/*
 * This file is a part of CMSLU -- Content Management System like Unix
 * and is not publicly distributed
 * 
 * Copyright (c) 2008-2009, Tomasz Sowa
 * All rights reserved.
 * 
 */
 
#include "content.h"
#include "../core/request.h"
#include "../core/error.h"
#include "../core/db.h"
#include "../core/data.h"


void Content::PostFunPriv(Item & item)
{
	try
	{
		std::string * user  = request.PostVar("user");
		std::string * group = request.PostVar("group");
		std::string * priv  = request.PostVar("privileges");

		if( !user || !group || !priv )
		{
			log << log3 << "Content: PostFunPriv: there is no some post variables" << logend;
			// some kind of error to report?
			// !! wstawic nowy kod bledu i rzucic wyjatek jego (usunac powyzszy wpis log takze)
			return;
		}

		long user_id   = data.users.GetUserId( *user );
		long group_id  = data.groups.GetGroupId( *group );
		int privileges = strtol( priv->c_str() , 0, 8);

		if( user_id==item.user_id && group_id==item.group_id && privileges==item.privileges )
		{
			log << log3 << "Content: PostFunPriv: nothing to change" << logend;
			throw Error(Error::ok);
		}

		if( !request.CanChangeUser(item, user_id) )
			throw Error(Error::cant_change_user);
		
		if( !request.CanChangeGroup(item, group_id) )
			throw Error(Error::cant_change_group);
	
		if( !request.CanChangePrivileges(item, privileges) )
			throw Error(Error::cant_change_privileges);

		item.user_id    = user_id;
		item.group_id   = group_id;
		item.privileges = privileges;

		request.session->done = Done::privileged_item;
		request.session->done_status = db.EditPrivById(item, item.id);
	}
	catch(const Error & e)
	{
		request.session->done_status = e;
	}

	if( request.session->done_status == Error::ok )
	{
		request.session->item = item;
		request.session->done_timer = 2;
		RedirectTo(item);
	}
	else
	{
		log << log1 << "Content: PostFunPriv: Error: " << static_cast<int>(request.session->done_status) << logend;	
	}
	
	request.status = request.session->done_status;	
}




void Content::PostFunPriv()
{
	if( request.is_item )
		PostFunPriv( request.item );
	else
		PostFunPriv( *request.dir_table.back() );
}



void Content::FunPriv()
{
	// we do not check permissions here
	// permissions depends on the user, group, and privileges
}