/**
* @method GET
* @provides application/json
* @json
*/
public function getUser()
{
if (isset($_GET['id'])) {
$user = User::getById($_GET['id']);
return new Response(Response::OK, $user->toArray());
} else {
$roles = Role::getAll();
//$users->page((int)$_GET['page']);
//$users->countPerPage((int)$_GET['count']);
$result = [];
foreach ($roles as $role) {
$result[] = $role->toArray();
}
return new Response(Response::OK, ['data' => $result]);
}
}
protected function addPermission($permName, $user = null, $site = null)
{
if ($user == null) {
$user = $this->user;
}
if ($site == null) {
$site = $this->site;
}
$role = \Bazalt\Auth\Model\Role::create();
$role->title = $permName . ' test role' . $user->id;
$role->save();
$this->models[] = $role;
$perm = \Bazalt\Auth\Model\Permission::getById($permName);
if (!$perm) {
$perm = new \Bazalt\Auth\Model\Permission();
$perm->id = $permName;
$perm->save();
$this->models[] = $perm;
}
$role->Permissions->add($perm);
$user->Roles->add($role, ['site_id' => $site->id]);
}
public function getRoles()
{
return Role::getGuestRoles();
}
public function testSwitchRole()
{
\Bazalt\Site\Option::set(\Bazalt\Auth::SPLIT_ROLES_OPTION, false);
// create role
$role = Role::create();
$role->title = 'Test1';
$role->save();
$this->models[] = $role;
// create role
$role2 = Role::create();
$role2->title = 'Test2';
$role2->save();
$this->models[] = $role2;
$this->user->Roles->add($role, ['site_id' => $this->site->id]);
$this->user->Roles->add($role2, ['site_id' => $this->site->id]);
// print_r($this->user->getRoles());
$curRole = \Bazalt\Auth::getCurrentRole();
// print_r($curRole);
$this->assertEquals($role->id, $curRole->id);
$this->assertTrue(\Bazalt\Auth::setCurrentRole($role->id));
$curRole = \Bazalt\Auth::getCurrentRole();
$this->assertEquals($role->id, $curRole->id);
$this->assertTrue(\Bazalt\Auth::setCurrentRole($role2->id));
$curRole = \Bazalt\Auth::getCurrentRole();
$this->assertEquals($role2->id, $curRole->id);
$this->assertFalse(\Bazalt\Auth::setCurrentRole(9999));
//try to set non exists role
$curRole = \Bazalt\Auth::getCurrentRole();
$this->assertEquals($role2->id, $curRole->id);
\Bazalt\Site\Option::set(\Bazalt\Auth::SPLIT_ROLES_OPTION, true);
}
/**
* @method PUT
* @method POST
* @json
*/
public function saveUser()
{
$data = Validator::create((array) $this->request->data);
$emailField = $data->field('email')->required()->email();
$user = User::getById($data['id']);
if (!$user) {
return new Response(400, ['id' => 'User not found']);
}
$userRoles = [];
$data->field('roles')->validator('validRoles', function ($roles) use(&$userRoles) {
if ($roles) {
foreach ($roles as $role) {
$userRoles[$role] = Role::getById($role);
if (!$userRoles[$role]) {
return false;
}
}
}
return true;
}, 'Invalid roles');
$data->field('login')->required();
$data->field('gender')->required();
if (!$data->validate()) {
return new Response(400, $data->errors());
}
$user->login = $data['login'];
$user->email = $data['email'];
$user->firstname = $data['firstname'];
$user->secondname = $data['secondname'];
$user->patronymic = $data['patronymic'];
$user->birth_date = date('Y-m-d', strToTime($data['birth_date']));
//$user->password = User::cryptPassword($data['password']);
$user->gender = $data['gender'];
$user->is_active = $data['is_active'];
$user->is_deleted = $data['is_deleted'];
$user->save();
$user->Roles->clearRelations(array_keys($userRoles));
foreach ($userRoles as $role) {
$user->Roles->add($role, ['site_id' => 6]);
}
return new Response(200, $user->toArray());
}
/**
* Only for separated roles mode
*
* @return bool true if set role - success
*/
public static function setCurrentRole($roleId)
{
$session = new Session('auth');
$curRole = \Bazalt\Auth\Model\Role::getById((int) $roleId);
if ($curRole) {
$user = self::getUser();
if ($user->is_god || $user->hasRole($curRole->id)) {
$session->currentRoleId = $curRole->id;
return true;
}
}
return false;
}
public function getPermissions($site = null)
{
$site = $site ? $site : \Bazalt\Site::get();
$splitRoles = \Bazalt\Site\Option::get(\Bazalt\Auth::SPLIT_ROLES_OPTION, true);
$ret = [];
if ($this->is_god) {
$q = ORM::select('Bazalt\\Auth\\Model\\Permission p', 'p.id');
$res = $q->fetchAll();
foreach ($res as $perm) {
$ret[] = $perm->id;
}
} else {
if ($splitRoles) {
$q = ORM::select('Bazalt\\Auth\\Model\\Permission p', 'p.id')->innerJoin('Bazalt\\Auth\\Model\\RoleRefPermission rp', ['permission_id', 'p.id'])->innerJoin('Bazalt\\Auth\\Model\\RoleRefUser ru', ['role_id', 'rp.role_id'])->where('ru.user_id = ?', $this->id);
$res = $q->fetchAll();
foreach ($res as $perm) {
$ret[] = $perm->id;
}
} else {
$roles = Role::getGuestRoles();
if (!$this->isGuest()) {
$currentRole = \Bazalt\Auth::getCurrentRole();
if ($currentRole) {
$roles = [$currentRole];
}
}
foreach ($roles as $role) {
$res = $role->getPermissions();
foreach ($res as $perm) {
$ret[$perm->id] = $perm->id;
}
}
}
}
$ret = array_values($ret);
if (!$this->isGuest()) {
$ret[] = 'auth.user_logged';
}
return $ret;
}