/** * Validates permissions and parameters. */ public function validateDelete() { // read and validate user objects parent::validateDelete(); $userIDs = array(); foreach ($this->objects as $user) { // you cannot delete yourself if ($user->userID == WCF::getUser()->userID) { continue; } $userIDs[] = $user->userID; } // list might be empty because only our own user id was given if (empty($userIDs)) { throw new ValidateActionException("Invalid object id"); } // validate groups $conditions = new PreparedStatementConditionBuilder(); $conditions->add("userID IN (?)", array($userIDs)); $sql = "SELECT\tDISTINCT groupID\n\t\t\tFROM\twcf" . WCF_N . "_user_to_group\n\t\t\t" . $conditions; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute($conditions->getParameters()); $groupIDs = array(); while ($row = $statement->fetchArray()) { $groupIDs[] = $row['groupID']; } if (!UserGroup::isAccessibleGroup($groupIDs)) { throw new ValidateActionException('Insufficient permissions'); } }
/** * Validates permissions and parameters */ public function validateDelete() { parent::validateDelete(); foreach ($this->objects as $cronjob) { if (!$cronjob->isDeletable()) { throw new ValidateActionException('Insufficient permissions'); } } }
/** * @see wcf\data\IDeleteAction::validateDelete() */ public function validateDelete() { parent::validateDelete(); foreach ($this->objects as $cronjob) { if (!$cronjob->isDeletable()) { throw new PermissionDeniedException(); } } }
/** * @see \wcf\data\AbstractDatabaseObjectAction::validateDelete() */ public function validateDelete() { parent::validateDelete(); foreach ($this->objects as $userOption) { if (!$userOption->canDelete()) { throw new PermissionDeniedException(); } } }
/** * @see \wcf\data\AbstractDatabaseObjectAction::validateDelete() */ public function validateDelete() { parent::validateDelete(); if (count($this->objects) != 1) { throw new UserInputException('objectID'); } $label = current($this->objects); if ($label->userID != WCF::getUser()->userID) { throw new PermissionDeniedException(); } }
/** * Validates permissions and parameters. */ public function validateDelete() { // read and validate user objects parent::validateDelete(); $this->__validateAccessibleGroups(); }
/** * @see \wcf\data\AbstractDatabaseObjectAction::validateDelete() */ public function validateDelete() { parent::validateDelete(); foreach ($this->objects as $pageMenuItem) { if (!$pageMenuItem->canDelete()) { throw new PermissionDeniedException(); } } }