blob: 4f3c6d9c359068ef11c9e77aa2bc56c71d6d3bf1 [file] [log] [blame]
Copybara botbe50d492023-11-30 00:16:42 +01001<?php
Adrià Vilanova Martínez5af86512023-12-02 20:44:16 +01002/*
3 * hores
4 * Copyright (c) 2023 Adrià Vilanova Martínez
5 *
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
15 *
16 * You should have received a copy of the GNU Affero General Public
17 * License along with this program.
18 * If not, see http://www.gnu.org/licenses/.
19 */
20
Copybara botbe50d492023-11-30 00:16:42 +010021require_once("core.php");
22security::checkType(security::WORKER, security::METHOD_NOTFOUND);
23security::checkWorkerUIEnabled();
24
25$isAdmin = security::isAdminView();
26$defaultUrl = ($isAdmin ? "incidents.php" : "userincidents.php?id=".$_SESSION["id"]);
27
28if (!security::checkParams("POST", [
29 ["id", security::PARAM_ISINT],
30 ["type", security::PARAM_ISINT],
31 ["day", security::PARAM_ISDATE]
32])) {
33 security::go(visual::getContinueUrl($url, "unexpected", "POST"));
34}
35
36$id = (int)$_POST["id"];
37$type = (int)$_POST["type"];
38$day = $_POST["day"];
39
40$incident = incidents::get($id, true);
41if ($incident === false) security::go(visual::getContinueUrl($url, "unexpected", "POST"));
42
43$istatus = incidents::getStatus($incident);
44
45if (($isAdmin && in_array($istatus, incidents::$cannotEditStates)) || (!$isAdmin && !in_array($istatus, incidents::$workerCanEditStates))) security::notFound();
46if (!$isAdmin) incidents::checkIncidentIsFromPerson($incident["id"]);
47
48if (isset($_POST["allday"]) && $_POST["allday"] == 1) {
49 $begins = 0;
50 $ends = incidents::ENDOFDAY;
51} else {
52 if (!security::checkParams("POST", [
53 ["begins", security::PARAM_ISTIME],
54 ["ends", security::PARAM_ISTIME]
55 ])) {
56 security::go(visual::getContinueUrl($url, "empty", "POST"));
57 }
58
59 $begins = schedules::time2sec($_POST["begins"]);
60 $ends = schedules::time2sec($_POST["ends"]);
61}
62
63$status = incidents::edit($id, $type, $day, $begins, $ends);
64
65switch ($status) {
66 case 0:
67 security::go(visual::getContinueUrl($url, "modified", "POST"));
68 break;
69
70 case 2:
71 security::go(visual::getContinueUrl($url, "overlap", "POST"));
72 break;
73
74 case 3:
75 security::go(visual::getContinueUrl($url, "order", "POST"));
76 break;
77
78 default:
79 security::go(visual::getContinueUrl($url, "unexpected", "POST"));
80}