From 9391223d0fb31b879eb44802e45b3dc6a76f599a Mon Sep 17 00:00:00 2001 From: Gustavo Martin Morcuende Date: Sun, 20 May 2012 23:51:27 +0200 Subject: [PATCH] Narrow down the chosen categories for the Ads. The ads may just choose categories related to one company. --- .../modules/ad/actions/actions.class.php | 61 ++++++++++++++++++++-- lib/form/doctrine/AdForm.class.php | 19 +++++++ 2 files changed, 76 insertions(+), 4 deletions(-) diff --git a/apps/companyfront/modules/ad/actions/actions.class.php b/apps/companyfront/modules/ad/actions/actions.class.php index dddc753..4c70479 100644 --- a/apps/companyfront/modules/ad/actions/actions.class.php +++ b/apps/companyfront/modules/ad/actions/actions.class.php @@ -63,14 +63,25 @@ class adActions extends sfActions public function executeNew(sfWebRequest $request) { - $this->form = new AdForm(); + //Get user Id + $userId = $this->getUser()->getGuardUser()->getId(); + + $this->form = new AdForm(null, array('company_user_id' => CompanyTable::getInstance()->findOneByUserId($userId)->getId())); } public function executeCreate(sfWebRequest $request) { $this->forward404Unless($request->isMethod(sfRequest::POST)); - $this->form = new AdForm(); + $adInit = new Ad(); + //Get user Id + $userId = $this->getUser()->getGuardUser()->getId(); + + //Get company owned by that user and insert value in form + $companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId(); + $adInit->company_id = $companyUserId; + + $this->form = new AdForm($adInit, array('company_user_id' => $companyUserId)); $this->processForm($request, $this->form); @@ -80,14 +91,42 @@ class adActions extends sfActions public function executeEdit(sfWebRequest $request) { $this->forward404Unless($ad = Doctrine_Core::getTable('Ad')->find(array($request->getParameter('id'))), sprintf('Object ad does not exist (%s).', $request->getParameter('id'))); - $this->form = new AdForm($ad); + + //Get user Id + $userId = $this->getUser()->getGuardUser()->getId(); + + //Get company owned by that user and insert value in form + $companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId(); + + //Get id number sent by the user (never trust the users) + $adId = $request->getParameter('id'); + + $companyId = AdTable::getInstance()->findOneById($adId)->getCompanyId(); + + $this->forward404Unless($companyId == $companyUserId, sprintf('Ad does not exist (%s).', $request->getParameter('id'))); + + $this->form = new AdForm($ad, array('company_user_id' => $companyUserId)); } public function executeUpdate(sfWebRequest $request) { $this->forward404Unless($request->isMethod(sfRequest::POST) || $request->isMethod(sfRequest::PUT)); $this->forward404Unless($ad = Doctrine_Core::getTable('Ad')->find(array($request->getParameter('id'))), sprintf('Object ad does not exist (%s).', $request->getParameter('id'))); - $this->form = new AdForm($ad); + + //Get user Id + $userId = $this->getUser()->getGuardUser()->getId(); + + //Get company owned by that user and insert value in form + $companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId(); + + //Get id number sent by the user (never trust the users) + $adId = $request->getParameter('id'); + + $companyId = AdTable::getInstance()->findOneById($adId)->getCompanyId(); + + $this->forward404Unless($companyId == $companyUserId, sprintf('Ad does not exist (%s).', $request->getParameter('id'))); + + $this->form = new AdForm($ad, array('company_user_id' => $companyUserId)); $this->processForm($request, $this->form); @@ -99,6 +138,20 @@ class adActions extends sfActions $request->checkCSRFProtection(); $this->forward404Unless($ad = Doctrine_Core::getTable('Ad')->find(array($request->getParameter('id'))), sprintf('Object ad does not exist (%s).', $request->getParameter('id'))); + + //Get user Id + $userId = $this->getUser()->getGuardUser()->getId(); + + //Get company owned by that user + $companyUserId = CompanyTable::getInstance()->findOneByUserId($userId)->getId(); + + //Get id number sent by the user (never trust the users) + $adId = $request->getParameter('id'); + + $companyId = AdTable::getInstance()->findOneById($adId)->getCompanyId(); + + $this->forward404Unless($companyId == $companyUserId, sprintf('Ad does not exist (%s).', $request->getParameter('id'))); + $ad->delete(); $this->redirect('ad/index'); diff --git a/lib/form/doctrine/AdForm.class.php b/lib/form/doctrine/AdForm.class.php index 53d3c48..7235442 100644 --- a/lib/form/doctrine/AdForm.class.php +++ b/lib/form/doctrine/AdForm.class.php @@ -16,6 +16,25 @@ class AdForm extends BaseAdForm { $this->useFields(array('company_categ_id', 'ad_mobile_image_link')); + //Narrow down the valid options for some field validators + $companyCategs = CompanyCategoryTable::getInstance()->getCompanyCategoriesByCompanyIdQuery($this->getOption('company_user_id')); + + //The default value is not good enough for us. We need narrow down the results. + $this->widgetSchema['company_categ_id'] = new sfWidgetFormDoctrineChoice(array('model' => $this->getModelName(), + 'add_empty' => true, + 'query' => $companyCategs)); + + $this->validatorSchema['company_categ_id'] = new sfValidatorDoctrineChoice(array('model' => $this->getModelName(), + 'required' => false, + 'query' => $companyCategs)); + + $this->widgetSchema->setLabels(array('company_categ_id' => 'Company Category')); + $this->widgetSchema->setLabels(array('ad_mobile_image_link' => "Picture on the user's mobile")); + + + //i18n (Internationalization) + $this->widgetSchema->getFormFormatter()->setTranslationCatalogue('ad_form'); + // Ad creation form $adDescription = new AdDescription(); $adDescription->Ad = $this->getObject(); -- 2.1.4