/**
* Save an entry
*
* @return void
*/
public function saveTask()
{
// [SECURITY] Check for request forgeries
Request::checkToken();
if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option)) {
App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
}
// Incoming
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
$team = Request::getVar('team', '', 'post', 2, 'none');
// Bind the incoming data to our mdoel
$row = Application::oneOrNew($fields['id'])->set($fields);
// Validate and save the data
if (!$row->save()) {
Notify::error($row->getError());
return $this->editTask($row);
}
// parse incoming team
$team = array_map('trim', explode(',', $team));
// clean up team
foreach ($team as $k => $t) {
// handle usernames & emails
if (!is_numeric($t)) {
// handle emails
if (strpos($t, '@')) {
// load profile by email
$profile = \Hubzero\User\User::oneByEmail($t);
} else {
// load profile by username
$profile = \Hubzero\User\User::oneOrNew($t);
}
// swap usernames for uidnumbers
if ($profile) {
$team[$k] = $profile->get('id');
} else {
unset($team[$k]);
}
}
}
// add creator if new
// will only ever get added once
$team[] = User::get('id');
// get current team
$currentTeam = $row->team()->rows();
$found = array();
// Remove members not included now
foreach ($currentTeam as $member) {
if (!in_array($member->get('uidNumber'), $team)) {
$member->destroy();
}
$found[] = $member->get('uidNumber');
}
// Add each non-team member to team
foreach ($team as $uidNumber) {
if (!in_array($uidNumber, $found)) {
$member = Member::blank();
$member->set('uidNumber', $uidNumber);
$member->set('application_id', $row->get('id'));
$member->save();
}
}
Notify::success(Lang::txt('COM_DEVELOPER_APPLICATION_SAVED'));
if ($this->getTask() == 'apply') {
return $this->editTask($row);
}
$this->cancelTask();
}
/**
* Set the authorization level for the user
*
* @param string $assetType
* @param integer $assetId
* @return void
*/
protected function _authorize($assetType = 'application', $assetId = null)
{
// Logged in?
if (!User::isGuest()) {
// Set comments to viewable
$this->config->set('access-create-' . $assetType, true);
}
// do we have an application?
if ($assetId != null) {
$app = Application::oneOrNew($assetId);
$team = array();
foreach ($app->team()->rows() as $member) {
$team[] = $member->get('uidNumber');
}
if (in_array(User::get('id'), $team) || User::get('id') == $app->get('created_by')) {
// Set comments to viewable
$this->config->set('access-view-' . $assetType, true);
$this->config->set('access-edit-' . $assetType, true);
$this->config->set('access-delete-' . $assetType, true);
$this->config->set('access-remove-member-' . $assetType, true);
}
}
}
