/**
* Check whether the current user can add a new map
*
* @throws Exception
*/
function canadd()
{
global $LNG, $USER;
// needs to be logged in that's all!
if (api_check_login() instanceof Error) {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
}
/**
* Check whether the current user can delete the current connection
*
* @throws Exception
*/
function candelete()
{
global $DB, $USER, $LNG, $HUB_SQL;
if (api_check_login() instanceof Error) {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
$currentuser = '';
if (isset($USER->userid)) {
$currentuser = $USER->userid;
}
//can delete only if owner of the connection
$params = array();
$params[0] = $currentuser;
$params[1] = $this->connid;
$resArray = $DB->select($HUB_SQL->DATAMODEL_CONNECTION_CAN_DELETE, $params);
if ($resArray !== false) {
$count = count($resArray);
if ($count == 0) {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
} else {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
}
/**
* Check whether the current user can delete the current node
*
* @throws Exception
*/
function candelete()
{
global $DB, $USER, $HUB_SQL, $LNG;
api_check_login();
$currentuser = '';
if (isset($USER->userid)) {
$currentuser = $USER->userid;
}
//can delete only if owner of the node
$params = array();
$params[0] = $currentuser;
$params[1] = $this->nodeid;
$resArray = $DB->select($HUB_SQL->DATAMODEL_NODE_CAN_EDIT, $params);
if ($resArray !== false) {
if (count($resArray) == 0) {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
} else {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
}
/**
* Add the given user to this Group's joining request list.
* @param $userid the id of the user who wishes to join the group.
* @return true if it all went well, else Error.
*/
function joinrequest($userid)
{
global $CFG, $DB, $USER, $HUB_SQL;
if (api_check_login() instanceof Error) {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
// check user exists
$user = new User($userid);
if ($user->load() instanceof Error) {
global $ERROR;
$ERROR = new error();
return $ERROR->createUserNotFoundError($userid);
}
$dt = time();
$params = array();
$params[0] = $this->groupid;
$params[1] = $userid;
$params[2] = $userid;
$params[3] = $dt;
$res = $DB->insert($HUB_SQL->DATAMODEL_GROUP_JOIN_ADD, $params);
if ($res) {
return true;
} else {
return database_error($DB->conn);
}
}
/**
* Check whether the current user can delete the current ViewNode record
*
* @throws Exception
*/
function candelete()
{
global $DB, $USER, $HUB_SQL, $LNG;
api_check_login();
/** CHANGED: If you can edit the map you can remove a node from the map **/
try {
$view = new View($this->viewid);
$view->canedit();
} catch (Exception $e) {
return access_denied_error();
}
/*$currentuser = '';
if (isset($USER->userid)) {
$currentuser = $USER->userid;
}
if ($currentuser !== $this->userid) {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
//can delete only if owner of this ViewNode record
$params = array();
$params[0] = $this->viewid;
$params[1] = $this->nodeid;
$params[2] = $currentuser;
$resArray = $DB->select($HUB_SQL->DATAMODEL_VIEWNODE_CAN_EDIT, $params);
if($resArray !== false){
if (count($resArray) == 0) {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
} else {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
*/
}
/**
* Check whether the given user is an admin for this group
*
* @return true if given use is a group admin else false or error if there is a database error
*/
function isgroupadmin($userid)
{
global $DB, $HUB_SQL;
if (api_check_login() instanceof Error) {
return false;
}
//can edit only if admin for the group
$params = array();
$params[0] = $this->groupid;
$params[1] = $userid;
$params[2] = 'Y';
$resArray = $DB->select($HUB_SQL->DATAMODEL_GROUP_IS_ADMIN, $params);
if ($resArray !== false) {
$count = count($resArray);
if ($count == 0) {
return false;
} else {
return true;
}
} else {
return database_error();
}
}
/**
* Check whether the current user can delete the current following entry
*
* @throws Exception
*/
function candelete()
{
global $DB, $USER, $LNG;
//can delete only if owner of the following entry
api_check_login();
if ($this->userid != $USER->userid) {
throw new Exception($LNG->ERROR_ACCESS_DENIED_MESSAGE);
}
}
