X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=include%2Fvalidations.inc.php;h=7c87d4c2a0a6cb1280a211caea295bcbca3af849;hb=54722967b9b605dca8cff67fc3a050194beba368;hp=b268fb6863f0c30fe3c97b8d57101d85719abbfb;hpb=9f52839d4a55c6b59ab80af35026a064e007ac72;p=platal.git diff --git a/include/validations.inc.php b/include/validations.inc.php index b268fb6..7c87d4c 100644 --- a/include/validations.inc.php +++ b/include/validations.inc.php @@ -1,6 +1,6 @@ spoolroot . '/core/classes/xdb.php'; -/** - * Iterator class, that lists objects through the database - */ -class ValidateIterator extends XOrgDBIterator -{ - // {{{ constuctor - - public function __construct() - { - parent::__construct('SELECT data, DATE_FORMAT(stamp, "%Y%m%d%H%i%s") - FROM requests - ORDER BY stamp', MYSQL_NUM); - } - - // }}} - // {{{ function next() - - public function next() - { - if (list($result, $stamp) = parent::next()) { - $result = Validate::unserialize($result); - $result->stamp = $stamp; - return $result; - } - - return null; - } - - // }}} -} /** Virtual class to adapt for every possible implementation. */ @@ -73,6 +42,9 @@ abstract class Validate // Validations rules: comments for administrators. public $rules = 'Mieux vaut laisser une demande de validation à un autre administrateur que de valider une requête illégale ou que de refuser une demande légitime.'; + // Unless differently stated, a validation must be done by a site administrator. + public $requireAdmin = true; + // }}} // {{{ constructor @@ -81,7 +53,7 @@ abstract class Validate * @param $_unique: set to false if a profile can have multiple requests of this type. * @param $_type: request's type. */ - public function __construct(User &$_user, $_unique, $_type) + public function __construct(User $_user, $_unique, $_type) { $this->user = &$_user; $this->stamp = date('YmdHis'); @@ -157,6 +129,11 @@ abstract class Validate */ public function handle_formu() { + if ($this->requireAdmin && !S::admin()) { + $this->trigError('Vous n\'avez pas les permissions nécessaires pour valider cette demande.'); + return false; + } + if (Env::has('delete')) { $this->clean(); $this->trigSuccess('Requête supprimée.'); @@ -426,6 +403,43 @@ abstract class Validate } // }}} + + /** Return an iterator over the validation concerning the given type + * and the given user. + * + * @param type The type of the validations to fetch, null mean "any type" + * @param applyTo A User or a Profile object the validation applies to. + */ + public static function iterate($type = null, $applyTo = null) + { + function toValidation($elt) + { + list($result, $stamp) = $elt; + $result = Validate::unserialize($result); + $result->stamp = $stamp; + return $result; + } + + $where = array(); + if ($type) { + $where[] = XDB::format('type = {?}', $type); + } + if ($applyTo) { + if ($applyTo instanceof User) { + $where[] = XDB::format('uid = {?}', $applyTo->id()); + } else if ($applyTo instanceof Profile) { + $where[] = XDB::format('pid = {?}', $applyTo->id()); + } + } + if (!empty($where)) { + $where = 'WHERE ' . implode('AND', $where); + } + $it = XDB::iterRow('SELECT data, DATE_FORMAT(stamp, "%Y%m%d%H%i%s") + FROM requests + ' . $where . ' + ORDER BY stamp'); + return PlIteratorUtils::map($it, 'toValidation'); + } } /** Virtual class for profile related validation. @@ -449,7 +463,7 @@ abstract class ProfileValidate extends Validate * @param $_unique: set to false if a profile can have multiple requests of this type. * @param $_type: request's type. */ - public function __construct(User &$_user, Profile &$_profile, $_unique, $_type) + public function __construct(User $_user, Profile $_profile, $_unique, $_type) { parent::__construct($_user, $_unique, $_type); $this->profile = &$_profile; @@ -592,7 +606,8 @@ abstract class ProfileValidate extends Validate { $res = XDB::iterRow('SELECT data FROM requests - WHERE pid = {?} and type = {?}', + WHERE pid = {?} and type = {?} + ORDER BY stamp', $pid, $type); $array = array(); while (list($data) = $res->next()) {