public function init()
{
$resources_table = new Admin_Model_Resources();
foreach ($resources_table->getAll() as $resource) {
// select permissions for this resource for current role_id, but only where action != ''
$permissions = new Admin_Model_Permissions();
$all_permissions = $permissions->getByRoleAndResourceSpecial($this->getRoleid(), $resource->id);
// Set allowed and denied value for text fild
$allowed = $denied = '';
foreach ($all_permissions as $perm) {
if ($perm->is_allowed == 't') {
$allowed .= $perm->action . ';';
} else {
$denied .= $perm->action . ';';
}
}
$allowed = trim($allowed, ';');
$denied = trim($denied, ';');
//Set elements
$parent = new Zend_Form_Element_Select((string) $resource->id);
$parent->setLabel('Resource ')->addMultiOption((string) $resource->id, $resource->name)->setAttrib('disabled', 'disabled');
$allow = new Zend_Form_Element_Text($resource->id . '_allow');
$allow->setLabel('Allow ')->setValue($allowed);
$deny = new Zend_Form_Element_Text($resource->id . '_deny');
$deny->setLabel('Deny ')->setValue($denied);
$this->addElement($parent);
$this->addElement($allow);
$this->addElement($deny);
}
$submit = new Zend_Form_Element_Submit('save');
$submit->setAttrib('class', 'btn btn-primary');
$submit->setLabel('Confirm');
$this->setAction('')->setMethod('post')->addElement($submit);
}
public function init()
{
$menu_items_model = new Admin_Model_MenuItems();
$name = new Zend_Form_Element_Text('name');
$name->setLabel('Usergroup name')->setRequired(true)->setAttrib("class", "form-control")->setAttrib("style", "width:200px");
$menu_items = new Zend_Form_Element_Multiselect('admin_menu_item_id');
$menu_items->addValidator(new Zend_Validate_Digits(), true);
$menu_items->setLabel('Menu Items: ');
$menu_items->setAttrib("class", "select2");
$menu_items->setAttrib("data-placeholder", "Choose...");
$menu_items->setAttrib("style", "width:200px");
$menu_items->addMultiOptions($menu_items_model->getForDropDown());
$permit = new Zend_Form_Element_MultiCheckbox('permit');
$permit->setLabel('Available resources ');
$resources_table = new Admin_Model_Resources();
foreach ($resources_table->getAll() as $resource) {
$permit->addMultiOption((string) $resource->id, ' ' . $resource->name);
}
$cancel = new Zend_Form_Element_Button('cancel');
$cancel->setLabel('Cancel');
$cancel->setAttrib('class', 'btn btn-gold')->setAttrib('style', 'color:black');
$cancel->setAttrib("onClick", "window.location = window.location.origin+'/admin/admin-usersgroups/'");
$submit = new Zend_Form_Element_Submit('save');
$submit->setAttrib('class', 'btn btn-primary');
$submit->setLabel('Confirm');
$this->setAction('')->setMethod('post')->addElement($name)->addElement($menu_items)->addElement($permit)->addElement($cancel)->addElement($submit);
}
/**
* ACL Access Check in preDispatch method
*
* @param Zend_Controller_Request_Abstract $request
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
if (!$this->_auth->hasIdentity()) {
$request->setModuleName('admin');
$request->setControllerName('auth');
$request->setActionName('login');
return;
}
// What is user(role) loged in
$role = $this->_auth->getIdentity()->role_id;
// What is the current Resource
$resource_table = new Admin_Model_Resources();
$resource_name = $request->getModuleName() . ':' . $request->getControllerName();
$resource = $resource_table->getByName(strtolower($resource_name));
$resource_id = isset($resource->id) ? $resource->id : null;
// Get current privilage ( == action )
$action = strtolower($request->getActionName());
if (!$this->_acl->hasRole($role)) {
throw new Exception("Role not found in Database.", 404);
} elseif (!$this->_acl->hasResource($resource_id)) {
throw new Exception("Resource not found in Database.", 404);
} elseif (!$this->_acl->isAllowed($role, $resource_id, $action)) {
throw new Exception("You dont have permission for this page.", 404);
}
}
private function _initResources()
{
$resources_table = new Admin_Model_Resources();
$resources = $resources_table->getAll();
foreach ($resources as $resource) {
$this->acl->addResource(new Zend_Acl_Resource($resource->id));
}
}
