/** guifi_node_access(): construct node permissions
*/
function guifi_node_access($op, $node)
{
global $user;
if (is_numeric($node)) {
$node = node_load(array('nid' => $node));
}
if ($op == 'view') {
return TRUE;
}
if ($op == 'create') {
return user_access('create guifi nodes');
}
if ($op == 'update' or $op == 'delete') {
guifi_log(GUIFILOG_TRACE, 'function guifi_node_access()', $op . ' - ' . $node->nid);
if (user_access('administer guifi zones') || $node->uid == $user->uid || ($node->uid == $user->uid and user_access('edit own guifi nodes')) || in_array($user->uid, guifi_maintainers_load($node->nid, 'location', 'uid')) || in_array($user->uid, guifi_funders_load($node->nid, 'location', 'uid'))) {
return TRUE;
} else {
// Check is authorized for being a maintainer of the zone and there is not maintainer
if (empty($node->maintainers) and guifi_zone_access($op, $node->zone_id)) {
return TRUE;
}
return FALSE;
}
}
return FALSE;
}
/**
* E-mail address update form submit
*/
function guifi_tools_mail_update_form_submit($form, &$form_state)
{
global $user;
guifi_log(GUIFILOG_TRACE, 'guifi_tools_mail_update_submit()', $form_state['values']);
// perform the massive update to the granted rows, using guifi db api
// instead of straight SQL to create the notificaton messages.
$tables = array('guifi_zone', 'guifi_location', 'guifi_devices', 'guifi_services', 'guifi_users');
foreach ($tables as $table) {
$sqlm = db_query('SELECT * FROM {%s} WHERE notification LIKE "%s"', $table, $form_state['values']['mail_search']);
while ($amails = db_fetch_object($sqlm)) {
// Check that the user has update access and creates the link
$continue = FALSE;
if (!user_access('administer guifi networks')) {
switch ($table) {
case 'guifi_users':
$title = $amails->username;
$type = t('User');
if (guifi_user_access('update', $amails->id)) {
$continue = TRUE;
}
break;
case 'guifi_devices':
$title = $amails->nick;
$type = t('Device');
if (guifi_device_access('update', $amails->id)) {
$continue = TRUE;
}
break;
case 'guifi_zone':
$title = $amails->nick;
$type = t('Zone');
if (guifi_zone_access('update', $amails->id)) {
$continue = TRUE;
}
break;
case 'guifi_location':
$title = $amails->nick;
$type = t('Node');
if (guifi_node_access('update', $amails->id)) {
$continue = TRUE;
}
break;
case 'guifi_service':
$title = $amails->nick;
$type = t('Service');
if (guifi_service_access('update', $amails->id)) {
$continue = TRUE;
}
break;
}
} else {
$continue = TRUE;
}
if (!$continue) {
continue;
}
// here we have update access, so perform the update
// Notify prevuious mail id, just in case...
$to_mail = $amails->notification;
$amails->notification = str_ireplace($form_state['values']['mail_search'], strtolower($form_state['values']['mail_replacewith']), $amails->notification);
if ($to_mail == $amails->notification) {
//no changes, so next
continue;
}
$n = _guifi_db_sql($table, array('id' => $amails->id), (array) $amails, $log, $to_mail);
guifi_notify($to_mail, t('The notification %notify for %type %title has been CHANGED to %new by %user.', array('%notify' => $form_state['values']['mail_search'], '%new' => $form_state['values']['mail_replacewith'], '%type' => $type, '%title' => $title, '%user' => $user->name)), $log);
}
// foreach row with the email found
}
// foreach table
drupal_goto('guifi/menu/ip/mailsearch/' . $form_state['values']['mail_replacewith']);
}
/**
*
* @param GuifiAPI $gapi GuifiAPI object
*
* @param mixed[] $parameters
*
* @return
*/
function guifi_api_zone_remove($gapi, $parameters)
{
if (!guifi_api_check_fields($gapi, array('zone_id'), $parameters)) {
return FALSE;
}
$node = node_load($parameters['zone_id']);
if (!$node->id) {
$gapi->addError(500, "zone_id = {$parameters['zone_id']}");
return FALSE;
}
if ($node->type != 'guifi_zone') {
$gapi->addError(500, "zone_id = {$node->id} is not a zone");
return FALSE;
}
if (node_access('delete', $node) && guifi_zone_access('update', $node)) {
node_delete($node->id);
} else {
$gapi->addError(501);
return FALSE;
}
return TRUE;
}
