2 files changed, 19 insertions, 4 deletions

diff --git a/core/views/permissions_edit.html.php b/core/views/permissions_edit.html.php
index ee561091..599ba520 100644
--- a/core/views/permissions_edit.html.php
+++ b/core/views/permissions_edit.html.php
@@ -6,8 +6,19 @@
       url: form_url,
       success: function(data) {
         $("div.form").slideUp();
-        var el = $("div#edit-" + id);
-        el.html(data).slideDown();
+        $("div#edit-" + id).html(data).slideDown();
+      }
+    });
+  }
+
+  var action_url = "<?= url::site("permissions/__CMD__/__GROUP__/__PERM__/__ITEM__?csrf=" . access::csrf_token()) ?>";
+  var form_url = "<?= url::site("permissions/form/__ITEM__") ?>";
+  set = function(cmd, group_id, perm_id, item_id) {
+    $.ajax({
+      url: action_url.replace("__CMD__", cmd).replace("__GROUP__", group_id).
+           replace("__PERM__", perm_id).replace("__ITEM__", item_id),
+      success: function(data) {
+        $("div#edit-" + item_id).load(form_url.replace("__ITEM__", item_id));
       }
     });
   }
diff --git a/core/views/permissions_form.html.php b/core/views/permissions_form.html.php
index 4933d6f2..80fbedf6 100644
--- a/core/views/permissions_form.html.php
+++ b/core/views/permissions_form.html.php
@@ -22,9 +22,13 @@
         <? elseif ($locked && !$allowed): ?>
         denied <a href="#">locked</a>
         <? elseif ($allowed): ?>
-        <a href="#">allowed</a>
+        <a href="javascript:set('deny',<?= $group->id ?>,<?= $permission->id ?>,<?= $item->id ?>)">
+          <?= _("allowed") ?>
+        </a>
         <? elseif (!$allowed): ?>
-        <a href="#">denied</a>
+        <a href="javascript:set('allow',<?= $group->id ?>,<?= $permission->id ?>,<?= $item->id ?>)">
+          <?= _("denied") ?>
+        </a>
         <? endif ?>
       </td>
       <? endforeach ?>