public function actionAssignment() { $model = new Authassignment(); if (isset($_POST['Authassignment'])) { $model->attributes = $_POST['Authassignment']; if ($model->validate()) { //$this->saveModel($model); //$this->redirect(array('view','itemname'=>$model->itemname, 'userid'=>$model->userid)); $auth = Yii::app()->authManager; $auth->assign($model->itemname, $model->userid, $model->bizrule, $model->data); } } $user = User::model()->findAll(); $item = AuthItem::model()->findAll(array('condition' => 'type=2')); $this->render('assignment', array('model' => $model, 'user' => $user, 'item' => $item)); }
/** * create project * @param array $settings * @return boolean */ public function createProject($settings) { //currently only for persons create project if ($this->model != 'd2person.PprsPerson') { return false; } //validate user roles with setting roles if (isset($settings['user_roles'])) { $user_roles = Authassignment::model()->getUserRoles(Yii::app()->user->id); $a = array_intersect($user_roles, $settings['user_roles']); if (empty($a)) { return false; } } $model = PprsPerson::model()->findByPk($this->model_id); //create project $ttsk = new TtskTask(); $ttsk->ttsk_pprs_id = $this->model_id; $ttsk->ttsk_name = 'New attachment to ' . $model->itemLabel; $ttsk->ttsk_description = ''; $ttsk->ttsk_tstt_id = $settings['new_project_status']; //not started try { if (!$ttsk->save()) { return false; } } catch (Exception $e) { return false; } //create task $tcmn = new TcmnCommunication(); $tcmn->tcmn_ttsk_id = $ttsk->ttsk_id; $tcmn->tcmn_task = 'Validate attachment:' . PHP_EOL; $tcmn->tcmn_task .= $this->file_name . ' ' . $this->add_datetime; $tcmn->tcmn_tcst_id = $settings['task_init_status']; $tcmn->tcmn_datetime = new CDbExpression('ADDDATE(NOW(),' . $settings['task_due_in_days'] . ' )'); try { if (!$tcmn->save()) { return false; } } catch (Exception $e) { return false; } return true; }
/** * set reipient as user role * @param id $d2mm_id * @param string $role */ public static function setRecipientRole($d2mm_id, $role) { //get roles users $pprs_list = Authassignment::getRoleUsers($role); foreach ($pprs_list as $pprs_id) { $d2mr = new D2mrRecipient(); $d2mr->d2mr_d2mm_id = $d2mm_id; $d2mr->d2mr_recipient_pprs_id = $pprs_id; $d2mr->d2mr_recipient_role = $role; $d2mr->save(); } }
</div> </div> <div class="span5"> <!-- main inputs --> <?php $form = $this->beginWidget('CActiveForm', array('id' => 'user-rolls')); /** * ROLES */ $aChecked = Authassignment::model()->getUserRoles($model->id); $admin_role = Yii::app()->getModule('rights')->superuserName; if (in_array($admin_role, $aChecked)) { $info_allert = array(UserModule::t('For administrator can not save changes of roles')); $body = ''; } else { $info_allert = array(); $aChecked = Authassignment::model()->getUserRoles($model->id); if (count($aChecked) == 1) { //kaut kads gljuks, nedrikst padot masivu ar vienu elementu $aChecked = $aChecked[0]; } $all_roles = Authitem::model()->findAllByAttributes(['type' => Authitem::TYPE_ROLE]); $all_roles_dict = []; foreach ($all_roles as $role_record) { $all_roles_dict[$role_record['name']] = $role_record['description']; } $UserAdminRoles = Yii::app()->getModule('user')->UserAdminRoles; $list = []; foreach ($UserAdminRoles as $role_name) { //add only defined roles if (isset($all_roles_dict[$role_name])) { $list[$role_name] = $all_roles_dict[$role_name];
/** * Updates a particular model. * If update is successful, the browser will be redirected to the 'view' page. * @param integer $id the ID of the model to be updated */ public function actionUpdate($id) { $model = $this->loadModel($id); // Uncomment the following line if AJAX validation is needed // $this->performAjaxValidation($model); if (isset($_POST['Usuario'])) { $model->attributes = $_POST['Usuario']; if ($model->validate()) { if ($model->save()) { $usuario = Usuario::model()->findByPk($model->id); $auth = Yii::app()->authManager; Authassignment::model()->deleteAllByAttributes(array('userid' => $id)); $auth->revoke($usuario->rol, $model->id); $auth->assign($model->rol, $model->id); $this->redirect(array('view', 'id' => $model->id)); } } } $this->render('update', array('model' => $model)); }
/** * Updates a particular model. * If update is successful, the browser will be redirected to the 'view' page. * @param integer $id the ID of the model to be updated */ public function actionUpdate($id) { $disabled = ""; if (Yii::app()->user->checkAccess('employee.update')) { $model = $this->loadModel($id); $user = RbacUser::model()->find('employee_id=:employeeID', array(':employeeID' => (int) $id)); $criteria = new CDbCriteria(); $criteria->condition = 'userid=:userId'; $criteria->select = 'itemname'; $criteria->params = array(':userId' => $user->id); $authassigment = Authassignment::model()->findAll($criteria); $auth_items = array(); foreach ($authassigment as $auth_item) { $auth_items[] = $auth_item->itemname; } $user->items = $auth_items; $user->sales = $auth_items; $user->employees = $auth_items; $user->customers = $auth_items; $user->store = $auth_items; $user->suppliers = $auth_items; $user->receivings = $auth_items; $user->reports = $auth_items; $user->invoices = $auth_items; $user->payments = $auth_items; // Uncomment the following line if AJAX validation is needed // $this->performAjaxValidation($model); if (isset($_POST['Employee'])) { $model->attributes = $_POST['Employee']; $user->attributes = $_POST['RbacUser']; if ($_POST['Employee']['year'] !== "" || $_POST['Employee']['month'] !== "" || $_POST['Employee']['day'] !== "") { $dob = $_POST['Employee']['year'] . '-' . $_POST['Employee']['month'] . '-' . $_POST['Employee']['day']; $model->dob = $dob; } // validate BOTH $a and $b $valid = $model->validate(); $valid = $user->validate() && $valid; if ($valid) { $transaction = $model->dbConnection->beginTransaction(); try { if ($model->save()) { if ($user->save()) { // Delete all existing granted module Authassignment::model()->deleteAuthassignment($user->id); $assignitems = array('items', 'sales', 'employees', 'customers', 'suppliers', 'store', 'receivings', 'reports', 'invoices', 'payments'); foreach ($assignitems as $assignitem) { if (!empty($_POST['RbacUser'][$assignitem])) { foreach ($_POST['RbacUser'][$assignitem] as $itemId) { $authassigment = new Authassignment(); $authassigment->userid = $user->id; $authassigment->itemname = $itemId; $authassigment->save(); } } } $transaction->commit(); Yii::app()->user->setFlash(TbHtml::ALERT_COLOR_SUCCESS, 'Employee : <strong>' . ucwords($model->last_name . ' ' . $model->first_name) . '</strong> have been saved successfully!'); $this->redirect(array('admin')); } else { Yii::app()->user->setFlash('error', '<strong>Oh snap!</strong> Change a few things up and try submitting again.'); } } } catch (Exception $e) { $transaction->rollback(); Yii::app()->user->setFlash('error', '<strong>Oh snap!</strong> Change a few things up and try submitting again.' . $e); } } } } else { throw new CHttpException(403, 'You are not authorized to perform this action'); } if (strtolower($user->user_name) == strtolower('admin') || strtolower($user->user_name) == strtolower('super')) { $disabled = "true"; } $this->render('update', array('model' => $model, 'user' => $user, 'disabled' => $disabled)); }
private function _refreshRole($email) { $criteriab = new CDbCriteria(); $criteriab->addCondition("userid=:type"); $criteriab->params[':type'] = $email; $models = Authassignment::model()->findAll($criteriab); $assignedArr = array(); foreach ($models as $value) { $assignedArr[] = $value['itemname']; } $criteria = new CDbCriteria(); $criteria->addCondition("type=:type"); $criteria->params[':type'] = 2; $role = AppAuthitem::model()->findAll($criteria); $assigningArr = array(); foreach ($role as $value) { if (!in_array($value['name'], $assignedArr)) { $assigningArr[] = $value['name']; } } $this->renderPartial('assign/_assign', array('models' => $assignedArr, 'role' => $assigningArr)); }
/** * Creates a new model. * If creation is successful, the browser will be redirected to the 'view' page. */ public function actionCreate() { $this->layout = ''; $model = new User(); $profile = new Profile(); $this->performAjaxValidation(array($model, $profile)); if (isset($_POST['User'])) { $post_user = $_POST['User']; /** * for customer user * - email is username * - password generated */ if (isset($_POST['user_type']) && $_POST['user_type'] == 'customer') { $post_user['username'] = $post_user['email']; $post_user['password'] = DbrLib::rand_string(8); $post_user['status'] = User::STATUS_ACTIVE; } $model->attributes = $post_user; $model->activkey = Yii::app()->controller->module->encrypting(microtime() . $model->password); $profile->attributes = $_POST['Profile']; $profile->user_id = 0; if ($model->validate() && $profile->validate()) { $model->password = Yii::app()->controller->module->encrypting($model->password); if ($model->save()) { if (Yii::app()->sysCompany->getActiveCompany()) { //create person $model_person = new PprsPerson(); $model_person->pprs_first_name = $profile->first_name; $model_person->pprs_second_name = $profile->last_name; if (isset($post_user['ccmp_id'])) { $model_person->pprs_ccmp_id = $post_user['ccmp_id']; } else { $model_person->pprs_ccmp_id = Yii::app()->sysCompany->getActiveCompany(); } $model_person->save(); } $profile->user_id = $model->id; $profile->person_id = $model_person->primaryKey; $profile->save(); /** * customer user * - add role user customer * - redirect to view */ if (isset($_POST['user_type']) && $_POST['user_type'] == 'customer') { //add role user customer $aa_model = new Authassignment(); $aa_model->itemname = Yii::app()->getModule('user')->customerUser['role']; $aa_model->userid = $model->id; $aa_model->save(); //redirect to view $this->redirect(array('viewCustomer', 'id' => $model->id)); } } $this->redirect(array('view', 'id' => $model->id)); } else { $profile->validate(); } } if (isset($_GET['type']) && $_GET['type'] == 'customer') { $this->menu_route = "user/admin/customerAdmin"; $view = 'create_customer'; } else { $view = 'create'; } if (Yii::app()->getModule('user')->view) { $alt_view = Yii::app()->getModule('user')->view . '.admin.' . $view; if (is_readable(Yii::getPathOfAlias($alt_view) . '.php')) { $view = $alt_view; $this->layout = Yii::app()->getModule('user')->layout; } } $this->render($view, array('model' => $model, 'profile' => $profile)); }
protected function afterSave() { parent::afterSave(); $this->data = unserialize($this->data); if ($this->oldName != $this->name) { //更新关联的三张表 $this->model()->updateByPk($this->oldName, array("name" => $this->name)); $criteria = new CDbCriteria(); $criteria->condition = "itemname='" . $this->oldName . "'"; Authassignment::model()->updateAll(array('itemname' => $this->name), $criteria); $criteria->condition = "parent='" . $this->oldName . "'"; Authitemchild::model()->updateAll(array('parent' => $this->name), $criteria); $criteria->condition = "child='" . $this->oldName . "'"; Authitemchild::model()->updateAll(array('child' => $this->name), $criteria); } }
/** * Displays a particular model. */ public function actionView() { $this->layout = ''; $model = $this->loadModel(); //update record if (isset($_POST['user_role_name']) || isset($_POST['user_sys_ccmp_id'])) { //cheked roles $aChecked = Authassignment::model()->getUserRoles($model->id); //get in form checked $aPostRole = array(); if (isset($_POST['user_role_name'])) { foreach ($_POST['user_role_name'] as $nRoleId) { $aPostRole[] = $nRoleId; } } $aDelRole = array_diff($aChecked, $aPostRole); $aNewRole = array_diff($aPostRole, $aChecked); $UserAdminRoles = Yii::app()->getModule('user')->UserAdminRoles; foreach ($aNewRole as $sRoleName) { // can not add no User Admin roles defined in main config if (!in_array($sRoleName, $UserAdminRoles)) { continue; } $aa_model = new Authassignment(); $aa_model->itemname = $sRoleName; $aa_model->userid = $model->id; if (!$aa_model->save()) { print_r($aa_model->errors); exit; } } if (!empty($aDelRole)) { Authassignment::model()->deleteAll("`userid` = :userid AND itemname in('" . implode("','", $aDelRole) . "')", array(':userid' => $model->id)); } //checked companies $aUserCompanies = CcucUserCompany::model()->getUserCompnies($model->id, CcucUserCompany::CCUC_STATUS_SYS); $aChecked = array(); foreach ($aUserCompanies as $UC) { $aChecked[] = $UC->ccuc_ccmp_id; } //get in form checked $aPostSysCcmp = array(); if (isset($_POST['user_sys_ccmp_id'])) { foreach ($_POST['user_sys_ccmp_id'] as $ccmp_id) { $aPostSysCcmp[] = $ccmp_id; } } $aDelSysCcmpid = array_diff($aChecked, $aPostSysCcmp); $aNewSysCcmpid = array_diff($aPostSysCcmp, $aChecked); $list = array(); if (UserModule::isAdmin()) { //for admin get all sys companies $criteria = new CDbCriteria(); $criteria->compare('t.ccxg_ccgr_id', 1); //1 - syscompany $model_ccxg = CcxgCompanyXGroup::model()->findAll($criteria); foreach ($model_ccxg as $mCcxg) { $list[$mCcxg->ccxg_ccmp_id] = 1; } } else { foreach (Yii::app()->sysCompany->getClientCompanies() as $mCcmp) { $list[$mCcmp->ccucCcmp->ccmp_id] = 1; } } foreach ($aNewSysCcmpid as $cmmp_id) { // can not add no User Admin sys ccmp if (!isset($list[$cmmp_id])) { continue; } //create ccuc (company <==> person) $mCcuc = new CcucUserCompany(); $mCcuc->ccuc_ccmp_id = $cmmp_id; $mCcuc->ccuc_status = CcucUserCompany::CCUC_STATUS_SYS; $mCcuc->ccuc_person_id = $model->profile->person_id; $mCcuc->save(); if (!$mCcuc->save()) { print_r($mCcuc->errors); exit; } } if (!empty($aDelSysCcmpid)) { CcucUserCompany::model()->deleteAll("`ccuc_status` = :ccuc_status " . " AND `ccuc_person_id` = :ccuc_person_id " . " AND ccuc_ccmp_id in('" . implode("','", $aDelSysCcmpid) . "')", array(':ccuc_person_id' => $model->profile->person_id, ':ccuc_status' => CcucUserCompany::CCUC_STATUS_SYS)); } } $view = 'view'; if (Yii::app()->getModule('user')->view) { $alt_view = Yii::app()->getModule('user')->view . '.admin.' . $view; if (is_readable(Yii::getPathOfAlias($alt_view) . '.php')) { $view = $alt_view; $this->layout = Yii::app()->getModule('user')->layout; } } $model = $this->loadModel(); $this->render($view, array('model' => $model)); }
/** * Returns the data model based on the primary key given in the GET variable. * If the data model is not found, an HTTP exception will be raised. * @param integer $id the ID of the model to be loaded * @return Authassignment the loaded model * @throws CHttpException */ public function loadModel($id) { $model = Authassignment::model()->findByPk($id); if ($model === null) { throw new CHttpException(404, 'The requested page does not exist.'); } return $model; }
/** * Deletes a particular model. * If deletion is successful, the browser will be redirected to the 'admin' page. * @param integer $id the ID of the model to be deleted */ public function actionDelete($id) { $model = $this->loadModel($id); $usuario = Usuario::model()->findByPk($model->usuario_id); $model->delete(); Authassignment::model()->deleteAllByAttributes(array('userid' => $usuario->id)); $usuario->delete(); // if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser if (!isset($_GET['ajax'])) { $this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin')); } }