checkPermissions(); $userId = $_SESSION['id']; if ($_SESSION['users_admin']) { $userId = $user->agencyId; } else { $departmentClass = new Department; $departmentUser = $departmentClass->getDepartment($_SESSION['id']); if($departmentUser['role'] == 'manager_office'){ if($departmentUser['admin'] > 0){ $userId = $departmentUser['admin']; } } } $agentsOfAgency = User::getAllAgents($userId); $agentsOfManager = User::getAllManagers($userId, false); $found = false; foreach ($agentsOfAgency as $agent) { if ($agent['id'] == $_POST['userId']) { $found = true; } } if (!$found) { foreach ($agentsOfManager as $agent) { if ($agent['id'] == $_POST['userId']) { $found = true; } } } if (!$found) { foreach ($agentsOfManager as $agent) { if($agent['manager'] == 1){ $agentsOfAgency = User::getAllAgents($agent['id']); $agentsOfManager = User::getAllManagers($agent['id']); foreach ($agentsOfAgency as $agent1) { if ($agent1['id'] == $_POST['userId']) { $found = true; } } if (!$found) { foreach ($agentsOfManager as $agent1) { if ($agent1['id'] == $_POST['userId']) { $found = true; } } } } } } if ($found) { $userToDelete = new User; $userToDelete->get($_POST['userId']); User::deleteWithRebindClient($userId, $_POST['userId'], $_POST['newWhoWork'], $_POST['newWhoWorkObj'], $_POST['newWhoWorkReq'], $userToDelete->id_manager); echo "success"; } else { echo "error: Нельзя удалить чужого пользователя."; } }