/**
* Form configuration
*/
public function initialize($entity = null, $options = null)
{
$t = $this->getDI()->get('translate');
// In edition the id is hidden
if (isset($options['edit']) && $options['edit']) {
$id = new Hidden('id');
} else {
$id = new Text('id');
}
$id->setLabel($t->gettext('Id'));
$this->add($id);
// Name field
$name = new Text('name', ['placeholder' => $t->gettext('Name')]);
$name->setLabel($t->gettext('Name'));
$name->addValidators([new PresenceOf(['message' => $t->gettext('Name is required')])]);
$this->add($name);
// Email field
$email = new Text('email', ['placeholder' => $t->gettext('Email')]);
$email->setLabel($t->gettext('Email'));
$email->addValidators([new PresenceOf(['message' => $t->gettext('Email is required')]), new Email(['message' => $t->gettext('Email is not valid')])]);
$this->add($email);
// rolesId field
$roles = Roles::find(['active = :active:', 'bind' => ['active' => 'Y']]);
$role = new Select('rolesId', $roles, ['using' => ['id', 'name'], 'useEmpty' => true, 'emptyText' => '...', 'emptyValue' => '']);
$role->setLabel($t->gettext('Role'));
$role->addValidators([new PresenceOf(['message' => $t->gettext('The user role must be set.')])]);
$this->add($role);
// active field
$active = new Select('active', ['N' => $t->gettext('No'), 'Y' => $t->gettext('Yes')]);
$active->setLabel($t->gettext('Active'));
$this->add($active);
// banned field
$banned = new Select('banned', ['Y' => $t->gettext('Yes'), 'N' => $t->gettext('No')]);
$banned->setLabel($t->gettext('Banned'));
$this->add($banned);
// emailActivationMsg field
$emailExtraMsg = new Textarea('emailActivationMsg', ['placeholder' => $t->gettext('Add text to send confirmation email.')]);
$emailExtraMsg->setLabel($t->gettext('Send activation email'));
$this->add($emailExtraMsg);
// Submit
$submit = new Submit('submit', ['value' => $t->gettext('Save')]);
$this->add($submit);
}
/**
* View the permissions for a role level, and change them if we have a POST.
*/
public function indexAction()
{
if ($this->request->isPost()) {
// Validate the role
$role = Roles::findFirstById($this->request->getPost('roleId'));
if ($role) {
if ($this->request->hasPost('save') && $this->request->hasPost('permissions')) {
// Deletes the current permissions
$role->getPermissions()->delete();
$savedMessages = [];
// Save the new permissions
foreach ($this->request->getPost('permissions') as $permission) {
// This may become out of sync with the permission model validators but
// its user input so rather be a bit more careful.
if (preg_match('/^([a-z]*):([a-zA-Z]+).([a-zA-Z]+)$/', $permission, $matches) !== 1) {
throw new \Exception('Error: The fully qualified permission is not valid');
}
$permission = new Permissions();
$permission->rolesId = $role->id;
$permission->namespace = $matches[1];
$permission->resource = $matches[2];
$permission->action = $matches[3];
if (!$permission->save()) {
$savedMessages[] = $permission->getMessages()[0];
}
}
if (empty($savedMessages)) {
$this->flash->success($this->translate->gettext('Permissions were updated with success'));
}
}
$this->view->acl = $this->acl;
// // Pass the current permissions to the view
$this->view->permissions = $this->acl->getPermissions($role);
}
$this->view->role = $role;
}
// Pass all the active roles
$this->view->roles = Roles::find(['active = :active:', 'bind' => ['active' => 'Y']]);
}
/**
* Deletes a Role
*
* @param int $id
*/
public function deleteAction($id)
{
$role = Roles::findFirstById($id);
if (!$role) {
$this->flash->error($this->translate->gettext('Role was not found'));
return $this->dispatcher->forward(['action' => 'index']);
}
if (!$role->delete()) {
$this->flash->error($role->getMessages());
} else {
$this->flash->success($this->translate->gettext('Role was deleted'));
}
return $this->dispatcher->forward(['action' => 'index']);
}
private function build()
{
$acl = new AclMemory();
$acl->setDefaultAction(\Phalcon\Acl::DENY);
foreach ($this->specComplete as $namespace => $resources) {
foreach ($resources as $resource => $actions) {
$nsRes = $namespace == '' ? $resource : $namespace . ':' . $resource;
$acl->addResource(new AclResource($this->mergeResource($namespace, $resource)), $actions);
}
}
// Register roles
$roles = Roles::find(['active = :active:', 'bind' => ['active' => 'Y']]);
foreach ($roles as $role) {
$acl->addRole(new AclRole($role->name));
}
// Grant access to private area
foreach ($roles as $role) {
foreach ($this->specPublic as $namespace => $resources) {
foreach ($resources as $resource => $actions) {
$acl->allow($role->name, $this->mergeResource($namespace, $resource), $actions);
}
}
// Grant permissions in "permissions" model
foreach ($role->getPermissions() as $permission) {
$acl->allow($role->name, $permission->getNamespaceResource(), $permission->action);
}
}
return $acl;
}
/**
*
*/
private function getRoleByUniqueRef($roleRef)
{
// Allow the role to be specified as a primary key or by the exact name
if (ctype_digit($roleRef)) {
$roleParam = ['conditions' => 'id = ?0 AND active = ?1', 'bind' => [$roleRef, 'Y']];
} else {
$roleParam = ['conditions' => 'name = ?0 AND active = ?1', 'bind' => [$roleRef, 'Y']];
}
if (($role = Roles::findFirst($roleParam)) === false) {
throw new ArgumentValidationException("Unable to find role {$roleRef}", 1);
}
return $role;
}
