/** * set data */ public function setData() { $requestHelper = $this->controller->getRequestHelper(); $class = $requestHelper->getParam('class'); $viewMode = $requestHelper->getParam('mode'); if (!in_array($viewMode, array(DisplayClass::EDIT, DisplayClass::VIEW))) { $viewMode = DisplayClass::VIEW; } $obj = Factory::loadObject($class, $requestHelper->getParam('LK')); if (is_null($obj)) { $obj = Factory::createObject($class); } $this->obj = $obj; $user = Flat::user(); $dataPermission = DataPermission::createObject($obj); if (!User::isLoggedIn() || !$user->isEntitled($obj->getPermissionForViewMode($viewMode)) || !$dataPermission->isUserOccupant($user->getLogicalKey())) { $viewMode = DisplayClass::VIEW; } $formModel = new base_form_Model($obj, $viewMode); $formModel->setAjaxForm('base_ajax_save_Controller'); $formModel->setMethod(base_form_Model::METHOD_POST); $formModel->addAction("&class=$class"); $formModel->addAction("&caller=" . $this->controller->getCallerSection()); $formModel->setId('inputData'); $this->data = new base_form_View($formModel); }
/** * set data * * @return mixed */ public function setData() { $this->_setRelevantParams(); $dataPermission = DataPermission::createObject(Factory::createObject($this->class)); $dataPermission->getOccupants(); $finder = Finder::create($this->class); if ($this->sort instanceof base_database_Order) { $finder->setOrder($this->sort); } if ($this->limit instanceof base_database_Limit) { $finder->setlimit($this->limit); } $this->data = $finder->find(); }
/** * @param string $permission_array * @param string $type * @return string * @throws DataSecurityAccessDeniedException */ public static function change_permission($permission_array, $type) { global $user; $permissions = (array) $permission_array; switch ($type) { case "File": $id = $_POST['file_id']; $object = File::get_instance($id); break; case "Folder": $id = $_POST['folder_id']; $object = Folder::get_instance($id); break; case "Value": $id = $_POST['value_id']; $object = Value::get_instance($id); break; case "Parameter": $id = $_POST['parameter_id']; $object = Parameter::get_instance($id); break; } if ($object->is_control_access() == true) { $full_access = true; } else { $full_access = false; } if ($object->get_owner_id() == $user->get_user_id()) { $user_access = true; } else { $user_access = false; } if ($full_access == true or $user_access == true) { $type = strtolower($type); $id = intval($id); echo $id; $data_permission = new DataPermission($type, $id); $paramquery = $_GET; unset($paramquery['action']); unset($paramquery['nextpage']); $params = http_build_query($paramquery, '', '&'); if ($data_permission->set_permission_array($permissions) == true) { return "1"; } else { return "0"; } } else { throw new DataSecurityAccessDeniedException(); } }
/** * @throws FolderIDMissingException */ public static function change_group() { if ($_GET['file_id'] or $_GET['value_id'] or $_GET['parameter_id'] or $_GET['folder_id']) { if ($_GET['file_id']) { $id = $_GET['file_id']; $object = File::get_instance($id); $type = "file"; $title = $object->get_name(); } if ($_GET['value_id']) { $id = $_GET['value_id']; $object = Value::get_instance($id); $type = "value"; $title = $object->get_type_name(); } if ($_GET['parameter_id']) { $id = $_GET['parameter_id']; $object = Parameter::get_instance($id); $type = "parameter"; $title = $object->get_name(); } if ($_GET['folder_id']) { $id = $_GET['folder_id']; $object = Folder::get_instance($id); $type = "folder"; $title = $object->get_name(); } } else { throw new FolderIDMissingException(); } if ($object->is_control_access() == true) { $data_permission = new DataPermission($type, $id); if (!$_GET['nextpage']) { $template = new HTMLTemplate("data/data_change_group.html"); $paramquery = $_GET; $paramquery['nextpage'] = "1"; $params = http_build_query($paramquery, '', '&'); $template->set_var("params", $params); $template->set_var("title", $title); $template->set_var("error", ""); $group_array = Group::list_groups(); $result = array(); $counter = 0; foreach ($group_array as $key => $value) { $group = new Group($value); $result[$counter]['value'] = $value; $result[$counter]['content'] = $group->get_name(); $counter++; } $template->set_var("option", $result); $paramquery = $_GET; $paramquery['action'] = "permission"; unset($paramquery['nextpage']); $params = http_build_query($paramquery, '', '&'); $template->set_var("back_link", $params); $template->output(); } else { $paramquery = $_GET; $paramquery['action'] = "permission"; unset($paramquery['nextpage']); $params = http_build_query($paramquery, '', '&'); if ($data_permission->set_owner_group_id($_POST['group']) == true) { Common_IO::step_proceed($params, "Permission: " . $title . "", "Changes saved succesful", null); } else { Common_IO::step_proceed($params, "Permission: " . $title . "", "Operation failed", null); } } } else { throw new DataSecuriyAccessDeniedException(); } }
$viewMode = $requestHelper->getParam('mode'); if (is_null($class)) { throw new base_exception_Site(TMS(base_exception_Site::PARAM_MISSING, array('param' => 'class'))); } if (!in_array($viewMode, array(DisplayClass::EDIT, DisplayClass::VIEW))) { $viewMode = DisplayClass::VIEW; } $obj = Factory::loadObject($class, $requestHelper->getParam('LK')); if (is_null($obj)) { $obj = Factory::createObject($class); } $user = Flat::user(); $dataPermission = DataPermission::createObject($obj); if (!User::isLoggedIn() || !$user->isEntitled($obj->getPermissionForViewMode($viewMode)) || !$dataPermission->isUserOccupant($user->getLogicalKey())) { $od->addContent('Sie verfügen nicht über die benötigten Rechte, um diese Datenkategorie zu bearbeiten. Bitte wenden Sie sich an den Support'); $viewMode = DisplayClass::VIEW; } $od->addContent(Html::startTag('h3')); $od->addContent('Datenerfassung: ' . $obj->getDisplayName()); $od->addContent(Html::endTag('h3')); $formModel = new base_form_Model($obj, $viewMode); $formModel->setAjaxForm('base_ajax_save_Controller'); $formModel->setMethod(base_form_Model::METHOD_POST); $formModel->addAction("&class=$class"); $formModel->setId('inputData'); $formView = new base_form_View($formModel);