Файл: concrete5.7.5.6/concrete/controllers/dialog/user/bulk/properties.php
Строк: 84
<?php
namespace ConcreteControllerDialogUserBulk;
use ConcreteControllerBackendUserInterface as BackendInterfaceController;
use PermissionKey;
use ConcreteCoreHttpResponseAssetGroup;
use Permissions;
use ConcreteCoreUserEditResponse as UserEditResponse;
use UserAttributeKey;
use Loader;
use UserInfo;
use Exception;
class Properties extends BackendInterfaceController {
protected $viewPath = '/dialogs/user/bulk/properties';
protected $users = array();
protected $canEdit = false;
protected function canAccess() {
$tp = Loader::helper('concrete/user');
if ($tp->canAccessUserSearchInterface()) {
$this->populateUsers();
}
return $this->canEdit;
}
protected function populateUsers() {
if (is_array($_REQUEST['item'])) {
foreach($_REQUEST['item'] as $uID) {
$ui = UserInfo::getByID($uID);
if (is_object($ui) && !$ui->isError()) {
$this->users[] = $ui;
}
}
}
$allowedEditAttributes = array();
$pk = PermissionKey::getByHandle('edit_user_properties');
$assignment = $pk->getMyAssignment();
if (is_object($assignment)) {
$this->allowedEditAttributes = $assignment->getAttributesAllowedArray();
$this->set('allowedEditAttributes', $this->allowedEditAttributes);
}
if (count($this->users) > 0) {
$this->canEdit = true;
foreach($this->users as $ui) {
$up = new Permissions($ui);
if (!$up->canEditUser()) {
$this->canEdit = false;
}
}
} else {
$this->canEdit = false;
}
return $this->canEdit;
}
public function view() {
$r = ResponseAssetGroup::get();
$r->requireAsset('core/app/editable-fields');
$this->populateUsers();
$form = Loader::helper('form');
$attribs = UserAttributeKey::getList();
$this->set('users', $this->users);
$this->set('attributes', $attribs);
}
public function updateAttribute() {
$ur = new UserEditResponse();
$ak = UserAttributeKey::getByID($_REQUEST['name']);
if ($this->validateAction()) {
$this->populateUsers();
if ($this->canEdit && in_array($ak->getAttributeKeyID(), $this->allowedEditAttributes)) {
foreach($this->users as $ui) {
$ui->saveUserAttributesForm(array($ak));
$ui->reindex();
}
$ur->setUsers($this->users);
$val = $ui->getAttributeValueObject($ak);
$ur->setAdditionalDataAttribute('value', $val->getValue('displaySanitized','display'));
$ur->setMessage(t('Users updated successfully.'));
} else {
throw new Exception(t("You don't have access to update this attribute."));
}
}
$ur->outputJSON();
}
public function clearAttribute() {
$ur = new UserEditResponse();
$ak = UserAttributeKey::getByID($_REQUEST['akID']);
if ($this->validateAction()) {
$this->populateUsers();
if ($this->canEdit && in_array($ak->getAttributeKeyID(), $this->allowedEditAttributes)) {
foreach($this->users as $ui) {
$ui->clearAttribute($ak);
$ui->reindex();
}
$ur->setUsers($this->users);
$ur->setAdditionalDataAttribute('value', false);
$ur->setMessage(t('Attributes cleared successfully.'));
} else {
throw new Exception(t("You don't have access to update this attribute."));
}
}
$ur->outputJSON();
}
}