summaryrefslogtreecommitdiff
path: root/core/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'core/controllers')
-rw-r--r--core/controllers/permissions.php24
1 files changed, 24 insertions, 0 deletions
diff --git a/core/controllers/permissions.php b/core/controllers/permissions.php
index 67b75782..388fbfeb 100644
--- a/core/controllers/permissions.php
+++ b/core/controllers/permissions.php
@@ -45,6 +45,30 @@ class Permissions_Controller extends Controller {
print $this->_get_form($item);
}
+ function allow($group_id, $perm_id, $item_id) {
+ access::verify_csrf();
+ $group = ORM::factory("group", $group_id);
+ $perm = ORM::factory("permission", $perm_id);
+ $item = ORM::factory("item", $item_id);
+ access::required("edit", $item);
+
+ if ($group->loaded && $perm->loaded && $item->loaded) {
+ access::allow($group, $perm->name, $item);
+ }
+ }
+
+ function deny($group_id, $perm_id, $item_id) {
+ access::verify_csrf();
+ $group = ORM::factory("group", $group_id);
+ $perm = ORM::factory("permission", $perm_id);
+ $item = ORM::factory("item", $item_id);
+ access::required("edit", $item);
+
+ if ($group->loaded && $perm->loaded && $item->loaded) {
+ access::deny($group, $perm->name, $item);
+ }
+ }
+
function _get_form($item) {
$view = new View("permissions_form.html");
$view->item = $item;
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-15 00:20:11 +0000