/**
* Register edited group permissions
*
* @access private
* @param array $_post _POST array
* @return void
*/
private function permitting($_post)
{
$msg = null;
// check permission
$msg = AdmUtils_helper::chk_priv_level($_SESSION['xuid'], 'groups', $_post['id'], 4);
if (is_null($msg)) {
// get all available permissions
$perm = new Permission_model();
$types = $perm->get_privtypes($_post['xrif']);
// build action arrays
$insert = $update = $delete = array();
foreach ($types as $i) {
if (isset($_post[$i->name]) && $_post[$i->name] != $_post['old_' . $i->name]) {
if ($_post[$i->name]) {
// insert or update
if ($_post['old_' . $i->name]) {
$update[$i->name] = $_post[$i->name];
} else {
$insert[$i->name] = $_post[$i->name];
}
} else {
$delete[] = $i->name;
}
}
}
// update privs
$result = $perm->update_gprivs($_post['id'], $insert, $update, $delete);
// set message
$msg = AdmUtils_helper::set_msg($result);
// set what update
if ($result[1]) {
$msg->update[] = array('element' => 'tdown', 'url' => BASE_URL . 'users', 'title' => null);
}
}
$this->response($msg);
}
/**
* Refresh upriv table and then privs
*
* @access private
* @param array $_post _POST array
* @return void
*/
private function permitting($_post)
{
$msg = null;
// check permission
$msg = AdmUtils_helper::chk_priv_level($_SESSION['xuid'], 'users', $_post['id'], 3);
if (is_null($msg)) {
// get privilege types
$mod = new Permission_model();
$types = $mod->get_privtypes(1);
// check the differences
$insert = $update = $delete = array();
foreach ($types as $i) {
// if the new value do not match the old value
if (isset($_post[$i->name]) && $_post[$i->name] != $_post['old_' . $i->name]) {
// if the new value is greater than zero
if ($_post[$i->name]) {
// update if the old value was greater than zero
if ($_post['old_' . $i->name]) {
$update[$i->name] = $_post[$i->name];
} else {
// if old value was zero
// delete old value
$delete[$i->name] = $_post['old_' . $i->name];
// insert new value
$insert[$i->name] = $_post[$i->name];
}
} else {
// the new value is zero => no permission
$update[$i->name] = $_post[$i->name];
}
}
}
// perform the refresh
$result = $mod->update_uprivs($_post['id'], $_post['id_area'], $insert, $update, $delete);
$msg = AdmUtils_helper::set_msg($result);
// set what update
if ($result[1]) {
$msg->update[] = array('element' => 'tdown', 'url' => BASE_URL . 'users/detail/' . $_post['id'], 'title' => null);
}
}
$this->response($msg);
}
