/**
* Retreive all users that belong to the given group.
*
* @param int $id
* @return array Users
*/
protected function actionGetUsers($params)
{
//don't check ACL here because this method may be called by anyone.
$group = \GO\Base\Model\Group::model()->findByPk($params['id'], false, true);
if (empty($group)) {
$group = new \GO\Base\Model\Group();
}
if (isset($params['add_users']) && !empty($group->id)) {
$users = json_decode($params['add_users']);
foreach ($users as $usr_id) {
if ($group->addUser($usr_id)) {
\GO\Base\Model\User::model()->findByPk($usr_id)->checkDefaultModels();
}
}
}
$store = \GO\Base\Data\Store::newInstance(\GO\Base\Model\User::model());
$store->getColumnModel()->formatColumn('name', '$model->name', array(), array('first_name', 'last_name'));
$storeParams = $store->getDefaultParams($params)->joinCustomFields(false);
$delresponse = array();
//manually check permission here because this method may be accessed by any logged in user. allowWithoutModuleAccess is used above.
if ($group->checkPermissionLevel(\GO\Base\Model\Acl::DELETE_PERMISSION)) {
// The users in the group "everyone" cannot be deleted
if ($group->id != \GO::config()->group_everyone) {
$store->processDeleteActions($params, 'GO\\Base\\Model\\UserGroup', array('group_id' => $group->id));
} else {
$delresponse['deleteSuccess'] = false;
$delresponse['deleteFeedback'] = 'Members of the group everyone cannot be deleted.';
}
}
$stmt = $group->users($storeParams);
$store->setStatement($stmt);
$response = $store->getData();
$response = array_merge($response, $delresponse);
return $response;
}
