getModule(); $tabId = getTabId($moduleName); $privileges = Users_Privileges_Model::getCurrentUserPrivilegesModel(); if (!$privileges->hasModulePermission($tabId)) { throw new AppException('LBL_PERMISSION_DENIED'); } } public function process(Vtiger_Request $request) { $templateId = (int)$request->get('templateid'); $name = $request->get('name'); $moduleName = $request->get('module_name'); if ($templateId <= 0 || $name === null || $moduleName === null) { header('Location: index.php?module=OnlyOfficeTemplates&view=List&app=TOOLS'); return; } $adb = PearDatabase::getInstance(); $currentUser = Users_Record_Model::getCurrentUserModel(); $userId = $currentUser->getId(); $res = $adb->pquery("SELECT owner FROM vtiger_oot_templates WHERE id = ?", [$templateId]); if ($adb->num_rows($res) === 0) { header('Location: index.php?module=OnlyOfficeTemplates&view=List&app=TOOLS'); return; } $owner = (int)$adb->query_result($res, 0, 'owner'); if ($owner !== $userId) { $gr = $adb->pquery("SELECT 1 FROM vtiger_users2group WHERE userid = ? AND groupid = ?", [$userId, $owner]); if ($adb->num_rows($gr) === 0) { throw new AppException('LBL_PERMISSION_DENIED'); } } $adb->pquery("UPDATE vtiger_oot_templates SET name = ?, module = ? WHERE id = ?", [$name, $moduleName, $templateId]); $redirect = $request->get('redirect'); if ($redirect === 'Edit') { header('Location: index.php?module=OnlyOfficeTemplates&view=Edit&templateid=' . $templateId . '&app=TOOLS'); } else { header('Location: index.php?module=OnlyOfficeTemplates&view=List&app=TOOLS'); } } }