public function authenticate()
{
if (isset($this->key)) {
$record = Users::model()->findByAttributes(array('key' => $this->key));
} else {
$record = Users::model()->findByAttributes(array('email' => $this->email));
}
$status = false;
if ($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (isset($this->password) && $record->password !== md5($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $record->id;
$this->user = $record;
$this->setState('email', $record->email);
// $this->setState('name', $record->username);
$this->setState('id', $record->id);
// $this->setState('key', $record->key);
$auth = Yii::app()->authManager;
$data = AuthAssignment::model()->find('userid=:userid', array(':userid' => $record->id));
$this->setState('role', $data->itemname);
//echo Yii::app()->user->role;exit();
$this->errorCode = self::ERROR_NONE;
$status = true;
}
}
return $status;
}
/**
* Update permission
*/
public function actionUpdate($id)
{
// Check Access
checkAccessThrowException('op_permission_update');
$model = AuthItem::model()->findByPk($id);
if ($model) {
if (isset($_POST['AuthItem'])) {
$old_name = $model->name;
$model->setAttributes($_POST['AuthItem']);
if ($model->save()) {
// Update parent name and child name in the auth child table
AuthItemChild::model()->updateAll(array('parent' => $model->name), 'parent=:name', array(':name' => $old_name));
AuthItemChild::model()->updateAll(array('child' => $model->name), 'child=:name', array(':name' => $old_name));
AuthAssignment::model()->updateAll(array('bizrule' => $model->bizrule, 'data' => $model->data, 'itemname' => $model->name), 'itemname=:name', array(':name' => $old_name));
User::model()->updateAll(array('role' => $model->name), 'role=:name', array(':name' => $old_name));
fok(at('Permission Updated!'));
// Log Message
alog(at("Updated permission: '{name}'.", array('{name}' => $model->name)));
$this->redirect(array('index'));
}
}
// Add Breadcrumb
$this->addBreadCrumb(at('Update Permission'));
$this->title[] = at('Update Permission');
$this->render('form', array('model' => $model));
} else {
throw new CHttpException(404, at('Sorry, That record was not found.'));
}
}
public function renderAssignedItem($data)
{
$string = '';
$assignedList = AuthAssignment::model()->assignedList($data->id);
//<span class="label">Regular Label</span>
foreach ($assignedList as $item) {
$string .= '<span class="secondary label">' . $item['itemname'] . '</span><span class="label">' . $item['typename'] . '</span><br />';
}
return $string;
}
function getRole()
{
if ($oUser = $this->getModel()) {
$oAuthAssignment = AuthAssignment::model()->findByattributes(array('userid' => $oUser->id));
if ($oAuthAssignment) {
return $oAuthAssignment->itemname;
}
}
return false;
}
public static function updateUserRole($user_id, $role)
{
$assignment = AuthAssignment::model()->findByAttributes(array('userid' => $user_id));
if (!$assignment) {
$assignment = new AuthAssignment();
$assignment->userid = $user_id;
}
$assignment->itemname = $role;
$assignment->save();
}
public function actionFindUser($group, $term)
{
$dataProvider = new CActiveDataProvider('User', array('criteria' => array('select' => array('id', 'email')), 'pagination' => array('pageSize' => 500)));
$criteria = $dataProvider->getCriteria();
$criteria->compare('email', $term, true);
$result = CHtml::listData($dataProvider->getData(), 'id', 'email');
$members = Yii::app()->db->createCommand()->select('userid')->from(AuthAssignment::model()->tableName())->where('itemname=:group', array(':group' => $group))->queryColumn();
echo CJSON::encode(array_diff_key($result, array_flip($members)));
Yii::app()->end();
}
protected function loadUser($id = null)
{
if ($this->_model === null) {
if ($id !== null) {
$this->_model = User::model()->findByPk($id);
$this->userRoles = AuthAssignment::model()->findAll("userid=:usrId", array(':usrId' => $this->_model->nick));
}
}
return $this->_model;
}
/**
* This is the default 'index' action that is invoked
* when an action is not explicitly requested by users.
*/
public function actionIndex()
{
if (!$this->allowIp(CHttpRequest::getUserHostAddress())) {
throw new CHttpException(403, 'Akses ditolak - Anda tidak memiliki izin untuk mengakses halaman ini!');
}
if (Yii::app()->user->isGuest) {
$this->redirect($this->createUrl('/app/login'));
} else {
$roles = AuthAssignment::model()->assignedList(Yii::app()->user->id);
$this->render('index', array('roles' => $roles));
}
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
// find user record by email address (username)
$UserLogin = UserLogin::model()->findByAttributes(array('LoginEmail' => $this->username, 'IsActive' => 1));
if ($UserLogin === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($UserLogin->UserPassword !== md5($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->errorCode = self::ERROR_NONE;
// set user login ID
$this->userLoginID = $UserLogin->UserLoginID;
// assign user role in auth manager
$userRole = UserRole::model()->findByPk($UserLogin->UserRoleID)->RoleType;
$currentRoles = Yii::app()->authManager->getRoles($this->userLoginID);
if (!array_key_exists($userRole, $currentRoles)) {
// remove old role if role changes
if (!empty($currentRoles)) {
AuthAssignment::model()->deleteAll('userid = :userid', array('userid' => $this->userLoginID));
}
Yii::app()->authManager->assign($userRole, $this->userLoginID);
Yii::app()->authManager->save();
}
// UserProfile
//$UserProfile = UserProfile::model()->findByAttributes(array('UserLoginID'=>$UserLogin->UserLoginID));
$UserProfile = UserProfile::model()->with('companies')->findByAttributes(array('UserLoginID' => $UserLogin->UserLoginID));
// echo '<pre>';
// print_r($UserProfile);
// die();
// create session variables
$this->setState('fullName', sprintf('%s %s', $UserProfile->FirstName, $UserProfile->LastName));
// full user name
$this->setState('companyID', $UserProfile->CompanyID);
// user email
$this->setState('userProfileID', $UserProfile->UserProfileID);
// user email
$this->setState('email', $UserLogin->LoginEmail);
// user email
$this->setState('companyName', $UserProfile->companies->CompanyName);
// user email
$this->setState('agreeToTerms', $UserProfile->AgreeToTerms);
// user email
$this->setState('isFacilitator', $UserProfile->IsFacilitator);
// user email
$this->setState('UserRoleID', $UserLogin->UserRoleID);
// user email
}
}
return !$this->errorCode;
}
public function SaveRole($iduser, $role)
{
$transaction = Yii::app()->db->getCurrentTransaction();
if ($transaction !== null) {
$transaction = null;
} else {
$transaction = Yii::app()->db->beginTransaction();
}
try {
//del all Authorized with userid=$iduser
AuthAssignment::model()->deleteAll('userid=:iduser', array(':iduser' => $iduser));
//add role to table auth_item
$role = strtolower($role);
if (!Yii::app()->AuthManager->getAuthItem(strtolower($role))) {
Yii::app()->AuthManager->createRole(strtolower($role));
}
//add to table auth_assignment with userid=$iduser
Yii::app()->authManager->assign(strtolower($role), $iduser);
if ($role != 'super user') {
//chỉ thêm các operation khi không phải là super user
foreach ($this->publicRolesArray[$role] as $Cotroller) {
$listAction = Yii::app()->metadata->getActions($Cotroller . 'Controller', 'backend');
foreach ($listAction as $action) {
$name = strtolower($Cotroller . '.' . $action);
//exe: post.create
//If the name does not exist, then add it
if (!Yii::app()->AuthManager->getAuthItem($name)) {
Yii::app()->AuthManager->createOperation($name, $Cotroller . ' ' . $action);
}
//add to table auth_assignment
Yii::app()->AuthManager->assign($name, $iduser);
Yii::app()->AuthManager->save();
}
}
}
if ($transaction !== null) {
$transaction->commit();
}
return true;
} catch (Exception $e) {
if ($transaction !== null) {
$transaction->rollback();
}
}
return FALSE;
}
/**
* Загрузка данных из бд и распределение их по спискам
*/
private function getData()
{
$userAssign = CHtml::listData(AuthAssignment::model()->findAllByAttributes(['userid' => $this->user->id]), 'itemname', 'userid');
$authItems = AuthItem::model()->findAll(['order' => 'type DESC, description ASC']);
foreach ((array) $authItems as $item) {
$this->itemsGroupedByTypes[$item->type][$item->name] = $item;
$this->itemsList[$item->name] = $item;
// если проверять каждый элемент, то генерируется огромное количество запросов, но получается правильное дерево с отмеченными дочерними элементами
// созможно стоит при сохранении ролей что-то придумать
$this->permissionList[$item->name] = isset($userAssign[$item->name]);
//Yii::app()->authManager->checkAccess($item->name, $this->user->id);
}
$authItemsChild = AuthItemChild::model()->findAll();
foreach ((array) $authItemsChild as $item) {
$this->hierarchy[$item->parent][] = $item->child;
$this->wereChildren[] = $item->child;
}
}
/**
* Updates a particular model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id the ID of the model to be updated
*/
public function actionUpdate($id)
{
$model = $this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if (isset($_POST['User'])) {
$model->attributes = $_POST['User'];
if ($model->save()) {
$authAsign = AuthAssignment::model()->findByAttributes(array('userid' => $model->nick));
$authAsign->itemname = $model->role;
if ($authAsign->save()) {
$this->audit->logAudit(Yii::app()->user->id, new DateTime(), Constants::AUDITORIA_OBJETO_USUARIO, Constants::AUDITORIA_OPERACION_MODIFICACION, $model->nick);
$this->render('/site/successfullOperation', array('header' => 'Usuario modificado con éxito', 'message' => 'Haga click en volver para regresar a la gestión de usuarios', 'returnUrl' => Yii::app()->createUrl('user/admin'), 'viewUrl' => Yii::app()->createUrl("user/view", array("id" => $model->nick))));
return;
}
}
}
$this->render('update', array('model' => $model));
}
public function run($args)
{
$companies = Company::model()->findAll('frozen=:p', array(':p' => '0'));
foreach ($companies as $company) {
Company::setActive($company);
Yii::app()->language = Company::getLanguage();
User::model()->refreshMetaData();
AuthAssignment::model()->refreshMetaData();
ProfileField::model()->refreshMetaData();
Profile::model()->refreshMetaData();
Zakaz::model()->refreshMetaData();
ZakazParts::model()->refreshMetaData();
Events::model()->refreshMetaData();
Templates::model()->refreshMetaData();
Emails::model()->refreshMetaData();
self::executor();
self::manager();
self::send_deffered_emails();
}
}
/**
* This is the default 'index' action that is invoked
* when an action is not explicitly requested by users.
*/
public function actionIndex()
{
$this->layout = '//layouts/box';
$homeShowNpls = true;
$rekapAds = null;
if ($homeShowNpls) {
$tabelRekapAds = Yii::app()->db->schema->getTable('rekap_ads');
if (!is_null($tabelRekapAds)) {
$rekapAds = new RekapAds('search');
$rekapAds->unsetAttributes();
/* Tampilkan yang sisa hari < 7 hari */
$rekapAds->setAttribute('sisa_hari', '< 7');
}
}
if (Yii::app()->user->isGuest) {
$this->redirect($this->createUrl('/app/login'));
} else {
$roles = AuthAssignment::model()->assignedList(Yii::app()->user->id);
$this->render('index', array('roles' => $roles, 'rekapAds' => $rekapAds));
}
}
public function actionAssign($id = null)
{
$user = User::model()->findByPk((int) $id);
if (!$user) {
$this->redirect(['userList']);
}
if (Yii::app()->getRequest()->isPostRequest) {
/* получение названий ролей, которые есть в базе */
$existingRoles = Yii::app()->db->createCommand('SELECT name FROM {{user_user_auth_item}}')->queryColumn();
$transaction = Yii::app()->db->beginTransaction();
try {
AuthAssignment::model()->deleteAll('userid = :userid', [':userid' => (int) $user->id]);
// убираем дубликаты и несуществующие роли
$roles = array_intersect(array_unique((array) Yii::app()->getRequest()->getPost('AuthItem')), $existingRoles);
foreach ($roles as $op) {
$model = new AuthAssignment();
$model->setAttributes(['userid' => $user->id, 'itemname' => $op]);
if (!$model->save()) {
throw new CDbException(Yii::t('RbacModule.rbac', 'There is an error occurred when saving data!'));
}
}
$transaction->commit();
Yii::app()->getUser()->setFlash(yupe\widgets\YFlashMessages::SUCCESS_MESSAGE, Yii::t('RbacModule.rbac', 'Data was updated!'));
/*сброс кэша меню*/
Yii::app()->getCache()->delete('YAdminPanel::' . $id . '::' . Yii::app()->getLanguage());
/*сброс кеша прав*/
Yii::app()->getCache()->delete(Yii::app()->getUser()->rbacCacheNameSpace . $id);
$this->redirect(['assign', 'id' => $user->id]);
} catch (Exception $e) {
Yii::app()->getUser()->setFlash(yupe\widgets\YFlashMessages::ERROR_MESSAGE, $e->getMessage());
$transaction->rollback();
}
}
$rbacTree = new RbacTree($user);
$tree = $rbacTree->getTreeRoles();
$this->render('assign', ['tree' => $tree, 'model' => $user]);
}
public function actionNewgroup()
{
$this->module->registerConfig($this->getAction()->getId());
$cs = $this->module->getClientScript();
$cs->registerScriptFile($this->module->getAssetsUrl() . '/js/compose.js');
$cs->registerScriptFile($this->module->getAssetsUrl() . '/js/jquery.combobox.contacts.js');
$js = '$(".mailbox-compose").yiiMailboxCompose(' . $this->module->getOptions() . ");";
$cs->registerScript('mailbox-js', $js, CClientScript::POS_READY);
if (!$this->module->authManager && (!$this->module->sendMsgs || $this->module->readOnly && !$this->module->isAdmin())) {
$this->redirect(array('message/inbox'));
}
if (isset($_POST['Mailbox']['to']) and $_POST['Mailbox']['to'] != NULL) {
$users = AuthAssignment::model()->findAllByAttributes(array('itemname' => $_POST['Mailbox']['to']));
if ($users != NULL) {
foreach ($users as $user) {
$t = time();
$conv = new Mailbox();
$conv->subject = $_POST['Mailbox']['subject'] ? $_POST['Mailbox']['subject'] : $this->module->defaultSubject;
$conv->to = $user->userid;
$conv->initiator_id = $this->module->getUserId();
$conv->interlocutor_id = $user->userid;
if ($conv->interlocutor_id && $conv->initiator_id == $conv->interlocutor_id) {
$conv->addError('to', "Can't send message to self!");
}
if (!$this->module->isAdmin() && $conv->interlocutor_id == $this->module->newsUserId) {
$conv->addError('to', "User not found?");
}
// check user-to-user perms
if (!$conv->hasErrors() && !$this->module->userToUser && !$this->module->isAdmin()) {
if (!$this->module->isAdmin($conv->to)) {
$conv->addError('to', "Invalid user!");
}
}
$conv->modified = $t;
$conv->bm_read = Mailbox::INITIATOR_FLAG;
if ($this->module->isAdmin()) {
$msg = new Message('admin');
} else {
$msg = new Message('user');
}
$msg->text = $_POST['Message']['text'];
$validate = $conv->validate(array('text'), false);
// html purify
$msg->created = $t;
$msg->sender_id = $conv->initiator_id;
$msg->recipient_id = $conv->interlocutor_id;
if ($this->module->checksums) {
$msg->crc64 = Message::crc64($msg->text);
// 64bit INT
} else {
$msg->crc64 = 0;
}
// Validate
$validate = $conv->validate(null, false);
// don't clear errors
$validate = $msg->validate() && $validate;
if ($validate) {
$conv->save();
$msg->conversation_id = $conv->conversation_id;
$msg->save();
}
Yii::app()->user->setFlash('success', "Message has been sent!");
}
$this->redirect(array('message/inbox'));
} else {
Yii::app()->user->setFlash('error', "Error sending message!");
Yii::app()->user->setFlash('success', "Check Sent Mail");
}
} else {
$conv = new Mailbox();
if (isset($_GET['id'])) {
$conv->to = $this->module->getUserName($_GET['id']);
} elseif (isset($_GET['to'])) {
$conv->to = $_GET['to'];
} else {
$conv->to = '';
}
$msg = new Message();
}
$this->render('composetogroup', array('conv' => $conv, 'msg' => $msg));
}
/**
* Deletes a particular model.
* If deletion is successful, the browser will be redirected to the 'index' page.
*/
public function actionDelete()
{
if (Yii::app()->request->isPostRequest) {
// we only allow deletion via POST request
$model = $this->loadModel();
$profile = Profile::model()->findByPk($model->id);
$AuthAssignment = AuthAssignment::model()->findByAttributes(array('userid' => $model->id));
if ($AuthAssignment) {
$AuthAssignment->delete();
}
if ($profile) {
$profile->delete();
}
$model->delete();
// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
if (!isset($_POST['ajax'])) {
$this->redirect(array('/user/admin'));
}
} else {
throw new CHttpException(400, 'Invalid request. Please do not repeat this request again.');
}
}
public function actionAssign($id)
{
$user = Users::model()->findByPk((int) $id);
if (!$user) {
throw new CHttpException(404);
}
$items = AuthItem::model()->findAll(array('order' => 'type DESC'));
$itemsData = CHtml::listData(AuthItemChild::model()->findAll(), 'child', 'parent');
if (Yii::app()->request->isPostRequest && count($_POST)) {
$itemsArray = CHtml::listData($items, 'name', 'description');
$transaction = Yii::app()->db->beginTransaction();
try {
if (count($_POST)) {
AuthAssignment::model()->deleteAll('userid = :userid', array(':userid' => (int) $user->id));
foreach ($_POST as $op => $val) {
if (!isset($itemsArray[$op])) {
continue;
}
$model = new AuthAssignment();
$model->setAttributes(array('userid' => $user->id, 'itemname' => $op));
if (!$model->save()) {
throw new CDbException('При сохранении произошла ошибка!');
}
}
}
$transaction->commit();
Yii::app()->user->setFlash('notice', 'Данные обновлены!');
$this->redirect(array('assign', 'id' => $user->id));
} catch (Exception $e) {
Yii::app()->user->setFlash('error', $e->getMessage());
$transaction->rollback();
}
}
//построить дерево
$tree = array();
foreach ($items as $item) {
if ($item->type === AuthItem::TYPE_ROLE && !isset($tree[$item->name])) {
$tree[$item->name] = array('text' => CHtml::checkBox($item->name, Yii::app()->user->checkAccess($item->name, $user->id), array('name' => 'operations', 'class' => 'root')) . $item->description . " ({$item->getType()})");
}
if ($item->type === AuthItem::TYPE_TASK) {
// проверить есть ли для нее родитель
if (isset($itemsData[$item->name]) && $itemsData[$item->name]) {
$tree[$itemsData[$item->name]]['children'][$item->name] = array('text' => CHtml::checkBox($item->name, Yii::app()->user->checkAccess($item->name, $user->id), array('name' => 'operations', 'class' => 'root')) . $item->description . " ({$item->getType()})");
} else {
$tree[$item->name] = array('text' => CHtml::checkBox($item->name, Yii::app()->user->checkAccess($item->name, $user->id), array('name' => 'operations')) . $item->description . " ({$item->getType()})");
}
}
if ($item->type == AuthItem::TYPE_OPERATION) {
if (isset($itemsData[$item->name]) && $itemsData[$item->name]) {
// задача по своей сути
$parent = $itemsData[$item->name];
if (isset($itemsData[$parent]) && $itemsData[$parent]) {
$tree[$itemsData[$parent]]['children'][$itemsData[$item->name]]['children'][$item->name] = array('text' => CHtml::checkBox($item->name, Yii::app()->user->checkAccess($item->name, $user->id), array('name' => 'operations')) . $item->description . " ({$item->getType()})");
} else {
$tree[$itemsData[$item->name]]['children'][$item->name] = array('text' => CHtml::checkBox($item->name, Yii::app()->user->checkAccess($item->name, $user->id), array('name' => 'operations')) . $item->description . " ({$item->getType()})");
}
} else {
$tree[$item->name] = array('text' => CHtml::checkBox($item->name, Yii::app()->user->checkAccess($item->name, $user->id), array('name' => 'operations')) . $item->description . " ({$item->getType()})");
}
}
}
$this->render('assign', array('tree' => $tree, 'model' => $user));
}
public function afterDelete()
{
AuthAssignment::model()->deleteAll('userid=' . $this->id);
return parent::afterDelete();
}
/**
* Manages all models.
*/
public function actionTransferemployee()
{
$model=new EmployeeTransaction('transferemployee');
$info=new EmployeeInfo;
$user =new User;
$photo =new EmployeePhotos;
$address=new EmployeeAddress;
$lang=new LanguagesKnown;
$ass_comp = new assignCompanyUserTable;
$auth_assign = new AuthAssignment;
$this->performAjaxValidation(array($info,$model,$user));
if(!empty($_POST['user_id1']))
{
$model->attributes=$_POST['EmployeeTransaction'];
$info->attributes=$_POST['EmployeeInfo'];
$trans_id = $_POST['user_id1'];
$old_model = EmployeeTransaction::model()->resetScope()->findByPk($trans_id);
$old_info = EmployeeInfo::model()->findByPk($old_model->employee_transaction_employee_id);
$old_info->transfer_left_remarks= $_POST['EmployeeTransaction']['transfer_left_remarks'];
$old_info->employee_left_transfer_date = new CDbExpression('NOW()');
$old_info->save(false);
$old_model->employee_status = 1;
$old_model->save();
$user = User::model()->findByPk($old_model->employee_transaction_user_id);
$user->user_created_by = Yii::app()->user->id;
$user->user_creation_date = new CDbExpression('NOW()');
$user->user_organization_id = $_POST['EmployeeTransaction']['employee_transaction_organization_id'];
if($user->save())
{
$org_data = Organization::model()->findByPk($_POST['EmployeeTransaction']['employee_transaction_organization_id']);
$org_name = $org_data->organization_name;
$org_arr = explode(' ',$org_name);
$bizrule = 'return Yii::app()->user->getState("org_id")=='.$_POST['EmployeeTransaction']['employee_transaction_organization_id'].";";
$var_data = serialize($_POST['EmployeeTransaction']['employee_transaction_organization_id']);
$suffix_lab = '';
foreach($org_arr as $list)
$suffix_lab .= $list[0];
$auth_assign->itemname = 'Employee of '.$suffix_lab;
$check = AuthAssignment::model()->findByAttributes(array('itemname'=>$auth_assign->itemname,'userid' => $user->user_id,'data' =>$var_data));
if(empty($check)){
$auth_assign->userid = $user->user_id;
$auth_assign->bizrule = $bizrule;
$auth_assign->data = $var_data;
$auth_assign->save();
}
$ass_comp->assign_user_id = $user->user_id;
$ass_comp->assign_role_id = 3;
$ass_comp->assign_org_id = $_POST['EmployeeTransaction']['employee_transaction_organization_id'];
$ass_comp->assign_created_by = Yii::app()->user->id;
$ass_comp->assign_creation_date = new CDbExpression('NOW()');
$ass_comp->save();
$info = $old_info;
$info->employee_joining_date = new CDbExpression('NOW()');
$info->employee_type = $_POST['EmployeeInfo']['employee_type'];
$info->employee_attendance_card_id = '';
$info->employee_created_by = Yii::app()->user->id;
$info->employee_creation_date = new CDbExpression('NOW()');
$info->employee_left_transfer_date = NULL;
$info->employee_id = null;
$info->setIsNewRecord(true);
$info->save(false);
$model = $old_model;
$model->employee_transaction_id = null;
$model->setIsNewRecord(true);
$model->employee_transaction_user_id = $user->user_id;
$model->employee_transaction_employee_id = $info->employee_id;
$model->employee_transaction_shift_id = $_POST['EmployeeTransaction']['employee_transaction_shift_id'];
$model->employee_transaction_designation_id = $_POST['EmployeeTransaction']['employee_transaction_designation_id'];
$model->employee_transaction_department_id = $_POST['EmployeeTransaction']['employee_transaction_department_id'];
$model->employee_transaction_organization_id = $_POST['EmployeeTransaction']['employee_transaction_organization_id'];
$model->employee_status = 0;
$model->save(false);
EmployeeInfo::model()->updateByPk($model->employee_transaction_employee_id, array('employee_info_transaction_id'=>$model->employee_transaction_id));
Yii::app()->user->setFlash('success',"Transfer of ".$info->employee_first_name.' to '.$org_name.' successfully.!');
$this->redirect(array('employeeTransaction/admin'));
}
}
$this->render('transfer_employee',array(
'model'=>$model,'info'=>$info,'user'=>$user,
));
}
public function actionDeleteMember($id)
{
if (!Yii::app()->user->checkAccess('Admin')) {
throw new CHttpException(403, 'You are not authorized to perform this action.');
}
$member = Member::model()->findByPk($id);
$account = Account::model()->find(array('condition' => 'id=' . $member->account_id));
$auth = AuthAssignment::model()->find(array('condition' => 'userid=' . $member->account_id));
if ($member->delete() && $account->delete() && $auth->delete()) {
$this->redirect(array('member'));
}
}
/**
* @desc eject assignment or edit assignment data
*/
public function actionEdit()
{
$colUsername = Yii::app()->controller->module->columnUsername;
$colUserid = Yii::app()->controller->module->columnUserid;
$this->checkAccess('RbacAssignmentViewer', true);
if (isset($_GET['userid'])) {
if (in_array($_GET['userid'], $this->protectedUsers)) {
$this->messageWarnings[] = "Warning! User is protected by Controller";
}
if ($this->editUser = User::model()->findByAttributes(array($colUserid => $_GET['userid']))) {
$this->assignments = AuthAssignment::model()->findAllByAttributes(array('userid' => $this->editUser->{$colUserid}));
$this->_getSearchFields();
$this->doRender('edit', array('user' => $this->editUser, 'assignments' => $this->assignments, 'getVars' => $this->getGetVars()));
} else {
throw new CHttpException("Selected User " . CHtml::encode($_GET['username']) . " does not exist");
}
} elseif (isset($_POST['userid']) && isset($_POST['assignments']) && is_array($_POST['assignments'])) {
$this->checkAccess('RbacAssignmentEditor', true);
if (in_array($_POST['userid'], $this->protectedUsers)) {
$this->messageErrors[] = "Sorry, User is protected by Controller";
$this->actionIndex();
}
if ($this->editUser = User::model()->findByAttributes(array($colUserid => $_POST['userid']))) {
foreach ($_POST['assignments'] as $itemName => $values) {
$modelAssign = AuthAssignment::model()->findByAttributes(array('itemname' => $itemName, 'userid' => $this->editUser->{$colUserid}));
$modelAssign->attributes = array('bizrule' => $values['bizrule'], 'data' => $values['data']);
if ($modelAssign->validate()) {
$modelAssign->save();
$this->messageSuccess[] = "Assignment {$itemName} successfull updated.";
}
}
$this->_getSearchFields();
$this->doRender('edit', array('user' => $this->editUser, 'assignments' => $this->assignments = AuthAssignment::model()->findAllByAttributes(array('userid' => $this->editUser->{$colUserid})), 'getVars' => $this->getGetVars()));
Yii::app()->end();
} else {
throw new CHttpException("User " . CHtml::encode($_POST['username']) . " does not exist");
}
} else {
throw new CHttpException("Not enougth Data for Edit Assignments found");
}
}
protected function getAssigned($name)
{
return AuthAssignment::model()->findAll('itemname=:name', array(':name' => $name), array('order' => 'userid'));
}
/**
*
* @desc
* @param unknown_type $model
* @param unknown_type $attributes
* @param unknown_type $oldName
*/
private function _updateItem($attributes, $oldName)
{
if (in_array($oldName, $this->protectedItems) || in_array($attributes['name'], $this->protectedItems)) {
$this->messageErrors[] = "Sorry, Item is protected by Controller";
$this->actionIndex();
}
if (!($item = AuthItem::model()->findByAttributes(array('name' => $oldName)))) {
$this->messageErrors[] = "Edit Error: Update Item does not exist";
$this->actionIndex();
}
if ($attributes['type'] == 0 && $item->type > 0) {
if (count(AuthItemChild::model()->findAllByAttributes(array('parent' => $oldName)))) {
$this->messageErrors[] = "Type <i>Action</i> can't have Childs.<br/>Please eject Childs from <i>{$oldName}</i> before switch type to <i>Operation</i>";
$this->editItem = $item;
$this->actionIndex();
}
}
if ($attributes['name'] != $oldName) {
if (AuthItem::model()->findByAttributes(array('name' => $attributes['name']))) {
$this->messageErrors[] = "Create Error: New Item <i>{$_POST['editItem']['name']}</i> already exists";
//
return;
}
$item->attributes = $attributes;
$item->save();
// update RBAC-Tree AuthItemChild bindings in parent
$newName = $attributes['name'];
$treeItems = AuthItemChild::model()->findAllByAttributes(array('parent' => $oldName));
foreach ($treeItems as $treeItem) {
$treeItem->parent = $newName;
$treeItem->save();
}
// update RBAC-Tree AuthItemChild bindings in child
$treeItems = AuthItemChild::model()->findAllByAttributes(array('child' => $oldName));
foreach ($treeItems as $treeItem) {
$treeItem->child = $newName;
$treeItem->save();
}
// update AuthAssignment bindings in itemname
$assignments = AuthAssignment::model()->findAllByAttributes(array('itemname' => $oldName));
foreach ($assignments as $assignment) {
$assignment->itemname = $newName;
$assignment->save();
}
} else {
// simple update if primary key is same
$item->attributes = $attributes;
$item->save();
}
$this->messageSuccess[] = "Item " . (!isset($newName) ? $oldName : $newName) . " successfull updated.";
}
/**
* Delete information of the User with Afer Delete
*/
protected function afterDelete()
{
parent::afterDelete();
AuthAssignment::model()->deleteAll('userid = :uid', array(':uid' => $this->user_id));
}
public function getRole()
{
$assigment = AuthAssignment::model()->findByAttributes(array(
'userid' => $this->id
));
if (!$assigment) {
$assigment = new AuthAssignment();
$assigment->itemname = AuthItem::ROLE_DEFAULT;
$assigment->userid = $this->id;
$assigment->save();
}
return $assigment->role;
}
public function afterDelete($event)
{
$owner = $this->getOwner();
$auth = Yii::app()->authManager;
AuthAssignment::model()->deleteAll('userid=:userid', array(':userid' => $owner->getPrimaryKey()));
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer the ID of the model to be loaded
*/
public function loadModel($id)
{
$model = AuthAssignment::model()->findByPk($id);
if ($model === null) {
throw new CHttpException(404, 'The requested page does not exist.');
}
return $model;
}
/**
*
* @desc check if User is assigned to an AuthItem
* @param string $username from table user.username
* @param string $itemname from table authAssignment.itemname
* @return boolean
*/
public function userIsAssigned($username, $itemname)
{
return AuthAssignment::model()->findByAttributes(array('unserid' => $username, 'itemname' => $itemname)) !== null ? true : false;
}
/**
* Updates a particular model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id the ID of the model to be updated
*/
public function actionUpdate($id)
{
$transaction = Yii::app()->db->beginTransaction();
try {
$model = $this->loadModel($id);
if (isset($_POST['User'])) {
$model->attributes = $_POST['User'];
if ($model->save()) {
$authAsign = AuthAssignment::model()->findByAttributes(array('userid' => $model->nick));
$authAsign->itemname = $model->role;
if ($authAsign->save()) {
$this->audit->logAudit(Yii::app()->user->id, new DateTime(), AppConstants::AUDIT_OBJECT_USER, AppConstants::AUDIT_OPERATION_EDIT, $model->nick);
$this->render('/site/successfullOperation', array('header' => 'Usuario modificado con éxito', 'message' => 'Haga click en volver para regresar a la gestión de usuarios', 'returnUrl' => Yii::app()->createUrl('user/admin'), 'viewUrl' => Yii::app()->createUrl("user/view", array("id" => $model->nick))));
$transaction->commit();
return;
} else {
$transaction->rollback();
}
}
}
$this->render('update', array('model' => $model));
} catch (Exception $exc) {
Yii::log($exc->getMessage(), DBLog::LOG_LEVEL_ERROR);
$transaction->rollback();
}
}