/**
* 保存设定
*/
public function saveAction()
{
if ($this->_request->isPost()) {
$roleId = (int) $this->_request->getParam('role_id');
$this->acl->assign($roleId, $this->_request->getPost('rule_id'));
$this->_redirect($this->view->url(array('action' => 'assign', 'role_id' => $roleId)));
}
$this->view = null;
}
public function checkRole($userID)
{
if (Session::get('role') == null) {
$file = MODEL_PATH . 'AclModel.php';
if (file_exists($file)) {
include_once $file;
}
$acl = new AclModel();
$role = $acl->selectAllUserAcl($userID);
if (empty($role)) {
$this->error(true);
return false;
} else {
$aclUserId = array();
foreach ($role as $id) {
$aclUserId[] = $id['acl_id'];
}
$aclId = implode(',', $aclUserId);
$roles = $acl->selectAll($aclId);
$module = array('');
$controllAction = array('');
foreach ($roles as $value) {
$module[] = trim($value['module']);
$temp = explode('|', $value['action']);
foreach ($temp as $ac) {
$controllAction[] = $value['module'] . '-' . trim($ac);
}
}
$setRole = array();
$setRole['module'] = $module;
$setRole['controllAction'] = $controllAction;
Session::set('role', $setRole);
}
}
if (Router::$controller != 'index') {
if (in_array(Router::$controller, Session::get('role')['module']) != 1) {
$this->error(true);
return false;
}
if (Router::$action != 'default') {
$check = Router::$controller . '-' . Router::$action;
echo in_array($check, Session::get('role')['controllAction']) . '<br />';
if (in_array($check, Session::get('role')['controllAction']) != 1) {
$this->error(true);
return false;
}
}
}
$this->index();
}
/**
* save User ACL settings
*/
public function updateACL($section = '')
{
$id = $this->obj->getUid();
if (!$id) {
return false;
}
$objLst = new AclModel();
$objLst->connectDb();
if (is_string($section)) {
$objLst->where("section='{$section}'");
}
if (!$objLst->loadList()) {
return false;
}
$i = 0;
$fc = FrontController::getInstance();
$db = DbConnector::getConnection();
$table = $objLst->dbTable('acl_user');
while ($objLst->next()) {
if ($fc->getReqVar('acl_' . $objLst->get('name'))) {
$db->query('INSERT IGNORE INTO `' . $table . '` SET `user_id`=' . $id . ', `acl_id`=' . $objLst->getUid());
} else {
$db->query('DELETE IGNORE FROM `' . $table . '` WHERE `user_id`=' . $id . ' AND `acl_id`=' . $objLst->getUid());
}
$i++;
}
return $i;
}
function delete_roles($args = null)
{
//проверяем значение в post
if (!isset($_POST["roles"]) || !is_array($_POST["roles"])) {
echo json_encode(array("error" => array("field" => "roles", "msg" => "Не указаны роли")));
exit;
}
//удаляем массив ролей по параметрам из post
AclModel::deleteRoles($_POST["roles"]);
//возвращаем положительный ответ
echo json_encode(array("answer" => array("msg" => "ok")));
exit;
}
public function __construct()
{
$model = new AclModel();
$roles = $model->getRoles();
foreach ($roles as $role) {
// dump($role['key_name'], $role['parent_key']);
$this->addRole($role['key_name'], $role['parent_key']);
}
$resources = $model->getResources();
foreach ($resources as $resource) {
// dump($resource['key_name'], $resource['parent_key']);
$this->addResource($resource['key_name'], $resource['parent_key']);
}
foreach ($model->getRules() as $rule) {
if (!is_null($rule->assertion)) {
$rule->assertion = new $rule->assertion();
}
// dump($rule->access ? 'allow' : 'deny', $rule->role, $rule->resource, $rule->privilege, $rule->assertion);
$this->{$rule->access ? 'allow' : 'deny'}($rule->role, $rule->resource, $rule->privilege, $rule->assertion);
}
// die();
}
public function __construct()
{
$model = new AclModel();
$roles = $model->getRoles();
foreach ($roles as $role) {
$this->addRole($role['key_name'], $role['parent_key']);
}
$model->getResources();
foreach ($model->getResources() as $resource) {
$this->addResource($resource['key_name'], $resource['parent_key']);
}
foreach ($model->getRules() as $rule) {
$this->{$rule->access ? 'allow' : 'deny'}($rule->role, $rule->resource, $rule->privilege);
}
}
public function modelJson()
{
$usergroup = Ajde::app()->getRequest()->getPostParam('usergroup', []);
$model = Ajde::app()->getRequest()->getPostParam('model');
$preset = Ajde::app()->getRequest()->getPostParam('preset');
$options = $this->_modelPermissions[$model][$preset];
foreach ($usergroup as $ugId => $acl) {
AclModel::removeModelPermissions($ugId, $options['model'], $options['extra']);
foreach ($acl as $permission => $actions) {
foreach (explode('|', $actions) as $action) {
if ($action) {
AclModel::addPermission($permission, 'model', $ugId, $options['model'], $action, $options['extra']);
}
}
}
}
Ajde_Session_Flash::alert('Access updated for ' . $model . ': ' . $preset);
return ['success' => true];
}
