protected function preCreateHook(&$data) { $org = new Organization(U::array_value($data, 'organization')); // check creator permission $requester = $this->app['user']; $role = $org->getRoleOfUser($requester); if ($role < Volunteer::ROLE_VOLUNTEER && !$requester->isAdmin()) { $this->app['errors']->push(['error' => ERROR_NO_PERMISSION]); return false; } // make sure the place name is unique $name = U::array_value($data, 'name'); if (!empty($name) && $name != $this->name && self::totalRecords(['organization' => $org->id(), 'name' => $name]) > 0) { $errorStack = $this->app['errors']; $errorStack->push(['error' => ERROR_VOLUNTEER_PLACE_NAME_TAKEN, 'params' => ['place_name' => $name]]); return false; } // volunteers cannot verify places if ($role < Volunteer::ROLE_ADMIN && !$requester->isAdmin()) { $data['verify_approved'] = false; } // geocode if (isset($data['address'])) { $data['coordinates'] = $this->geocode($data['address']); } return true; }
public function preCreateHook(&$data) { $organization = new Organization(U::array_value($data, 'organization')); // In order to create volunteer models must be one of: // i) admin // ii) org admin // ii) current user creating a volunteer model for themselves $uid = U::array_value($data, 'uid'); $currentRole = $organization->getRoleOfUser($this->app['user']); $isAdmin = $this->app['user']->isAdmin() || $currentRole == self::ROLE_ADMIN; if (!$isAdmin && $uid != $this->app['user']->id()) { $this->app['errors']->push(['error' => ERROR_NO_PERMISSION]); return false; } // volunteers cannot be promoted beyond the role of the current user $maxLevel = $isAdmin ? self::ROLE_ADMIN : max(self::ROLE_AWAITING_APPROVAL, $currentRole); $role = U::array_value($data, 'role'); if ($role > $maxLevel) { $this->app['errors']->push(['error' => ERROR_NO_PERMISSION]); return false; } // approval link if ($role == self::ROLE_AWAITING_APPROVAL) { $data['approval_link'] = U::guid(false); } return true; }
public function makeReport($req, $res) { $organization = new Organization($req->params('organization')); if ($organization->getRoleOfUser($this->app['user']) != Volunteer::ROLE_ADMIN) { return $res->setCode(404); } $type = $req->query('type'); $start = $req->query('start'); $end = $req->query('end'); if (!is_numeric($start)) { $start = strtotime($start); } if (!is_numeric($end)) { $end = strtotime($end); } if ($report = Report::getReport($this->app, $organization, $type, $start, $end)) { $report->output($req->query('output'), true, $res); } else { $res->setCode(404); } }
protected function preCreateHook(&$data) { $org = new Organization(U::array_value($data, 'organization')); // check creator permission $requester = $this->app['user']; $role = $org->getRoleOfUser($requester); if ($role < Volunteer::ROLE_VOLUNTEER && !$requester->isAdmin()) { $this->app['errors']->push(['error' => ERROR_NO_PERMISSION]); return false; } // volunteers cannot approve own hours if ($role < Volunteer::ROLE_ADMIN && !$requester->isAdmin()) { $data['approved'] = false; } // validate number of hours $hours = $data['hours'] = floor($data['hours']); if ($hours <= 0 || $hours >= 13) { $this->app['errors']->push(['error' => 'invalid_num_volunteer_hours']); return false; } // convert day timestamp to beginning of day $data['timestamp'] = self::timestampToStartOfDay($data['timestamp']); // the timestamp on hours cannot be more than 1 day in the future if ($data['timestamp'] - 86400 > time()) { $this->app['errors']->push(['error' => 'invalid_hours_timestamp']); return false; } // approval link if (!U::array_value($data, 'approved')) { $data['approval_link'] = U::guid(false); } if (isset($data['tags'])) { self::$createTags = $data['tags']; if (!is_array(self::$createTags)) { self::$createTags = explode(' ', self::$createTags); } } return true; }