PageRenderTime 52ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/src/Backend/Modules/Groups/Actions/Edit.php

http://github.com/forkcms/forkcms
PHP | 631 lines | 389 code | 100 blank | 142 comment | 53 complexity | fb4d33de93c96fb010509c09b46c31ca MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception, MIT, AGPL-3.0, LGPL-2.1, BSD-3-Clause 
    

  1. <?php
    2. 

  2. 

  3. namespace Backend\Modules\Groups\Actions;
    4. 

  4. 

  5. use Backend\Core\Engine\Authentication as BackendAuthentication;
    6. 

  6. use Backend\Core\Engine\Base\ActionEdit as BackendBaseActionEdit;
    7. 

  7. use Backend\Core\Engine\DataGridArray as BackendDataGridArray;
    8. 

  8. use Backend\Core\Engine\DataGridDatabase as BackendDataGridDatabase;
    9. 

  9. use Backend\Core\Engine\Form as BackendForm;
    10. 

  10. use Backend\Core\Language\Language as BL;
    11. 

  11. use Backend\Core\Engine\Model as BackendModel;
    12. 

  12. use Backend\Form\Type\DeleteType;
    13. 

  13. use Backend\Modules\Groups\Engine\Model as BackendGroupsModel;
    14. 

  14. use Backend\Modules\Users\Engine\Model as BackendUsersModel;
    15. 

  15. use Symfony\Component\Finder\Finder;
    16. 

  16. 

  17. /**
    18. 

  18.  * This is the edit-action, it will display a form to edit a group
    19. 

  19.  */
    20. 

  20. class Edit extends BackendBaseActionEdit
    21. 

  21. {
    22. 

  22.     /**
    23. 

  23.      * The action groups
    24. 

  24.      *
    25. 

  25.      * @var array
    26. 

  26.      */
    27. 

  27.     private $actionGroups = [];
    28. 

  28. 

  29.     /**
    30. 

  30.      * The actions
    31. 

  31.      *
    32. 

  32.      * @var array
    33. 

  33.      */
    34. 

  34.     private $actions = [];
    35. 

  35. 

  36.     /**
    37. 

  37.      * The dashboard sequence
    38. 

  38.      *
    39. 

  39.      * @var array
    40. 

  40.      */
    41. 

  41.     private $hiddenOnDashboard = [];
    42. 

  42. 

  43.     /**
    44. 

  44.      * The users datagrid
    45. 

  45.      *
    46. 

  46.      * @var BackendDataGridDatabase
    47. 

  47.      */
    48. 

  48.     private $dataGridUsers;
    49. 

  49. 

  50.     /**
    51. 

  51.      * The modules
    52. 

  52.      *
    53. 

  53.      * @var array
    54. 

  54.      */
    55. 

  55.     private $modules;
    56. 

  56. 

  57.     /**
    58. 

  58.      * The widgets
    59. 

  59.      *
    60. 

  60.      * @var array
    61. 

  61.      */
    62. 

  62.     private $widgets;
    63. 

  63. 

  64.     /**
    65. 

  65.      * The widget instances
    66. 

  66.      *
    67. 

  67.      * @var array
    68. 

  68.      */
    69. 

  69.     private $widgetInstances;
    70. 

  70. 

  71.     private function bundleActions(): void
    72. 

  72.     {
    73. 

  73.         foreach ($this->modules as $module) {
    74. 

  74.             // loop through actions and add all classnames
    75. 

  75.             foreach ($this->actions[$module['value']] as $key => $action) {
    76. 

  76.                 // ajax action?
    77. 

  77.                 if (class_exists('Backend\\Modules\\' . $module['value'] . '\\Ajax\\' . $action['value'])) {
    78. 

  78.                     // create reflection class
    79. 

  79.                     $reflection = new \ReflectionClass('Backend\\Modules\\' . $module['value'] . '\\Ajax\\' . $action['value']);
    80. 

  80.                 } else {
    81. 

  81.                     // no ajax action? create reflection class
    82. 

  82.                     $reflection = new \ReflectionClass('Backend\\Modules\\' . $module['value'] . '\\Actions\\' . $action['value']);
    83. 

  83.                 }
    84. 

  84. 

  85.                 // get the tag offset
    86. 

  86.                 $offset = mb_strpos($reflection->getDocComment(), ACTION_GROUP_TAG) + mb_strlen(ACTION_GROUP_TAG);
    87. 

  87. 

  88.                 // no tag present? move on!
    89. 

  89.                 if (!($offset - mb_strlen(ACTION_GROUP_TAG))) {
    90. 

  90.                     continue;
    91. 

  91.                 }
    92. 

  92. 

  93.                 // get the group info
    94. 

  94.                 $groupInfo = trim(mb_substr($reflection->getDocComment(), $offset, (mb_strpos($reflection->getDocComment(), '*', $offset) - $offset)));
    95. 

  95. 

  96.                 // get name and description
    97. 

  97.                 $bits = explode("\t", $groupInfo);
    98. 

  98. 

  99.                 // delete empty values
    100. 

  100.                 foreach ($bits as $i => $bit) {
    101. 

  101.                     if (empty($bit)) {
    102. 

  102.                         unset($bits[$i]);
    103. 

  103.                     }
    104. 

  104.                 }
    105. 

  105. 

  106.                 // add group to actions
    107. 

  107.                 $this->actions[$module['value']][$key]['group'] = $bits[0];
    108. 

  108. 

  109.                 // add group to array
    110. 

  110.                 $this->actionGroups[$bits[0]] = end($bits);
    111. 

  111.             }
    112. 

  112.         }
    113. 

  113.     }
    114. 

  114. 

  115.     public function execute(): void
    116. 

  116.     {
    117. 

  117.         parent::execute();
    118. 

  118.         $this->getData();
    119. 

  119.         $this->loadDataGrids();
    120. 

  120.         $this->loadForm();
    121. 

  121.         $this->validateForm();
    122. 

  122.         $this->loadDeleteForm();
    123. 

  123.         $this->parse();
    124. 

  124.         $this->display();
    125. 

  125.     }
    126. 

  126. 

  127.     private function getActions(): void
    128. 

  128.     {
    129. 

  129.         $this->actions = [];
    130. 

  130.         $filter = ['Authentication', 'Error', 'Core'];
    131. 

  131.         $modules = [];
    132. 

  132. 

  133.         $finder = new Finder();
    134. 

  134.         $finder->name('*.php')
    135. 

  135.             ->in(BACKEND_MODULES_PATH . '/*/Actions')
    136. 

  136.             ->in(BACKEND_MODULES_PATH . '/*/Ajax');
    137. 

  137.         foreach ($finder->files() as $file) {
    138. 

  138.             /** @var $file \SplFileInfo */
    139. 

  139.             $module = $file->getPathInfo()->getPathInfo()->getBasename();
    140. 

  140. 

  141.             // skip some modules
    142. 

  142.             if (in_array($module, $filter)) {
    143. 

  143.                 continue;
    144. 

  144.             }
    145. 

  145. 

  146.             if (BackendAuthentication::isAllowedModule($module)) {
    147. 

  147.                 $actionName = $file->getBasename('.php');
    148. 

  148.                 $isAjax = $file->getPathInfo()->getBasename() == 'Ajax';
    149. 

  149.                 $modules[] = $module;
    150. 

  150. 

  151.                 // ajax-files should be required
    152. 

  152.                 if ($isAjax) {
    153. 

  153.                     $class = 'Backend\\Modules\\' . $module . '\\Ajax\\' . $actionName;
    154. 

  154.                 } else {
    155. 

  155.                     $class = 'Backend\\Modules\\' . $module . '\\Actions\\' . $actionName;
    156. 

  156.                 }
    157. 

  157. 

  158.                 $reflection = new \ReflectionClass($class);
    159. 

  159.                 $phpDoc = trim($reflection->getDocComment());
    160. 

  160.                 if ($phpDoc != '') {
    161. 

  161.                     $offset = mb_strpos($reflection->getDocComment(), '*', 7);
    162. 

  162.                     $description = mb_substr($reflection->getDocComment(), 0, $offset);
    163. 

  163.                     $description = str_replace('*', '', $description);
    164. 

  164.                     $description = trim(str_replace('/', '', $description));
    165. 

  165.                 } else {
    166. 

  166.                     $description = '';
    167. 

  167.                 }
    168. 

  168. 

  169.                 $this->actions[$module][] = [
    170. 

  170.                     'label' => \SpoonFilter::toCamelCase($actionName),
    171. 

  171.                     'value' => $actionName,
    172. 

  172.                     'description' => $description,
    173. 

  173.                 ];
    174. 

  174.             }
    175. 

  175.         }
    176. 

  176. 

  177.         $modules = array_unique($modules);
    178. 

  178.         foreach ($modules as $module) {
    179. 

  179.             $this->modules[] = [
    180. 

  180.                 'label' => \SpoonFilter::toCamelCase($module),
    181. 

  181.                 'value' => $module,
    182. 

  182.             ];
    183. 

  183. 

  184.             usort($this->actions[$module], function ($a, $b) {
    185. 

  185.                 return strcmp($a["label"], $b["label"]);
    186. 

  186.             });
    187. 

  187.         }
    188. 

  188.     }
    189. 

  189. 

  190.     private function getData(): void
    191. 

  191.     {
    192. 

  192.         $this->id = $this->getRequest()->query->getInt('id');
    193. 

  193. 

  194.         // get dashboard sequence
    195. 

  195.         $this->hiddenOnDashboard = BackendGroupsModel::getSetting($this->id, 'hidden_on_dashboard');
    196. 

  196. 

  197.         // get the record
    198. 

  198.         $this->record = BackendGroupsModel::get($this->id);
    199. 

  199. 

  200.         // no item found, throw an exceptions, because somebody is fucking with our URL
    201. 

  201.         if (empty($this->record)) {
    202. 

  202.             $this->redirect(BackendModel::createUrlForAction('Index') . '&error=non-existing');
    203. 

  203.         }
    204. 

  204. 

  205.         $this->getWidgets();
    206. 

  206.         $this->getActions();
    207. 

  207.         $this->bundleActions();
    208. 

  208.     }
    209. 

  209. 

  210.     private function getWidgets(): void
    211. 

  211.     {
    212. 

  212.         $this->widgets = [];
    213. 

  213.         $this->widgetInstances = [];
    214. 

  214. 

  215.         $finder = new Finder();
    216. 

  216.         $finder->name('*.php')
    217. 

  217.             ->in(BACKEND_MODULES_PATH . '/*/Widgets');
    218. 

  218.         foreach ($finder->files() as $file) {
    219. 

  219.             $module = $file->getPathInfo()->getPathInfo()->getBasename();
    220. 

  220.             if (BackendAuthentication::isAllowedModule($module)) {
    221. 

  221.                 $widgetName = $file->getBasename('.php');
    222. 

  222.                 $class = 'Backend\\Modules\\' . $module . '\\Widgets\\' . $widgetName;
    223. 

  223. 

  224.                 if (class_exists($class)) {
    225. 

  225.                     // add to array
    226. 

  226.                     $this->widgetInstances[] = [
    227. 

  227.                         'module' => $module,
    228. 

  228.                         'widget' => $widgetName,
    229. 

  229.                         'className' => $class,
    230. 

  230.                     ];
    231. 

  231. 

  232.                     // create reflection class
    233. 

  233.                     $reflection = new \ReflectionClass($class);
    234. 

  234.                     $phpDoc = trim($reflection->getDocComment());
    235. 

  235.                     if ($phpDoc != '') {
    236. 

  236.                         $offset = mb_strpos($reflection->getDocComment(), '*', 7);
    237. 

  237.                         $description = mb_substr($reflection->getDocComment(), 0, $offset);
    238. 

  238.                         $description = str_replace('*', '', $description);
    239. 

  239.                         $description = trim(str_replace('/', '', $description));
    240. 

  240.                     } else {
    241. 

  241.                         $description = '';
    242. 

  242.                     }
    243. 

  243. 

  244.                     // check if model file exists
    245. 

  245.                     $pathName = $file->getPathInfo()->getPathInfo()->getRealPath();
    246. 

  246.                     if (is_file($pathName . '/engine/model.php')) {
    247. 

  247.                         // require model
    248. 

  248.                         require_once $pathName . '/engine/model.php';
    249. 

  249.                     }
    250. 

  250. 

  251.                     // add to array
    252. 

  252.                     $this->widgets[] = [
    253. 

  253.                         'checkbox_name' => \SpoonFilter::toCamelCase($module) . \SpoonFilter::toCamelCase($widgetName),
    254. 

  254.                         'module_name' => $module,
    255. 

  255.                         'label' => \SpoonFilter::toCamelCase($widgetName),
    256. 

  256.                         'value' => $widgetName,
    257. 

  257.                         'description' => $description,
    258. 

  258.                     ];
    259. 

  259.                 }
    260. 

  260.             }
    261. 

  261.         }
    262. 

  262.     }
    263. 

  263. 

  264.     private function loadDataGrids(): void
    265. 

  265.     {
    266. 

  266.         $this->dataGridUsers = new BackendDataGridDatabase(BackendGroupsModel::QUERY_ACTIVE_USERS, [$this->id, false]);
    267. 

  267. 

  268.         // check if this action is allowed
    269. 

  269.         if (BackendAuthentication::isAllowedAction('Edit', 'Users')) {
    270. 

  270.             // add columns
    271. 

  271.             $this->dataGridUsers->addColumn('nickname', \SpoonFilter::ucfirst(BL::lbl('Nickname')), null, BackendModel::createUrlForAction('Edit', 'Users') . '&amp;id=[id]');
    272. 

  272.             $this->dataGridUsers->addColumn('surname', \SpoonFilter::ucfirst(BL::lbl('Surname')), null, BackendModel::createUrlForAction('Edit', 'Users') . '&amp;id=[id]');
    273. 

  273.             $this->dataGridUsers->addColumn('name', \SpoonFilter::ucfirst(BL::lbl('Name')), null, BackendModel::createUrlForAction('Edit', 'Users') . '&amp;id=[id]');
    274. 

  274. 

  275.             // add column URL
    276. 

  276.             $this->dataGridUsers->setColumnURL('email', BackendModel::createUrlForAction('Edit', 'Users') . '&amp;id=[id]');
    277. 

  277. 

  278.             // set columns sequence
    279. 

  279.             $this->dataGridUsers->setColumnsSequence('nickname', 'surname', 'name', 'email');
    280. 

  280. 

  281.             // show users's name, surname and nickname
    282. 

  282.             $this->dataGridUsers->setColumnFunction([new BackendUsersModel(), 'getSetting'], ['[id]', 'surname'], 'surname', false);
    283. 

  283.             $this->dataGridUsers->setColumnFunction([new BackendUsersModel(), 'getSetting'], ['[id]', 'name'], 'name', false);
    284. 

  284.             $this->dataGridUsers->setColumnFunction([new BackendUsersModel(), 'getSetting'], ['[id]', 'nickname'], 'nickname', false);
    285. 

  285.         }
    286. 

  286.     }
    287. 

  287. 

  288.     private function loadForm(): void
    289. 

  289.     {
    290. 

  290.         $this->form = new BackendForm('edit');
    291. 

  291. 

  292.         // get selected permissions
    293. 

  293.         $actionPermissions = BackendGroupsModel::getActionPermissions($this->id);
    294. 

  294. 

  295.         $selectedWidgets = [];
    296. 

  296.         $widgetBoxes = [];
    297. 

  297.         $permissionBoxes = [];
    298. 

  298.         $actionBoxes = [];
    299. 

  299. 

  300.         // loop through modules
    301. 

  301.         foreach ($this->modules as $key => $module) {
    302. 

  302.             // widgets available?
    303. 

  303.             if (isset($this->widgets)) {
    304. 

  304.                 // loop through widgets
    305. 

  305.                 foreach ($this->widgets as $j => $widget) {
    306. 

  306.                     if ($widget['checkbox_name'] != $module['value'] . $widget['value']) {
    307. 

  307.                         continue;
    308. 

  308.                     }
    309. 

  309. 

  310.                     if (!isset($this->hiddenOnDashboard[$module['value']]) ||
    311. 

  311.                         !in_array($widget['value'], $this->hiddenOnDashboard[$module['value']])) {
    312. 

  312.                         $selectedWidgets[$j] = $widget['checkbox_name'];
    313. 

  313.                     }
    314. 

  314. 

  315.                     // add widget checkboxes
    316. 

  316.                     $widgetBoxes[$j]['check'] = '<span>' . $this->form->addCheckbox('widgets_' . $widget['checkbox_name'], isset($selectedWidgets[$j]) ? $selectedWidgets[$j] : null)->parse() . '</span>';
    317. 

  317.                     $widgetBoxes[$j]['module'] = \SpoonFilter::ucfirst(BL::lbl($widget['module_name']));
    318. 

  318.                     $widgetBoxes[$j]['widget'] = '<label for="widgets' . \SpoonFilter::toCamelCase($widget['checkbox_name']) . '">' . $widget['label'] . '</label>';
    319. 

  319.                     $widgetBoxes[$j]['description'] = $widget['description'];
    320. 

  320.                 }
    321. 

  321.             }
    322. 

  322. 

  323.             $selectedActions = [];
    324. 

  324. 

  325.             // loop through action permissions
    326. 

  326.             foreach ($actionPermissions as $permission) {
    327. 

  327.                 // add to selected actions
    328. 

  328.                 if ($permission['module'] == $module['value']) {
    329. 

  329.                     $selectedActions[] = $permission['action'];
    330. 

  330.                 }
    331. 

  331.             }
    332. 

  332. 

  333.             // add module labels
    334. 

  334.             $permissionBoxes[$key]['label'] = $module['label'];
    335. 

  335. 

  336.             // init var
    337. 

  337.             $addedBundles = [];
    338. 

  338. 

  339.             // loop through actions
    340. 

  340.             foreach ($this->actions[$module['value']] as $i => $action) {
    341. 

  341.                 // action is bundled?
    342. 

  342.                 if (array_key_exists('group', $action)) {
    343. 

  343.                     // bundle not yet in array?
    344. 

  344.                     if (!in_array($action['group'], $addedBundles)) {
    345. 

  345.                         // assign bundled action boxes
    346. 

  346.                         $actionBoxes[$key]['actions'][$i]['check'] = $this->form->addCheckbox('actions_' . $module['label'] . '_' . 'Group_' . \SpoonFilter::ucfirst($action['group']), in_array($action['value'], $selectedActions))->parse();
    347. 

  347.                         $actionBoxes[$key]['actions'][$i]['action'] = \SpoonFilter::ucfirst($action['group']);
    348. 

  348.                         $actionBoxes[$key]['actions'][$i]['description'] = $this->actionGroups[$action['group']];
    349. 

  349. 

  350.                         // add the group to the added bundles
    351. 

  351.                         $addedBundles[] = $action['group'];
    352. 

  352.                     }
    353. 

  353.                 } else {
    354. 

  354.                     // assign action boxes
    355. 

  355.                     $actionBoxes[$key]['actions'][$i]['check'] = $this->form->addCheckbox('actions_' . $module['label'] . '_' . $action['label'], in_array($action['value'], $selectedActions))->parse();
    356. 

  356.                     $actionBoxes[$key]['actions'][$i]['action'] = '<label for="actions' . \SpoonFilter::toCamelCase($module['label'] . '_' . $action['label']) . '">' . $action['label'] . '</label>';
    357. 

  357.                     $actionBoxes[$key]['actions'][$i]['description'] = $action['description'];
    358. 

  358.                 }
    359. 

  359.             }
    360. 

  360. 

  361.             // widgetboxes available?
    362. 

  362.             if (isset($widgetBoxes)) {
    363. 

  363.                 // create datagrid
    364. 

  364.                 $widgetGrid = new BackendDataGridArray($widgetBoxes);
    365. 

  365.                 $widgetGrid->setHeaderLabels(['check' => '<span class="checkboxHolder"><input id="toggleChecksWidgets" type="checkbox" name="toggleChecks" value="toggleChecks" /></span>']);
    366. 

  366. 

  367.                 // get content
    368. 

  368.                 $widgets = $widgetGrid->getContent();
    369. 

  369.             }
    370. 

  370. 

  371.             // create datagrid
    372. 

  372.             $actionGrid = new BackendDataGridArray($actionBoxes[$key]['actions']);
    373. 

  373.             $actionGrid->setHeaderLabels(['check' => '']);
    374. 

  374. 

  375.             // disable paging
    376. 

  376.             $actionGrid->setPaging(false);
    377. 

  377. 

  378.             // get content of datagrids
    379. 

  379.             $permissionBoxes[$key]['actions']['dataGrid'] = $actionGrid->getContent();
    380. 

  380.             $permissionBoxes[$key]['chk'] = $this->form->addCheckbox(
    381. 

  381.                 $module['label'],
    382. 

  382.                 false,
    383. 

  383.                 'inputCheckbox checkBeforeUnload jsSelectAll'
    384. 

  384.             )->parse();
    385. 

  385.             $permissionBoxes[$key]['id'] = \SpoonFilter::toCamelCase($module['label']);
    386. 

  386.         }
    387. 

  387. 

  388.         // create elements
    389. 

  389.         $this->form->addText('name', $this->record['name']);
    390. 

  390.         $this->form->addDropdown('manage_users', ['Deny', 'Allow']);
    391. 

  391.         $this->form->addDropdown('manage_groups', ['Deny', 'Allow']);
    392. 

  392.         $this->template->assign('permissions', $permissionBoxes);
    393. 

  393.         $this->template->assign('widgets', $widgets ?? false);
    394. 

  394.     }
    395. 

  395. 

  396.     protected function parse(): void
    397. 

  397.     {
    398. 

  398.         parent::parse();
    399. 

  399. 

  400.         $this->template->assign('dataGridUsers', ($this->dataGridUsers->getNumResults() != 0) ? $this->dataGridUsers->getContent() : false);
    401. 

  401.         $this->template->assign('item', $this->record);
    402. 

  402.         $this->template->assign('groupName', $this->record['name']);
    403. 

  403. 

  404.         // only allow deletion of empty groups
    405. 

  405.         $this->template->assign('allowGroupsDelete', $this->dataGridUsers->getNumResults() == 0);
    406. 

  406. 

  407.         $this->header->appendDetailToBreadcrumbs($this->record['name']);
    408. 

  408.     }
    409. 

  409. 

  410.     /**
    411. 

  411.      * Update the permissions
    412. 

  412.      *
    413. 

  413.      * @param \SpoonFormElement[] $actionPermissions The action permissions.
    414. 

  414.      * @param array $bundledActionPermissions The bundled action permissions.
    415. 

  415.      */
    416. 

  416.     private function updatePermissions(array $actionPermissions, array $bundledActionPermissions): void
    417. 

  417.     {
    418. 

  418.         $modulesDenied = [];
    419. 

  419.         $modulesGranted = [];
    420. 

  420.         $actionsDenied = [];
    421. 

  421.         $actionsGranted = [];
    422. 

  422.         $checkedModules = [];
    423. 

  423.         $uncheckedModules = [];
    424. 

  424. 

  425.         // loop through action permissions
    426. 

  426.         foreach ($actionPermissions as $permission) {
    427. 

  427.             // get bits
    428. 

  428.             $bits = explode('_', $permission->getName());
    429. 

  429. 

  430.             // convert camelcasing to underscore notation
    431. 

  431.             $module = $bits[1];
    432. 

  432.             $action = $bits[2];
    433. 

  433. 

  434.             // permission checked?
    435. 

  435.             if ($permission->getChecked()) {
    436. 

  436.                 // add to granted
    437. 

  437.                 $actionsGranted[] = ['group_id' => $this->id, 'module' => $module, 'action' => $action, 'level' => ACTION_RIGHTS_LEVEL];
    438. 

  438. 

  439.                 // if not yet present, add to checked modules
    440. 

  440.                 if (!in_array($module, $checkedModules)) {
    441. 

  441.                     $checkedModules[] = $module;
    442. 

  442.                 }
    443. 

  443.             } else {
    444. 

  444.                 // add to denied
    445. 

  445.                 $actionsDenied[] = ['group_id' => $this->id, 'module' => $module, 'action' => $action, 'level' => ACTION_RIGHTS_LEVEL];
    446. 

  446. 

  447.                 // if not yet present add to unchecked modules
    448. 

  448.                 if (!in_array($module, $uncheckedModules)) {
    449. 

  449.                     $uncheckedModules[] = $module;
    450. 

  450.                 }
    451. 

  451.             }
    452. 

  452.         }
    453. 

  453. 

  454.         // loop through bundled action permissions
    455. 

  455.         foreach ($bundledActionPermissions as $permission) {
    456. 

  456.             // get bits
    457. 

  457.             $bits = explode('_', $permission->getName());
    458. 

  458. 

  459.             // convert camelcasing to underscore notation
    460. 

  460.             $module = $bits[1];
    461. 

  461.             $group = $bits[3];
    462. 

  462. 

  463.             // loop through actions
    464. 

  464.             foreach ($this->actions[$module] as $moduleAction) {
    465. 

  465.                 // permission checked?
    466. 

  466.                 if ($permission->getChecked()) {
    467. 

  467.                     // add to granted if in the right group
    468. 

  468.                     if (in_array($group, $moduleAction)) {
    469. 

  469.                         $actionsGranted[] = ['group_id' => $this->id, 'module' => $module, 'action' => $moduleAction['value'], 'level' => ACTION_RIGHTS_LEVEL];
    470. 

  470.                     }
    471. 

  471. 

  472.                     // if not yet present, add to checked modules
    473. 

  473.                     if (!in_array($module, $checkedModules)) {
    474. 

  474.                         $checkedModules[] = $module;
    475. 

  475.                     }
    476. 

  476.                 } else {
    477. 

  477.                     // add to denied
    478. 

  478.                     if (in_array($group, $moduleAction)) {
    479. 

  479.                         $actionsDenied[] = ['group_id' => $this->id, 'module' => $module, 'action' => $moduleAction['value'], 'level' => ACTION_RIGHTS_LEVEL];
    480. 

  480.                     }
    481. 

  481. 

  482.                     // if not yet present add to unchecked modules
    483. 

  483.                     if (!in_array($module, $uncheckedModules)) {
    484. 

  484.                         $uncheckedModules[] = $module;
    485. 

  485.                     }
    486. 

  486.                 }
    487. 

  487.             }
    488. 

  488.         }
    489. 

  489. 

  490.         // loop through granted modules and add to array
    491. 

  491.         foreach ($checkedModules as $module) {
    492. 

  492.             $modulesGranted[] = ['group_id' => $this->id, 'module' => $module];
    493. 

  493.         }
    494. 

  494. 

  495.         // loop through denied modules and add to array
    496. 

  496.         foreach (array_diff($uncheckedModules, $checkedModules) as $module) {
    497. 

  497.             $modulesDenied[] = ['group_id' => $this->id, 'module' => $module];
    498. 

  498.         }
    499. 

  499. 

  500.         // add granted permissions
    501. 

  501.         BackendGroupsModel::addModulePermissions($modulesGranted);
    502. 

  502.         BackendGroupsModel::addActionPermissions($actionsGranted);
    503. 

  503. 

  504.         // delete denied permissions
    505. 

  505.         BackendGroupsModel::deleteModulePermissions($modulesDenied);
    506. 

  506.         BackendGroupsModel::deleteActionPermissions($actionsDenied);
    507. 

  507.     }
    508. 

  508. 

  509.     /**
    510. 

  510.      * @param \SpoonFormElement[] $widgetPresets The widgets presets.
    511. 

  511.      *
    512. 

  512.      * @return array
    513. 

  513.      */
    514. 

  514.     private function updateWidgets(array $widgetPresets): array
    515. 

  515.     {
    516. 

  516.         // empty dashboard sequence
    517. 

  517.         $this->hiddenOnDashboard = [];
    518. 

  518. 

  519.         // loop through all widgets
    520. 

  520.         foreach ($this->widgetInstances as $widget) {
    521. 

  521.             if (!BackendModel::isModuleInstalled($widget['module'])) {
    522. 

  522.                 continue;
    523. 

  523.             }
    524. 

  524. 

  525.             foreach ($widgetPresets as $preset) {
    526. 

  526.                 if ($preset->getAttribute('id') !== 'widgets' . $widget['module'] . $widget['widget']) {
    527. 

  527.                     continue;
    528. 

  528.                 }
    529. 

  529. 

  530.                 if (!$preset->getChecked()) {
    531. 

  531.                     if (!isset($this->hiddenOnDashboard[$widget['module']])) {
    532. 

  532.                         $this->hiddenOnDashboard[$widget['module']] = [];
    533. 

  533.                     }
    534. 

  534.                     $this->hiddenOnDashboard[$widget['module']][] = $widget['widget'];
    535. 

  535.                 }
    536. 

  536.             }
    537. 

  537.         }
    538. 

  538. 

  539.         // build group
    540. 

  540.         $userGroup = [];
    541. 

  541.         $userGroup['name'] = $this->form->getField('name')->getValue();
    542. 

  542.         $userGroup['id'] = $this->id;
    543. 

  543. 

  544.         // build setting
    545. 

  545.         $setting = [];
    546. 

  546.         $setting['group_id'] = $this->id;
    547. 

  547.         $setting['name'] = 'hidden_on_dashboard';
    548. 

  548.         $setting['value'] = serialize($this->hiddenOnDashboard);
    549. 

  549. 

  550.         // update group
    551. 

  551.         BackendGroupsModel::update($userGroup, $setting);
    552. 

  552. 

  553.         return $userGroup;
    554. 

  554.     }
    555. 

  555. 

  556.     private function validateForm(): void
    557. 

  557.     {
    558. 

  558.         if ($this->form->isSubmitted()) {
    559. 

  559.             $bundledActionPermissions = [];
    560. 

  560. 

  561.             // cleanup the submitted fields, ignore fields that were added by hackers
    562. 

  562.             $this->form->cleanupFields();
    563. 

  563. 

  564.             // get fields
    565. 

  565.             $nameField = $this->form->getField('name');
    566. 

  566. 

  567.             $actionPermissions = [];
    568. 

  568.             // loop through modules
    569. 

  569.             foreach ($this->modules as $module) {
    570. 

  570.                 // loop through actions
    571. 

  571.                 foreach ($this->actions[$module['value']] as $action) {
    572. 

  572.                     // collect permissions if not bundled
    573. 

  573.                     if (!array_key_exists('group', $action)) {
    574. 

  574.                         $actionPermissions[] = $this->form->getField('actions_' . $module['label'] . '_' . $action['label']);
    575. 

  575.                     }
    576. 

  576.                 }
    577. 

  577. 

  578.                 // loop through bundled actions
    579. 

  579.                 foreach ($this->actionGroups as $key => $group) {
    580. 

  580.                     // loop through all fields
    581. 

  581.                     foreach ($this->form->getFields() as $field) {
    582. 

  582.                         // field exists?
    583. 

  583.                         if ($field->getName() == 'actions_' . $module['label'] . '_' . 'Group_' . \SpoonFilter::ucfirst($key)) {
    584. 

  584.                             // add to bundled actions
    585. 

  585.                             $bundledActionPermissions[] = $this->form->getField('actions_' . $module['label'] . '_' . 'Group_' . \SpoonFilter::ucfirst($key));
    586. 

  586.                         }
    587. 

  587.                     }
    588. 

  588.                 }
    589. 

  589.             }
    590. 

  590. 

  591.             // loop through widgets and collect presets
    592. 

  592.             $widgetPresets = [];
    593. 

  593.             foreach ($this->widgets as $widget) {
    594. 

  594.                 $widgetPresets[] = $this->form->getField('widgets_' . $widget['checkbox_name']);
    595. 

  595.             }
    596. 

  596. 

  597.             // validate fields
    598. 

  598.             $nameField->isFilled(BL::err('NameIsRequired'));
    599. 

  599. 

  600.             // new name given?
    601. 

  601.             if ($nameField->getValue() !== $this->record['name']) {
    602. 

  602.                 // group already exists?
    603. 

  603.                 if (BackendGroupsModel::alreadyExists($nameField->getValue())) {
    604. 

  604.                     $nameField->setError(BL::err('GroupAlreadyExists'));
    605. 

  605.                 }
    606. 

  606.             }
    607. 

  607. 

  608.             // no errors?
    609. 

  609.             if ($this->form->isCorrect()) {
    610. 

  610.                 // update widgets
    611. 

  611.                 $group = $this->updateWidgets($widgetPresets);
    612. 

  612. 

  613.                 // update permissions
    614. 

  614.                 $this->updatePermissions($actionPermissions, $bundledActionPermissions);
    615. 

  615. 

  616.                 // everything is saved, so redirect to the overview
    617. 

  617.                 $this->redirect(BackendModel::createUrlForAction('Index') . '&report=edited&var=' . rawurlencode($group['name']) . '&highlight=row-' . $group['id']);
    618. 

  618.             }
    619. 

  619.         }
    620. 

  620.     }
    621. 

  621. 

  622.     private function loadDeleteForm(): void
    623. 

  623.     {
    624. 

  624.         $deleteForm = $this->createForm(
    625. 

  625.             DeleteType::class,
    626. 

  626.             ['id' => $this->record['id']],
    627. 

  627.             ['module' => $this->getModule()]
    628. 

  628.         );
    629. 

  629.         $this->template->assign('deleteForm', $deleteForm->createView());
    630. 

  630.     }
    631. 

  631. }
    632. 

  632.