une nouvelle tâche");
}
} else {
$page->jsonAssign('error', "Requête invalide");
}
return PL_JSON;
}
function handler_group_ajax_admin_rights($page)
{
S::assert_xsrf_token();
$group = Group::fromId(Json::i('gid'));
$user = User::fromId(Json::i('uid'));
if ($group && $user) {
if (S::user()->isMe($user) && !S::user()->isAdmin()) {
$page->jsonAssign('msg', 'On ne peut pas changer ses propres droits');
} else {
if (S::user()->hasRights($group, Rights::admin()) || S::user()->isWeb()) {
$group->select(GroupSelect::subscribe());
$rights = new Rights(Json::s('rights'));
$caste = $group->caste($rights);
if ($caste->userfilter()) {
$page->jsonAssign('msg', 'Ce droit est défini de manière logique.');
} else {
// Log the event if involving admin rights
if ($rights->isMe(Rights::admin())) {
S::logger()->log('groups/admin/rights', array('gid' => $group->id(), 'uid' => $user->id(), 'cid' => $caste->id(), 'add' => Json::b('add')));
}
if (Json::b('add')) {
$caste->addUser($user);
} else {
$caste->removeUser($user);
}
}
}
}
}
return PL_JSON;
}
