protected function modifyGroup($task) { $g = Group::getByID(Loader::helper('security')->sanitizeInt($_POST['gID'])); if (is_object($g)) { $gp = new Permissions($g); if ($gp->canAssignGroup()) { $users = $this->getRequestUsers(); $r = new UserEditResponse(); $r->setUsers($users); $dh = Core::make('helper/date'); /* @var $dh \Concrete\Core\Localization\Service\Date */ foreach ($users as $ui) { $uo = $ui->getUserObject(); if ($task == 'add') { if (!$uo->inGroup($g)) { $uo->enterGroup($g); $obj = new stdClass(); $obj->gDisplayName = $g->getGroupDisplayName(); $obj->gID = $g->getGroupID(); $obj->gDateTimeEntered = $dh->formatDateTime($g->getGroupDateTimeEntered($uo)); $r->setAdditionalDataAttribute('groups', array($obj)); } } else { if ($uo->inGroup($g)) { $uo->exitGroup($g); $obj = new stdClass(); $obj->gID = $g->getGroupID(); $r->setAdditionalDataAttribute('group', $obj); } } } $r->outputJSON(); } else { throw new Exception(t('Access Denied.')); } } else { throw new Exception(t('Invalid group.')); } }
public function update_attribute($uID = false) { $this->setupUser($uID); $sr = new UserEditResponse(); if (Loader::helper('validation/token')->validate()) { $ak = UserAttributeKey::getByID(Loader::helper('security')->sanitizeInt($_REQUEST['name'])); if (is_object($ak)) { if (!in_array($ak->getAttributeKeyID(), $this->allowedEditAttributes)) { throw new Exception(t('You do not have permission to modify this attribute.')); } $this->user->saveUserAttributesForm(array($ak)); $val = $this->user->getAttributeValueObject($ak); } } else { $this->error->add(Loader::helper('validation/token')->getErrorMessage()); } $sr->setUser($this->user); if ($this->error->has()) { $sr->setError($this->error); } else { $sr->setMessage(t('Attribute saved successfully.')); $sr->setAdditionalDataAttribute('value', $val->getValue('displaySanitized', 'display')); } $this->user->reindex(); $sr->outputJSON(); }
public function clearAttribute() { $ur = new UserEditResponse(); $ak = UserAttributeKey::getByID($_REQUEST['akID']); if ($this->validateAction()) { $this->populateUsers(); if ($this->canEdit && in_array($ak->getAttributeKeyID(), $this->allowedEditAttributes)) { foreach ($this->users as $ui) { $ui->clearAttribute($ak); $ui->reindex(); } $ur->setUsers($this->users); $ur->setAdditionalDataAttribute('value', false); $ur->setMessage(t('Attributes cleared successfully.')); } else { throw new Exception(t("You don't have access to update this attribute.")); } } $ur->outputJSON(); }