From 34372b86c5e98530f4142c3a5216574f0e1d12d6 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Wed, 31 Dec 2008 09:50:25 +0000
Subject: Ajaxify the permissions browsing dialog.  It only does allow/deny
 right now, it doesn't allow you to reset to inherited values.  That's next.

---
 core/controllers/permissions.php | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'core/controllers/permissions.php')

diff --git a/core/controllers/permissions.php b/core/controllers/permissions.php
index 67b75782..388fbfeb 100644
--- a/core/controllers/permissions.php
+++ b/core/controllers/permissions.php
@@ -45,6 +45,30 @@ class Permissions_Controller extends Controller {
     print $this->_get_form($item);
   }
 
+  function allow($group_id, $perm_id, $item_id) {
+    access::verify_csrf();
+    $group = ORM::factory("group", $group_id);
+    $perm = ORM::factory("permission", $perm_id);
+    $item = ORM::factory("item", $item_id);
+    access::required("edit", $item);
+
+    if ($group->loaded && $perm->loaded && $item->loaded) {
+      access::allow($group, $perm->name, $item);
+    }
+  }
+
+  function deny($group_id, $perm_id, $item_id) {
+    access::verify_csrf();
+    $group = ORM::factory("group", $group_id);
+    $perm = ORM::factory("permission", $perm_id);
+    $item = ORM::factory("item", $item_id);
+    access::required("edit", $item);
+
+    if ($group->loaded && $perm->loaded && $item->loaded) {
+      access::deny($group, $perm->name, $item);
+    }
+  }
+
   function _get_form($item) {
     $view = new View("permissions_form.html");
     $view->item = $item;
-- 
cgit v1.2.3