示例#1
0
文件: qdj.php 项目: netixx/frankiz
 function handler_ajax_modify($page)
 {
     S::assert_xsrf_token();
     if (!S::user()->hasRights(Group::from('qdj'), Rights::admin())) {
         return PL_FORBIDDEN;
     }
     $qdj = new QDJ(Json::i('id'));
     $page->jsonAssign('success', false);
     if (Json::has('date')) {
         $date = Json::t('date');
         if (!$date) {
             $qdj->date(false);
             $page->jsonAssign('success', true);
         } else {
             try {
                 $qdj->date(new FrankizDateTime($date));
                 $page->jsonAssign('success', true);
             } catch (Exception $e) {
             }
         }
     } else {
         if (Json::has('delete')) {
             if (Json::b('delete')) {
                 $qdj->delete();
                 $page->jsonAssign('success', true);
             }
         }
     }
     return PL_JSON;
 }
示例#2
0
文件: groups.php 项目: netixx/frankiz
 function handler_group_ajax_admin_rights($page)
 {
     S::assert_xsrf_token();
     $group = Group::fromId(Json::i('gid'));
     $user = User::fromId(Json::i('uid'));
     if ($group && $user) {
         if (S::user()->isMe($user) && !S::user()->isAdmin()) {
             $page->jsonAssign('msg', 'On ne peut pas changer ses propres droits');
         } else {
             if (S::user()->hasRights($group, Rights::admin()) || S::user()->isWeb()) {
                 $group->select(GroupSelect::subscribe());
                 $rights = new Rights(Json::s('rights'));
                 $caste = $group->caste($rights);
                 if ($caste->userfilter()) {
                     $page->jsonAssign('msg', 'Ce droit est défini de manière logique.');
                 } else {
                     // Log the event if involving admin rights
                     if ($rights->isMe(Rights::admin())) {
                         S::logger()->log('groups/admin/rights', array('gid' => $group->id(), 'uid' => $user->id(), 'cid' => $caste->id(), 'add' => Json::b('add')));
                     }
                     if (Json::b('add')) {
                         $caste->addUser($user);
                     } else {
                         $caste->removeUser($user);
                     }
                 }
             }
         }
     }
     return PL_JSON;
 }