public function executeBlock(sfWebRequest $request)
{
$id = $request->getParameter('id');
if (is_numeric($id)) {
$user = sfGuardUserTable::getInstance()->find($id);
/* @var $user sfGuardUser */
if (!$user) {
return $this->notFound();
}
}
$csrf_token = UtilCSRF::gen('block_user', $user->getId());
if ($request->isMethod('post')) {
if ($request->getPostParameter('csrf_token') != $csrf_token) {
return $this->ajax()->alert('CSRF Attack detected, please relogin.', 'Error', '#user_block_modal .modal-body')->render();
}
sfGuardUserPermissionTable::getInstance()->deleteUserPermission($user);
$user->state(Doctrine_Record::STATE_DIRTY);
$user->save();
return $this->ajax()->redirectRotue('user_idx')->render();
}
return $this->ajax()->appendPartial('body', 'block', array('id' => $id, 'name' => $user->getFullName(), 'csrf_token' => $csrf_token))->modal('#user_block_modal')->render();
}
/**
* Tests for success at creating the object.
*/
public function testCreate()
{
$t = sfGuardUserPermissionTable::getInstance();
$this->assertTrue($t instanceof Doctrine_Table);
}
