public function getRooms(\DataContainer $objDc) { $arrRooms = array(); if (($objRoomArchives = \HeimrichHannot\CalendarPlus\CalendarRoomArchiveModel::findByPid($objDc->activeRecord->pid)) !== null) { foreach ($objRoomArchives as $objRoomArchive) { if (($objRooms = \HeimrichHannot\CalendarPlus\CalendarRoomModel::findByPid($objRoomArchive->id)) !== null) { foreach ($objRooms as $objRoom) { $arrRooms[$objRoomArchive->title][$objRoom->id] = $objRoom->title; } } } } return $arrRooms; }
/** * Check permissions to edit table tl_calendar_events */ public function checkPermission() { if ($this->User->isAdmin) { return; } // Set root IDs if (!is_array($this->User->calendars) || empty($this->User->calendars)) { $root = array(0); } else { $root = $this->User->calendars; } $archiveId = strlen(Input::get('id')) ? Input::get('id') : CURRENT_ID; $objRoomArchive = \HeimrichHannot\CalendarPlus\CalendarRoomArchiveModel::findByPk($archiveId); if ($objRoomArchive !== null) { $id = $objRoomArchive->pid; } // Check current action switch (Input::get('act')) { case 'paste': // Allow break; case 'create': if (!strlen(Input::get('pid')) || !in_array(Input::get('pid'), $root)) { $this->log('Not enough permissions to create room in calendar ID "' . Input::get('pid') . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } break; case 'cut': case 'copy': if (!in_array(Input::get('pid'), $root)) { $this->log('Not enough permissions to ' . Input::get('act') . ' room ID "' . $id . '" to calendar ID "' . Input::get('pid') . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } // NO BREAK STATEMENT HERE // NO BREAK STATEMENT HERE case 'edit': case 'show': case 'delete': case 'toggle': $objRoom = $this->Database->prepare("SELECT pid FROM tl_calendar_room WHERE id=?")->limit(1)->execute($id); if ($objRoom->numRows < 1) { $this->log('Invalid room ID "' . $id . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objRoomArchive = $this->Database->prepare("SELECT pid FROM tl_calendar_room_archive WHERE id=?")->limit(1)->execute($objRoom->pid); if ($objRoomArchive->numRows < 1) { $this->log('Invalid room archive ID "' . $objRoom->pid . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } if (!in_array($objRoomArchive->pid, $root)) { $this->log('Not enough permissions to ' . Input::get('act') . ' room ID "' . $id . '" of calendar ID "' . $objRoomArchive->pid . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } break; case 'select': case 'editAll': case 'deleteAll': case 'overrideAll': case 'cutAll': case 'copyAll': if (!in_array($id, $root)) { $this->log('Not enough permissions to access calendar ID "' . $id . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objRoomArchive = $this->Database->prepare("SELECT pid FROM tl_calendar_room_archive WHERE pid=?")->execute($id); if ($objRoomArchive->numRows < 1) { $this->log('Invalid calendar ID "' . $id . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } $objRooms = $this->Database->prepare("SELECT pid FROM tl_calendar_room WHERE pid=?")->execute($objRoomArchive->id); $session = $this->Session->getData(); $session['CURRENT']['IDS'] = array_intersect($session['CURRENT']['IDS'], $objRooms->fetchEach('id')); $this->Session->setData($session); break; default: if (strlen(Input::get('act'))) { $this->log('Invalid command "' . Input::get('act') . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } elseif (!in_array($id, $root)) { $this->log('Not enough permissions to access calendar ID "' . $id . '"', __METHOD__, TL_ERROR); $this->redirect('contao/main.php?act=error'); } break; } }