1 files changed, 116 insertions, 19 deletions
diff --git a/application/modules/user/controllers/PoolController.php b/application/modules/user/controllers/PoolController.php
index 01b5a2a..7ff4da1 100644
--- a/application/modules/user/controllers/PoolController.php
+++ b/application/modules/user/controllers/PoolController.php
@@ -29,7 +29,16 @@ class User_PoolController extends Zend_Controller_Action
 			$pbsNotifier = new Pbs_Notifier();
 			$this->view->notification = $pbsNotifier->notify('create',$result);
 		}
-		
+		$result = $this->_request->getParam('linkresult');
+		if($result != ""){
+			$pbsNotifier = new Pbs_Notifier();
+			$this->view->notification = $pbsNotifier->notify('link',$result);
+		}
+		$result = $this->_request->getParam('unlinkresult');
+		if($result != ""){
+			$pbsNotifier = new Pbs_Notifier();
+			$this->view->notification = $pbsNotifier->notify('unlink',$result);
+		}
 		
         $poolMapper = new Application_Model_PoolMapper();
         $this->view->pools = $poolMapper->fetchAll();
@@ -70,7 +79,7 @@ class User_PoolController extends Zend_Controller_Action
         			$this->_redirect('/dev/pool/index/addresult/error');  
         		}
 			}
-			$this->view->addpool = $addfilterform;		
+			$this->view->addpool = $addpoolform;		
 		}
     }
 
@@ -95,36 +104,49 @@ class User_PoolController extends Zend_Controller_Action
 			}			
 			$this->_redirect('/user/pool/index/deleteresult/error');
 		#}else{
-		#	$this->_redirect('/user/pool/index/deleteresult/forbidden');
+		#	$this->_redirect('/user/');
 		#}
     }
 
     public function editpoolAction()
     {
     	// TODO: ACL: is he allowed to edit a pool?
-    	// TODO: is he allowed to edit this pool?
         if (!isset($_POST["add"])){        
-			$poolID = $this->_request->getParam('poolID');
+			$poolID = $this->_request->getParam('poolID');			
 			$pool = new Application_Model_Pool();
 			$poolmapper = new Application_Model_PoolMapper();
-			$poolmapper->find($poolID,$pool);		
-			$poolArray = $pool->toArray();
-			$editpool = new user_Form_Pool(array('buttontext' => 'Edit Pool'));
-			$editpool->populate($poolArray);
-			$this->view->editpool = $editpool;
-		
+			$poolmapper->find($poolID,$pool);
+			if($pool->getGroupID() == $this->membership->getGroupID()){
+				$poolArray = $pool->toArray();
+				$editpool = new user_Form_Pool(array('buttontext' => 'Edit Pool'));
+				$editpool->populate($poolArray);
+				$this->view->editpool = $editpool;
+			}
+			else{
+				$this->_redirect('/user/pool/index/modifyresult/forbidden');
+			}		
 		}else {
 			$editpoolform = new user_Form_Pool(array('buttontext' => 'Edit Pool'),$_POST);
 			if ($editpoolform->isValid($_POST)) {			
 				try{
-					$pool = new Application_Model_Pool($_POST);
-					$pool->setID($this->_request->getParam('poolID'));
 					$poolmapper = new Application_Model_PoolMapper();
-					$poolmapper->save($pool);
-					$this->_redirect('/dev/pool/index/modifyresult/ok');			    	
+					$poolID = $this->_request->getParam('poolID');
+					$pooldb = new Application_Model_Pool();
+					$poolmapper->find($poolID,$pooldb);
+					print_a($pooldb->getGroupID(), $this->membership->getGroupID());
+					if($pooldb->getGroupID() == $this->membership->getGroupID()){				
+						$pool = new Application_Model_Pool($_POST);
+						$pool->setID($poolID);	
+						$pool->setGroupID($this->membership->getGroupID());	
+						$poolmapper->save($pool);
+						$this->_redirect('/user/pool/index/modifyresult/ok');		
+					}	   
+					else{
+						$this->_redirect('/user/pool/index/modifyresult/forbidden');
+					} 	
 				}catch (Zend_Exception $e) {  
         			echo "Error message 2: " . $e->getMessage() . "\n";  
-        			$this->_redirect('/dev/pool/index/modifyresult/error');	
+        			$this->_redirect('/user/pool/index/modifyresult/error');	
         		}
 			}
 			$this->view->editpool = $editpoolform;
@@ -132,13 +154,88 @@ class User_PoolController extends Zend_Controller_Action
     }
 
     public function linkclientAction()
-    {
-        // action body
+    {    	
+        $clientID = $this->_request->getParam('clientID');
+		$poolID = $this->_request->getParam('poolID');
+		
+		// TODO: ACL: Is he allowed to link clients to pools?
+		if(!isset($_POST['clientID']) && ($clientID == '')){
+			$clientmapper = new Application_Model_ClientMapper();
+			$clients = $clientmapper->findBy('groupID',$this->membership->getGroupID());		
+			$assignedclientmapper = new Application_Model_PoolEntriesMapper();
+			$assignedclients = $assignedclientmapper->fetchAll();
+			foreach($assignedclients as $c){
+				$assignedclientsArray[] = $c->toArray();
+			}				
+			$freeclients  = $this->arrayDiff($clients,$assignedclientsArray);
+			
+			$poolclient = new user_Form_PoolClient(array('buttontext' => 'Link Client','clients'=> $freeclients)); 		
+			$this->view->poolclient = $poolclient;
+		}else {	
+			$poolclient = new dev_Form_PoolClient(array('buttontext' => 'Link Client'),$_POST);						
+			try{
+				$poolID = $this->_request->getParam('poolID');
+				$poolmapper = new Application_Model_PoolMapper();
+				$pooldb = new Application_Model_Pool();
+				$poolmapper->find($poolID,$pooldb);
+				$clientmapper = new Application_Model_ClientMapper();
+				$clientdb = new Application_Model_Client();
+				$clientmapper->find($clientID,$clientdb);				
+			
+				if($pooldb->getGroupID() == $this->membership->getGroupID()	&& $clientdb->getGroupID() == $this->membership->getGroupID()){
+					$poolentriesmapper = new Application_Model_PoolEntriesMapper();				
+					$poolentry = new Application_Model_PoolEntries($_POST);
+					$poolentry->setPoolID($poolID);
+					if($poolentry->getClientID() == ''){
+						$poolentry->setClientID($clientID);
+					}				
+					$poolentriesmapper->save($poolentry);
+					$this->_redirect('/user/pool/index/linkresult/ok');		
+				}
+				else{
+					$this->_redirect('/user/pool/index/linkresult/forbidden');	
+				}	    	
+			}catch (Zend_Exception $e) {  
+    			echo "Error message 2: " . $e->getMessage() . "\n";  
+    			$this->_redirect('/user/pool/index/linkresult/error');	
+    		}
+			$this->view->poolclient = $poolclient;			
+		}
     }
 
     public function unlinkclientAction()
     {
-        // action body
+         $poolentriesID = $this->_request->getParam('poolentriesID');
+       
+         // TODO: ACL: Is he allowed to unlink clients from pools?
+         if(is_numeric($poolentriesID)){
+		     $poolentriesMapper = new Application_Model_PoolEntriesMapper();
+		     $poolentry = new Application_Model_PoolEntries();
+		     $poolentriesMapper->find($poolentriesID,$poolentry);
+		     $clientMapper = new Application_Model_ClientMapper();
+		     $client = new Application_Model_Client();
+		     
+		     $poolMapper = new Application_Model_PoolMapper();
+		     $pool = new Application_Model_Pool();
+		     
+		     $clientMapper->find($poolentry->getClientID(),$client);
+		     $poolMapper->find($poolentry->getPoolID(),$pool);
+         
+         
+	         if($pool->getGroupID() == $this->membership->getGroupID() && $client->getGroupID() == $this->membership->getGroupID()){			
+				$deletepoolentries = new Application_Model_PoolEntries();
+				$deletepoolentries->setID($poolentriesID);
+				$deletepoolentriesmapper = new Application_Model_PoolEntriesMapper();
+				$deletepoolentriesmapper->delete($deletepoolentries);
+				$this->_redirect('/user/pool/index/unlinkresult/ok');
+			}
+			else{
+				$this->_redirect('/user/pool/index/unlinkresult/forbidden');
+			}
+		}
+		else{
+			$this->_redirect('/user/pool/index/unlinkresult/error');
+		}
     }
     
     // creates an array of two arrays