public function getAccessListAction()
{
if ($this->request->isPost()) {
if ($this->request->isAjax()) {
if ($this->token->check('token')) {
$records = AclAccessList::find()->toArray();
$data = array('data' => $records);
return $this->sendAjax($data);
}
}
}
}
protected function _allowOrDeny($roleName, $resourceName, $access, $action)
{
if (!$this->isRole($roleName) && $roleName != '*') {
throw new \Exception("Role '{$roleName}' does not exist in ACL");
}
if (!$this->isResource($resourceName) && $resourceName != '*') {
throw new \Exception("Resource '{$resourceName}' does not exist in ACL");
}
if (!is_array($access)) {
$access = array($access);
}
foreach ($access as $accessName) {
if (!$this->isResourceAccess($resourceName, $accessName) && $accessName != '*') {
throw new \Exception("Access '{$accessName}' does not exist in resource '{$resourceName}'");
}
if ($accessList = $this->accessExists($roleName, $resourceName, $accessName)) {
// UPDATE
$accessList->allowed = (int) $action;
$success = $accessList->update();
} else {
// INSERT
$accessList = new AclAccessList();
$accessList->roles_name = $roleName;
$accessList->resources_name = $resourceName;
$accessList->access_name = $accessName;
$accessList->allowed = (int) $action;
$success = $accessList->save();
}
if ($accessName != '*' && !$this->accessExists($roleName, $resourceName, '*')) {
$accessList = new AclAccessList();
$accessList->roles_name = $roleName;
$accessList->resources_name = $resourceName;
$accessList->access_name = '*';
$accessList->allowed = (int) $this->_defaultAccess;
}
}
}