Ejemplo n.º 1
0
 public static function checkUserPermission($controller, $action)
 {
     $controller = strtoupper($controller . 'Controller');
     if (Yii::app()->user->name === 'admin') {
         return true;
     }
     if (!isset(Yii::app()->user->role)) {
         return false;
     }
     $userId = Yii::app()->user->getId();
     $group_id = Yii::app()->user->role;
     /*get group permission*/
     $permission = AGroupPermission::model()->findAll('group_id = :group_id', array(':group_id' => $group_id));
     $arrayGroupPermission = array();
     foreach ($permission as $row) {
         $arrayGroupPermission[strtoupper($row['controller'])] = unserialize($row['permission']);
     }
     /*get user permission*/
     $uerPermission = ASystemUserPermission::model()->findAll('user_id = :user_id', array(':user_id' => $userId));
     $arrayUserPermission = array();
     if (is_array($uerPermission)) {
         foreach ($uerPermission as $row) {
             $arrayUserPermission[strtoupper($row['controller'])] = unserialize($row['permission']);
         }
     }
     $resutUserPermission = array_merge($arrayGroupPermission, $arrayUserPermission);
     if (is_array($resutUserPermission)) {
         if (isset($resutUserPermission[$controller]) && in_array($action, $resutUserPermission[$controller])) {
             return true;
         }
     }
     return false;
 }
 public function actionPermission()
 {
     $user = $this->loadModel($_REQUEST['id']);
     /*get group permission*/
     $permission = AGroupPermission::model()->findAll('group_id = :group_id', array(':group_id' => $user->group_id));
     $arrayGroupPermission = array();
     foreach ($permission as $row) {
         $arrayGroupPermission[$row['controller']] = unserialize($row['permission']);
     }
     $arrayController = array();
     $declaredClasses = get_declared_classes();
     foreach (glob(Yii::getPathOfAlias('application.adm.controllers') . "/*Controller.php") as $controller) {
         $class = basename($controller, ".php");
         //check exist user permission
         $objBSystemUserPermission = ASystemUserPermission::model()->find(array('select' => 'permission', 'condition' => 'user_id = :userId AND controller = :controller', 'params' => array(':userId' => $_REQUEST['id'], ':controller' => $class)));
         if (isset($_REQUEST[$class])) {
             if ($objBSystemUserPermission) {
                 if (unserialize($objBSystemUserPermission->permission) === $_REQUEST[$class]) {
                 } else {
                     //update
                     ASystemUserPermission::model()->updateAll(array('permission' => serialize($_REQUEST[$class])), 'user_id = :user_id AND controller = :controller', array(':user_id' => $_REQUEST['id'], ':controller' => $class));
                 }
             } else {
                 /*get user permission*/
                 $uerPermission = ASystemUserPermission::model()->findAll('user_id = :user_id', array(':user_id' => $_REQUEST['id']));
                 $arrayUserPermission = array();
                 if (is_array($uerPermission)) {
                     foreach ($uerPermission as $row) {
                         $arrayUserPermission[$row['controller']] = unserialize($row['permission']);
                     }
                 }
                 if (isset($arrayUserPermission[$class]) && $arrayUserPermission[$class] === $_REQUEST[$class]) {
                 } else {
                     //insert
                     $bSystemUserPermission = new ASystemUserPermission();
                     $bSystemUserPermission->controller = $class;
                     $bSystemUserPermission->user_id = $_REQUEST['id'];
                     $bSystemUserPermission->permission = serialize($_REQUEST[$class]);
                     $bSystemUserPermission->insert();
                 }
             }
         } else {
             if (isset($arrayGroupPermission[$class])) {
                 if (!$objBSystemUserPermission) {
                     $bSystemUserPermission = new ASystemUserPermission();
                     $bSystemUserPermission->controller = $class;
                     $bSystemUserPermission->user_id = $_REQUEST['id'];
                     $bSystemUserPermission->permission = serialize(array());
                     $bSystemUserPermission->insert();
                 } else {
                     ASystemUserPermission::model()->updateAll(array('permission' => serialize(array())), 'user_id = :user_id AND controller = :controller', array(':user_id' => $_REQUEST['id'], ':controller' => $class));
                 }
             } else {
                 $aSystemUserPermission = ASystemUserPermission::model()->find('user_id = :user_id AND controller = :controller', array(':user_id' => $_REQUEST['id'], ':controller' => $class));
                 if ($aSystemUserPermission === null) {
                     $aSystemUserPermission = new ASystemUserPermission();
                     $aSystemUserPermission->user_id = $_REQUEST['id'];
                     $aSystemUserPermission->controller = $class;
                     $aSystemUserPermission->permission = serialize(array());
                     $aSystemUserPermission->save();
                 } else {
                     ASystemUserPermission::model()->updateAll(array('permission' => serialize(array())), 'user_id = :user_id AND controller = :controller', array(':user_id' => $_REQUEST['id'], ':controller' => $class));
                 }
             }
         }
     }
     Yii::app()->user->setFlash('success', "Bạn đã sửa quyền thành công");
     $this->redirect(array('view', 'id' => $_REQUEST['id']));
 }