81 lines
2.2 KiB
PHP
81 lines
2.2 KiB
PHP
|
|
<?php
|
||
|
|
|
||
|
|
require_once($_SERVER['DOCUMENT_ROOT'] . "/config.php");
|
||
|
|
|
||
|
|
if ($_SESSION['id'] && isset($_POST['userId']) && is_numeric($_POST['userId'])) {
|
||
|
|
|
||
|
|
$user = new User();
|
||
|
|
|
||
|
|
$user->checkPermissions();
|
||
|
|
|
||
|
|
$userId = $_SESSION['id'];
|
||
|
|
|
||
|
|
if ($_SESSION['users_admin']) {
|
||
|
|
$userId = $user->agencyId;
|
||
|
|
} else {
|
||
|
|
$departmentClass = new Department;
|
||
|
|
$departmentUser = $departmentClass->getDepartment($_SESSION['id']);
|
||
|
|
|
||
|
|
if($departmentUser['role'] == 'manager_office'){
|
||
|
|
if($departmentUser['admin'] > 0){
|
||
|
|
$userId = $departmentUser['admin'];
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
$agentsOfAgency = User::getAllAgents($userId);
|
||
|
|
$agentsOfManager = User::getAllManagers($userId, false);
|
||
|
|
|
||
|
|
|
||
|
|
$found = false;
|
||
|
|
|
||
|
|
foreach ($agentsOfAgency as $agent) {
|
||
|
|
if ($agent['id'] == $_POST['userId']) {
|
||
|
|
$found = true;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
if (!$found) {
|
||
|
|
foreach ($agentsOfManager as $agent) {
|
||
|
|
if ($agent['id'] == $_POST['userId']) {
|
||
|
|
$found = true;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
if (!$found) {
|
||
|
|
foreach ($agentsOfManager as $agent) {
|
||
|
|
if($agent['manager'] == 1){
|
||
|
|
$agentsOfAgency = User::getAllAgents($agent['id']);
|
||
|
|
$agentsOfManager = User::getAllManagers($agent['id']);
|
||
|
|
foreach ($agentsOfAgency as $agent1) {
|
||
|
|
if ($agent1['id'] == $_POST['userId']) {
|
||
|
|
$found = true;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
if (!$found) {
|
||
|
|
foreach ($agentsOfManager as $agent1) {
|
||
|
|
if ($agent1['id'] == $_POST['userId']) {
|
||
|
|
$found = true;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
if ($found) {
|
||
|
|
|
||
|
|
$userToDelete = new User;
|
||
|
|
$userToDelete->get($_POST['userId']);
|
||
|
|
|
||
|
|
User::deleteWithRebindClient($userId, $_POST['userId'], $_POST['newWhoWork'], $_POST['newWhoWorkObj'], $_POST['newWhoWorkReq'], $userToDelete->id_manager);
|
||
|
|
echo "success";
|
||
|
|
} else {
|
||
|
|
echo "error: Нельзя удалить чужого пользователя.";
|
||
|
|
}
|
||
|
|
|
||
|
|
}
|