diff options
| -rw-r--r-- | application/modules/user/controllers/FilterController.php | 35 | ||||
| -rw-r--r-- | application/modules/user/forms/Filter.php | 5 |
2 files changed, 31 insertions, 9 deletions
diff --git a/application/modules/user/controllers/FilterController.php b/application/modules/user/controllers/FilterController.php index efa6c75..934fd2e 100644 --- a/application/modules/user/controllers/FilterController.php +++ b/application/modules/user/controllers/FilterController.php @@ -132,9 +132,9 @@ class User_FilterController extends Zend_Controller_Action $bm->setID($rr['bootmenuID']); $bootmenus[] = $bm; } - - if (!isset($_POST["add"])){ - // TODO: ACL implementieren ob er editieren darf + // TODO: ACL is he allowed to edit this ? + // edit filter or edit filterpriority + if (!isset($_POST["add"])){ $filterID = $this->_request->getParam('filterID'); $filter = new Application_Model_Filter(); @@ -149,9 +149,8 @@ class User_FilterController extends Zend_Controller_Action else{ $this->_redirect('/user/filter/index/modifyresult/forbidden'); } - } else{ - try{ + try{ $filterID = $this->_request->getParam('filterID'); $filter = new Application_Model_Filter(); $filtermapper = new Application_Model_FilterMapper(); @@ -159,14 +158,32 @@ class User_FilterController extends Zend_Controller_Action if($filter->getGroupID() == $this->membership->getGroupID()){ $editfilterform = new user_Form_Filter(array('buttontext' => 'Edit Filter','bootmenus'=>$bootmenus),$_POST); if ($editfilterform->isValid($_POST)) { + $filtermapper = new Application_Model_FilterMapper(); + $newfilterentry = new Application_Model_Filter($_POST); $newfilterentry->setID($this->_request->getParam('filterID')); $newfilterentry->setGroupID($this->membership->getGroupID()); $newfilterentry->setMembershipID($this->membership->getID()); - $newfilterentry->setCreated($_POST['created']); - $newfilter2 = new Application_Model_FilterMapper(); - $newfilter2->save($newfilterentry); - $this->_redirect('/user/filter/index/modifyresult/ok'); + + // TODO: ACL: if he is only allowed to edit filterpriority + if(false){ + $DBfilterentry = new Application_Model_Filter(); + $filtermapper->find($this->_request->getParam('filterID'),$DBfilterentry); + + $compareresult = $filtermapper->compare($newfilterentry,$DBfilterentry); + print_a($compareresult); + if(isset($compareresult['priority']) && count($compareresult) == 1){ + $filtermapper->save($newfilterentry); + #$this->_redirect('/user/filter/index/modifyresult/ok'); + } + else{ + $this->_redirect('/user/filter/index/modifyresult/forbidden'); + } + // TODO: ACL: he is allowed to edit the filter + elseif(true){ + $filtermapper->save($newfilterentry); + $this->_redirect('/user/filter/index/modifyresult/ok'); + } } $this->view->editfilterform = $editfilterform; } diff --git a/application/modules/user/forms/Filter.php b/application/modules/user/forms/Filter.php index 69aaf4b..21d5765 100644 --- a/application/modules/user/forms/Filter.php +++ b/application/modules/user/forms/Filter.php @@ -52,6 +52,11 @@ class user_Form_Filter extends Zend_Form $this->addElement('button', 'Cancel', array( 'onclick' => 'self.location="/user/filter"' )); + + $this->addElement('hidden', 'created', array( + 'required' => false, + 'ignore' => true + )); } function setBootmenus($val){ $this->bootmenus = $val; |