/** * 判断当前用户是否包含某个角色 * @author wjh 2014-9-13 * @param string $roleKey 关键字,如 agent_ ,provider_ ,provider_manager * @return bool 是否包含 */ public static function checkCurrentUserRole($roleKey, $userid = null) { if (empty($userid)) { $userid = BDataHelper::getCurrentUserid(); } $roles = Assignments::model()->findAllByAttributes(array('userid' => $userid)); $data = BArrayHelper::array_func($roles, function ($k, $v, $userdate = null) { return array($v->itemname); }, function ($k, $v, $userdata = null) use($roleKey) { $rolename = $v->itemname; return substr($rolename, 0, strlen($roleKey)) == $roleKey; }); return count($data); }
/** * Revokes roles from a user * @param int $userid The user's id * @param String $roles The roles to revoke */ private function _revokeUser($userid, $roles) { if ($userid) { $auth = Yii::app()->authManager; /* @var $auth CDbAuthManager */ foreach ($roles as $role) { if ($role == $this->module->superUser) { $count = Assignments::model()->count("itemname='" . $role . "'"); if ($count == 1) { return false; } } $auth->revoke($role, $userid); return true; } } }
/** * Check if authorizer is assigned to a user. * Until Authorizer is assigned to a user all users have access to srbac * administration. Also all users have access to srbac admin if srbac debug * attribute is true * @return true if authorizer is assigned to a user */ public static function isAuthorizer() { if (self::findModule('srbac')->debug) { return false; } $criteria = new CDbCriteria(); $criteria->condition = "itemname = '" . self::findModule('srbac')->superUser . "'"; $authorizer = Assignments::model()->find($criteria); if ($authorizer !== null) { return true; } return false; }
public function actionAssignRole($id) { // request must be made via ajax if (isset($_GET['ajax']) && isset($_GET['role'])) { $model = $this->loadModel($id); $auth = Yii::app()->authManager; $auth->assign($_GET['role'], $id, '', ''); $role = Assignments::model()->find("itemname='" . $_GET['role'] . "'"); $this->renderPartial('//includes/role_li', array('user' => $model, 'assignment' => $role), false, true); } else { throw new CHttpException(400, 'Invalid request.'); } }
<th width="50%"> <?php echo SHtml::label(Helper::translate('srbac', "Task"), 'task'); ?> </th> <td width="50%" rowspan="2"> <div id="operations"> <?php $this->renderPartial('tabViews/taskAjax', array('model' => $model, 'userid' => $userid, 'data' => $data, 'message' => $message)); ?> </div> </td> </tr> <tr valign="top"> <td><?php echo SHtml::activeDropDownList(Assignments::model(), 'itemname', SHtml::listData(AuthItem::model()->findAll($criteria), 'name', 'name'), array('size' => $this->module->listBoxNumberOfLines, 'class' => 'dropdown', 'ajax' => array('type' => 'POST', 'url' => array('getOpers'), 'update' => '#operations', 'beforeSend' => 'function(){ $("#loadMessTask").addClass("srbacLoading"); }', 'complete' => 'function(){ $("#loadMessTask").removeClass("srbacLoading"); }'))); ?> <div> <?php echo Helper::translate("srbac", "Clever Assigning"); ?> : <?php echo SHtml::checkBox("clever", Yii::app()->getGlobalState("cleverAssigning")); ?> </div> </td>
protected function afterDelete() { parent::afterDelete(); Assignments::model()->deleteAll("itemname='" . $this->name . "'"); ItemChildren::model()->deleteAll("parent='" . $this->name . "'"); ItemChildren::model()->deleteAll("child='" . $this->name . "'"); }