/**
  * Check if user has proper permissions and throw exception if not
  *
  * @param \sma\models\Permission|\sma\models\Permission[] $permissions required permissions
  * @param string $requirement 'all' to require all permissions listed, 'any' to require at least
  * one of them
  */
 public static function requirePermissions($permissions, $requirement = "all")
 {
     static::requireLoggedInUser();
     if (!User::getVisitor()->checkPermissions($permissions, $requirement)) {
         ErrorHandler::forbidden();
     }
 }
Пример #2
0
 public static function updateplayer()
 {
     Controller::requireFields("get", ["id"], "/acp/team");
     $player = current(Player::get($_GET["id"]));
     if (!User::getVisitor()->checkPermissions(["RegisterTeamsForAnyOrganization"])) {
         Controller::requirePermissions(["RegisterTeamsForOwnOrganization"]);
         if ($player->getTeam()->organizationId != User::getVisitor()->organizationId) {
             ErrorHandler::forbidden();
         }
     }
     if ($_GET["exempt"] == 1 && !$player->exempt) {
         if ($player->getTeam()->getNumberOfExemptPlayers() >= MAX_EXEMPTS) {
             Controller::addAlert(new Alert("danger", "You have already starred the maximum number of players"));
             Controller::redirect("/team/edit?id=" . $player->getTeam()->id);
         }
     }
     Player::update($player->id, null, (bool) $_GET["exempt"]);
     Controller::addAlert(new Alert("success", "Player updated successfully"));
     Controller::redirect("/team/edit?id=" . $player->getTeam()->id);
 }