public function markAcceptance($policyCode, $userUid)
{
// get inputs
//
$policy = Policy::where('policy_code', '=', $policyCode)->first();
$user = User::getIndex($userUid);
$acceptFlag = Input::has('accept_flag');
// check inputs
//
if (!$user || !$policy || !$acceptFlag) {
return Response::make('Invalid input.', 404);
}
// check privileges
//
if (!$user->isAdmin() && $user->user_uid != Session::get('user_uid')) {
return Response::make('Insufficient privileges to mark policy acceptance.', 401);
}
// get or create new user policy
//
$userPolicy = UserPolicy::where('user_uid', '=', $userUid)->where('policy_code', '=', $policyCode)->first();
if (!$userPolicy) {
$userPolicy = new UserPolicy(array('user_policy_uid' => GUID::create(), 'user_uid' => $userUid, 'policy_code' => $policyCode));
}
$userPolicy->accept_flag = $acceptFlag;
$userPolicy->save();
return $userPolicy;
}
public function requestPermissions($userUid)
{
// Lookup relevant data
//
$active_user = User::getIndex(Session::get('user_uid'));
$user = User::getIndex($userUid);
$permissions = Permission::all();
$user_permissions = UserPermission::where('user_uid', '=', $userUid)->get();
// Permission classification holders
//
$new_permissions = array();
$updated_permissions = array();
// Requests for permissions the user already owns or do not exist should flag an error
//
$valid_permissions = [];
foreach ($permissions as $p) {
$valid_permissions[] = $p->permission_code;
}
if (!in_array(Input::get('permission_code'), $valid_permissions)) {
return Response::make('Invalid permission code detected.', 500);
}
$record = false;
foreach ($user_permissions as $up) {
if ($up->permission_code == Input::get('permission_code')) {
$record = $up;
break;
}
}
// an existing entry did for the permission did not exist for the user
//
if (!$record) {
$record = new UserPermission(array('user_permission_uid' => GUID::create(), 'user_uid' => $userUid, 'permission_code' => Input::get('permission_code'), 'request_date' => gmdate('Y-m-d H:i:s'), 'user_comment' => Input::get('comment')));
if ($meta = $this->getMetaFields()) {
$record->meta_information = $meta;
}
$record->save();
$new_permissions[] = Input::get('title');
// we found an existing entry and update the information
} else {
if ($record->status == 'denied') {
return Response::make('You may not request denied permissions. Please contact SWAMP support staff if you feel permissions have been denied in error.', 400);
}
if ($meta = $this->getMetaFields()) {
$record->meta_information = $meta;
}
$record->request_date = gmdate('Y-m-d H:i:s');
$record->user_comment = Input::get('comment');
$record->save();
$updated_permissions[] = Input::get('title');
}
$admins = UserAccount::where('admin_flag', '=', 1)->get();
foreach ($admins as $admin) {
$admin = User::getIndex($admin->user_uid);
if ($admin && $admin->email && $admin->getFullName()) {
$cfg = array('new_permissions' => $new_permissions, 'updated_permissions' => $updated_permissions, 'url' => Config::get('app.cors_url') ?: '', 'comment' => Input::get('comment'), 'meta_information' => json_decode($record->meta_information, true), 'user' => $user);
Mail::send('emails.permission-request', $cfg, function ($message) use($admin) {
$message->to($admin->email, $admin->getFullName());
$message->subject('SWAMP Permission Request');
});
}
}
// record accepted policy
$permission = Permission::where('permission_code', '=', Input::get('permission_code'))->first();
if ($permission->policy_code) {
$up = UserPolicy::where('user_uid', '=', $user->user_uid)->where('policy_code', '=', $permission->policy_code)->first();
if (!$up) {
$up = new UserPolicy(array('user_policy_uid' => GUID::create(), 'user_uid' => $user->user_uid, 'policy_code' => $permission->policy_code));
}
$up->accept_flag = 1;
$up->save();
}
}
