protected function printEditor($record = array()) { $user = IEM::userGetCurrent(); $group = new record_UserGroups($record); $permissionList = $user->getProcessedPermissionList(); $availableLists = $user->GetLists(); $availableSegments = $user->GetSegmentList(); $availableTemplates = $user->GetTemplates(); $requestToken = md5(mt_rand()); $page = array( 'messages' => GetFlashMessages() ); IEM::sessionSet('UsersGroups_Editor_RequestToken', $requestToken); if (!isset($record['permissions']) || !is_array($record['permissions'])) { $record['permissions'] = array(); } if (!isset($record['access']) || !is_array($record['access'])) { $record['access'] = array(); } $record['permissions_stupid_template'] = array(); if (isset($record['permissions'])) { foreach ($record['permissions'] as $key => $value) { foreach ($value as $each) { $record['permissions_stupid_template'][] = "{$key}.{$each}"; } } } $this->PrintHeader(); $tpl = GetTemplateSystem(); $tpl->Assign('PAGE', $page); $tpl->Assign('record', $record); $tpl->Assign('permissionList', $permissionList); $tpl->Assign('isSystemAdmin', $group->isAdmin()); $tpl->Assign('isLastAdminWithUsers', $group->isLastAdminWithUsers()); $tpl->Assign('availableLists', $availableLists, true); $tpl->Assign('availableSegments', $availableSegments, true); $tpl->Assign('availableTemplates', $availableTemplates, true); $tpl->Assign('requestToken', $requestToken); $tpl->ParseTemplate('UsersGroups_Form'); $this->PrintFooter(); return; }
/** * Save record * * This method will create/edit record in the database * * NOTE: You can pass in an associative array or "record" object. * * NOTE: The action that is taken by the API (either create a new record or edit an existing one) * will depends on the record that is passed in (ie. They have their primary key included or not) * * NOTE: The method will be able to transform the record passed in, by either adding new default value * (or in the case of creating new record, a new id) * * @param array|baseRecord $record Record to be saved * @return boolean Returns TRUE if successful, FALSE otherwise * * @todo ALL */ public function saveRecord(&$record) { $db = IEM::getDatabase(); if (!isset($record['groupid'])) { $record['groupid'] = 0; } else { $record['groupid'] = intval($record['groupid']); } if (isset($record['permissions']['system']) && is_array($record['permissions']['system']) && in_array('system', $record['permissions']['system'])) { $record['systemadmin'] = '1'; } $main_record = $record; // permissions don't exist on the main record if (isset($main_record['permissions'])) { unset($main_record['permissions']); } // access doesn't exist on the main record if (isset($main_record['access'])) { unset($main_record['access']); } $obj = new record_UserGroups($main_record); $main_record = $obj->getAssociativeArray(); $db->StartTransaction(); /* * Save main usergroup record */ if (empty($main_record['groupid'])) { unset($main_record['groupid']); $main_record['createdate'] = time(); $fields = array(); $values = array(); foreach ($main_record as $key => $value) { $fields[] = $key; if (is_null($value) || $value === '') { $values[] = 'NULL'; } elseif (is_numeric($value)) { $values[] = $value; } else { $values[] = "'" . $db->Quote($value) . "'"; } } $query = "INSERT INTO [|PREFIX|]usergroups(" . implode(',', $fields) . ") VALUES (" . implode(',', $values) . ")"; if (SENDSTUDIO_DATABASE_TYPE == 'pgsql') { $query .= " RETURNING groupid"; } $status = $db->Query($query); if (!$status) { $db->RollbackTransaction(); trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- Unable to insert record: ' . $db->Error(), E_USER_WARNING); return false; } $new_id = 0; if (SENDSTUDIO_DATABASE_TYPE == 'pgsql') { $new_id = $db->FetchOne($status, 'groupid'); $db->FreeResult($status); } else { $new_id = $db->LastId(SENDSTUDIO_TABLEPREFIX . 'usergroups_sequence'); } $main_record['groupid'] = $record['groupid'] = $new_id; $record['createdate'] = $main_record['createdate']; } else { $id = $main_record['groupid']; // hacks to prevent db errors unset($main_record['groupid'], $main_record['createdate']); // more hacks so that the database doesn't complain about null values when // it is expecting an integer foreach ($main_record as $colName => &$colVal) { if (!$colVal && strpos($colName, 'limit_') === 0) { $colVal = 0; } } $status = $db->UpdateQuery('usergroups', $main_record, "groupid = {$id}", true); if (!$status) { $db->RollbackTransaction(); trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- Cannot update record: ' . $db->Error(), E_USER_WARNING); return false; } } /* * Save permissions */ // remove existing permissions since they are being overwritten $status = $db->Query("DELETE FROM [|PREFIX|]usergroups_permissions WHERE groupid = {$record['groupid']}"); // if they weren't able to be deleted, rollback and trigger an error if (!$status) { $db->RollbackTransaction(); trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- Cannot delete group permission records: ' . $db->Error(), E_USER_WARNING); return false; } // if there are permissions to be saved if (!empty($record['permissions'])) { $values = array(); // format them foreach ($record['permissions'] as $area => $subarea) { foreach ($subarea as $each) { $values[] = $record['groupid'] . ", '" . $db->Quote($area) . "', '" . $db->Quote($each) . "'"; } } // remove duplicates $values = array_unique($values); // insert them $status = $db->Query("INSERT INTO [|PREFIX|]usergroups_permissions (groupid, area, subarea) VALUES (" . implode('), (', $values) . ")"); // rollback and trigger an error if they weren't able to be inserted if (!$status) { $db->RollbackTransaction(); trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- Cannot save permission records: ' . $db->Error(), E_USER_WARNING); return false; } } /* * Save access */ // delete all access records first since they are being overwritten $status = $db->Query("DELETE FROM [|PREFIX|]usergroups_access WHERE groupid = {$record['groupid']}"); // if they weren't able to be deleted, rollback and trigger an error if (!$status) { $db->RollbackTransaction(); trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- Cannot delete group access records: ' . $db->Error(), E_USER_WARNING); return false; } // if there are access permissions if (!empty($record['access'])) { $values = array(); // format them foreach ($record['access'] as $resourcetype => $resoureid) { foreach ($resoureid as $each) { $values[] = $record['groupid'] . ", '" . $db->Quote($resourcetype) . "', " . intval($each); } } // make sure there are no duplicates $values = array_unique($values); // insert the access permissions $status = $db->Query("INSERT INTO [|PREFIX|]usergroups_access (groupid, resourcetype, resourceid) VALUES (" . implode('), (', $values) . ")"); // if they weren't able to be inserted, rollback and trigger an error if (!$status) { $db->RollbackTransaction(); trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- Cannot save access records: ' . $db->Error(), E_USER_WARNING); return false; } } $db->CommitTransaction(); return true; }