/** Ask if user has right to do this * @param string $method One of created, browsed * @param System\User $user User to get perms for * @return bool */ public static function can_user($method, \System\User $user) { if ($user->is_root()) { return true; } $cname = get_called_class(); $conds = array(); if (isset($cname::$access) && isset($cname::$access[$method]) && !is_null($cname::$access[$method])) { return !!$cname::$access[$method]; } if ($user->is_guest()) { $conds['public'] = true; } else { $groups = $user->get_groups(); if (any($groups)) { $conds[] = 'id_group IN (' . implode(',', collect_ids($groups)) . ')'; } } $perm = \System\User\Perm::get_first()->add_filter(array('attr' => 'trigger', 'type' => 'in', 'in' => array('model-' . $method, '*')))->add_filter(array('attr' => 'name', 'type' => 'in', 'in' => array(\System\Loader::get_model_from_class($cname) . \System\Loader::SEP_MODEL . $method, '*')))->where($conds)->fetch(); return $perm ? $perm->allow : static::get_default_for($method); }
/** Get IDs of all system groups * @return int[] Set of group IDs */ function get_group_ids() { return collect_ids($this->groups->fetch()); }
/** * Save value for has_many relation * * @param string $attr * @return System\Model\Database */ protected function save_relation_hasmany($attr) { if (isset($this->relations[$attr])) { $model = get_model($this); $def = $this::get_attr($attr); $value = $this->validate_relation_hasmany($attr); $new = collect_ids($value); $current = collect_ids($this->{$attr}->fetch()); $rel_model = $def['model']; $ids_save = array_diff($new, $current); $ids_delete = array_diff($current, $new); if (!empty($def['is_bilinear'])) { $table_name = $model::get_bilinear_table_name($def); if (any($def['is_master'])) { $id_col = $model::get_id_col(); $foreign_key = $rel_model::get_id_col(); } else { $id_col = $rel_model::get_id_col(); $foreign_key = $model::get_id_col(); } $ids_save = array_filter($ids_save); $ids_delete = array_filter($ids_delete); if (any($ids_delete)) { $q1 = new \System\Database\Query(array("table" => $table_name)); $q1->where(array($id_col => $this->id), $table_name)->where_in($foreign_key, $ids_delete, $table_name)->delete(); } if (any($ids_save)) { $q2 = new \System\Database\Query(array("table" => $table_name, "cols" => array($id_col, $foreign_key))); foreach ($ids_save as $id) { $q2->add_insert_data(array($foreign_key => $id, $id_col => $this->id)); } $q2->insert(); } } else { $model = get_model($this); $foreign = $model::get_rel_bound_to($attr); $foreign_key = $def['model']::get_attr($foreign); $idc = $rel_model::get_belongs_to_id($foreign); if (any($ids_delete)) { $model_id = $rel_model::get_id_col(); if (!empty($foreign_key['is_null'])) { $objects = $this->{$attr}->where_in($model_id, $ids_delete)->fetch(); foreach ($objects as $obj) { $obj->{$idc} = null; $obj->save(); } } else { if ($def['model']::ALLOW_RELATION_DELETE) { $objects = $this->{$attr}->where_in($model_id, $ids_delete)->fetch(); foreach ($objects as $obj) { $obj->drop(); } } else { throw new \System\Error\Model(sprintf("Cannot delete objects of model '%s' by has_many relation change.", $model), sprintf("Set 'is_null' attribute of relation '%s' of model '%s' to true or define class constant called 'ALLOW_RELATION_DELETE' to model '%s'", $foreign, $def['model'], $def['model'])); } } } foreach ($value as $obj) { $obj->{$idc} = $this->id; $obj->save(); } } } }