public function action_save()
{
// set redirect url
$redirect = $this->getAndSetSubmitRedirection();
// check permission
if (\Model_AccountLevelPermission::checkAdminPermission('acperm_perm', 'acperm_manage_level_perm') == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
\Response::redirect($redirect);
}
// if form submitted
if (\Input::method() == 'POST') {
if (\Extension\NoCsrf::check()) {
$data['permission_core'] = (int) trim(\Input::post('permission_core'));
if ($data['permission_core'] != '1') {
$data['permission_core'] = '0';
}
$data['module_system_name'] = \Security::strip_tags(trim(\Input::post('module_system_name')));
if ($data['module_system_name'] == null || $data['permission_core'] == '1') {
$data['module_system_name'] = null;
}
$data['level_group_id'] = \Input::post('level_group_id');
$data['permission_page'] = \Input::post('permission_page');
$data['permission_action'] = \Input::post('permission_action');
\Model_AccountLevelPermission::savePermissions($data);
// set success message
\Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('admin_saved')));
} else {
// nocsrf error, set error msg.
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('fslang_invalid_csrf_token')));
}
}
// go back
\Response::redirect($redirect);
}
