public static function handleShareRequest(Key $Key) { $GLOBALS['Session']->requireAuthentication(); if (!$GLOBALS['Session']->hasAccountLevel('Staff') && !KeyUser::getByWhere(['PersonID' => $GLOBALS['Session']->PersonID, 'KeyID' => $Key->ID, 'Role' => 'owner'])) { return static::throwUnauthorizedError('Only staff or the key owner may share this key'); } $responseData = ['data' => $Key]; if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (empty($_POST['Email'])) { $responseData['success'] = false; $responseData['message'] = 'Email address for registered user required'; } elseif (!($User = User::getByUsername($_POST['Email']))) { $responseData['success'] = false; $responseData['message'] = 'No registered user found for provided email address'; } else { try { KeyUser::create(['Key' => $Key, 'Person' => $User], true); return static::respond('shared', ['success' => true, 'data' => $Key]); } catch (\DuplicateKeyException $e) { $responseData['success'] = false; $responseData['message'] = 'Requested user already has access to this key'; } } } return static::respond('share', $responseData); }
public static function handleChangeMaintainerRequest(Project $Project) { $GLOBALS['Session']->requireAuthentication(); if (empty($_REQUEST['username'])) { return static::throwError('Parameter "username" required'); } if (!($Project->Maintainer = User::getByUsername($_REQUEST['username']))) { return static::throwError('User not found'); } if ($_SERVER['REQUEST_METHOD'] != 'POST') { return static::respond('confirm', ['question' => sprintf(_('Are you sure you want to make %s the maintainer of %s?'), htmlspecialchars($Project->Maintainer->FullName), htmlspecialchars($Project->Title))]); } $Project->save(); return static::respond('maintainerChanged', ['data' => $Project]); }