/** * Creates new instance of SecurityContext specific by user. * @param \CUser|int $user User. */ public function __construct($user) { $this->userId = static::GUEST_USER; if ($user instanceof \CUser) { if ($user->isAuthorized()) { $this->userId = $user->getId(); } } elseif ((int) $user > 0) { $this->userId = (int) $user; } $this->errorCollection = new ErrorCollection(); }
public function actionEdit() { $query = new CQuery(); $query->select("user.*")->from(TABLE_USERS . " as user")->order("user.FIO asc"); $users = array(); foreach ($query->execute()->getItems() as $ar) { $user = new CUser(new CActiveRecord($ar)); $users[$user->getId()] = $user->FIO; } $quest = CQuestionManager::getQuestion(CRequest::getInt("id")); $this->setData("users", $users); $this->setData("quest", $quest); $this->renderView("__public/_question_add/edit.tpl"); }
public function actionView() { $set = new CRecordSet(false); $query = new CQuery(); $set->setQuery($query); $query->select("DISTINCT subject.*")->from(TABLE_DISCIPLINES . " as subject")->innerJoin(TABLE_LIBRARY_DOCUMENTS . " as doc", "doc.subj_id = subject.id")->condition("doc.user_id = " . CRequest::getFilter("author"))->order("subject.name asc"); $selectedUser = null; $usersQuery = new CQuery(); $usersQuery->select("user.*")->from(TABLE_USERS . " as user")->order("user.fio asc")->innerJoin(TABLE_LIBRARY_DOCUMENTS . " as doc", "user.id = doc.user_id"); // фильтр по автору if (!is_null(CRequest::getFilter("author"))) { $selectedUser = CRequest::getFilter("author"); $author = CRequest::getFilter("author"); } else { $query->condition("doc.user_id = " . CSession::getCurrentUser()->getId()); $author = CSession::getCurrentUser()->getId(); } $users = array(); foreach ($usersQuery->execute()->getItems() as $ar) { $user = new CUser(new CActiveRecord($ar)); $users[$user->getId()] = $user->getName(); } $folders = new CArrayList(); foreach ($set->getPaginated()->getItems() as $ar) { $folder = new CLibraryFolder(new CTerm($ar)); $folders->add($folders->getCount(), $folder); } $this->addActionsMenuItem(array(array("title" => "Назад", "link" => WEB_ROOT . "_modules/_library/index.php", "icon" => "actions/edit-undo.png"))); if (CSession::isAuth() and (CSession::getCurrentUser()->getLevelForCurrentTask() == ACCESS_LEVEL_WRITE_OWN_ONLY or CSession::getCurrentUser()->getLevelForCurrentTask() == ACCESS_LEVEL_WRITE_ALL)) { $this->addActionsMenuItem(array(array("title" => "Добавить предмет", "link" => WEB_ROOT . "_modules/_library/index.php?action=addDocument&filter=author:" . $author, "icon" => "actions/list-add.png"))); } $this->addCSSInclude(JQUERY_UI_CSS_PATH); $this->addJSInclude(JQUERY_UI_JS_PATH); $this->setData("folders", $folders); $this->setData("users", $users); $this->setData("selectedUser", $selectedUser); $this->setData("author", $author); $this->setData("paginator", $set->getPaginator()); $this->renderView("_library/view.tpl"); }
/** * Получить роли по идентификатору задачи выбранного сотрудника * @param CUserRole $key * @param CUser $user * @return CArrayList */ public static function getRolesByTaskByUser(CUserRole $key, CUser $user) { $roles = new CArrayList(); $users = new CArrayList(); foreach (CActiveRecordProvider::getWithCondition(TABLE_USER_IN_GROUPS, "user_id = '" . $user->getId() . "'")->getItems() as $item) { $user = new CUser($item); $users->add($user->getId(), $user); } foreach (CStaffManager::getRolesByTask($key)->getItems() as $role) { foreach ($users->getItems() as $user) { if ($role->user_group_id == $user->group_id) { $roles->add($role->getId(), $role); self::getCacheRolesGroups()->add($role->id, $role); } } } return $roles; }
/** * Resolves userId from parameter $user. * * @param \CUser|User|int $user Different types: User model, CUser, id of user. * @return int|null */ public static function resolveUserId($user) { if ($user instanceof User) { return (int) $user->getId(); } if ($user instanceof \CUser) { return (int) $user->getId(); } elseif (is_numeric($user) && (int) $user > 0) { return (int) $user; } return null; }
/** * Сохранение данных поручим модели чтобы * контроллер не нагружать */ public function save() { /** * Извлечем все данные из текущей модели. * Мы будем сохранять их по отдельности */ $user = $this->user; $roles = array(); $groups = array(); if (array_key_exists("groups", $user)) { $groups = $user["groups"]; unset($user["groups"]); } if (array_key_exists("roles", $user)) { $roles = $user["roles"]; unset($user["roles"]); } $userObj = new CUser(); $userObj->setAttributes($user); if ($this->changePassword == 1) { if ($this->newPassword !== "") { $userObj->password = md5($this->newPassword); } } $userObj->save(); $this->user = $userObj; /** * Удаляем старые упоминания о группах, в которых * пользователь состоял */ foreach (CActiveRecordProvider::getWithCondition(TABLE_USER_IN_GROUPS, "user_id = " . $userObj->getId())->getItems() as $ar) { $ar->remove(); } foreach ($groups as $group) { $ar = new CActiveRecord(array("user_id" => $userObj->getId(), "group_id" => $group, "id" => null)); $ar->setTable(TABLE_USER_IN_GROUPS); $ar->insert(); } /** * Исключаем из личных прав пользователей те, которые совпадают с правами * на задачу * * 08.11.2014 * Больше так не делаем - пусть система работает тривиально. Если это * личные права, то они до конца личные * foreach ($userObj->getGroups()->getItems() as $group) { foreach ($group->getRoles()->getItems() as $role) { if (array_key_exists($role->getId(), $roles)) { if ($role->level == $roles[$role->getId()]) { unset($roles[$role->getId()]); } } } } */ /** * Удаляем старые и сохраняем отличающиеся */ foreach (CActiveRecordProvider::getWithCondition(TABLE_USER_HAS_ROLES, "user_id = " . $userObj->getId())->getItems() as $ar) { $ar->remove(); } /** * Сохраняем личные права пользователя */ foreach ($roles as $role => $level) { /** * Можно индивидуально запрещать доступ к задаче */ // if ($level != 0) { $ar = new CActiveRecord(array("id" => null, "user_id" => $userObj->getId(), "task_id" => $role, "task_rights_id" => $level)); $ar->setTable(TABLE_USER_HAS_ROLES); $ar->insert(); // } } }
public function actionIndex() { $set = new CRecordSet(false); $query = new CQuery(); $selectedUser = null; $query->select("quest.*")->from(TABLE_QUESTION_TO_USERS . " as quest")->order("quest.datetime_quest desc")->condition("quest.status=5"); $set->setQuery($query); $showAll = false; if (CRequest::getString("order") == "quest.user_id") { $direction = "asc"; if (CRequest::getString("direction") != "") { $direction = CRequest::getString("direction"); } $query->innerJoin(TABLE_USERS . " as user", "quest.user_id = user.id"); $query->order("user.fio " . $direction); } elseif (CRequest::getString("order") == "datetime_quest") { $direction = "asc"; if (CRequest::getString("direction") != "") { $direction = CRequest::getString("direction"); } $query->order("datetime_quest " . $direction); } elseif (CRequest::getString("order") == "datetime_answ") { $direction = "asc"; if (CRequest::getString("direction") != "") { $direction = CRequest::getString("direction"); } $query->order("datetime_answ " . $direction); } elseif (CRequest::getString("order") == "question_text") { $direction = "asc"; if (CRequest::getString("direction") != "") { $direction = CRequest::getString("direction"); } $query->order("question_text " . $direction); } elseif (CRequest::getString("order") == "contact_info") { $direction = "asc"; if (CRequest::getString("direction") != "") { $direction = CRequest::getString("direction"); } $query->order("contact_info " . $direction); } elseif (CRequest::getString("order") == "st.name") { $direction = "asc"; if (CRequest::getString("direction") != "") { $direction = CRequest::getString("direction"); } $query->leftJoin(TABLE_QUESTION_STATUS . " as st", "quest.status = st.id"); $query->order("st.name " . $direction); } elseif (CRequest::getString("order") == "answer_text") { $direction = "asc"; if (CRequest::getString("direction") != "") { $direction = CRequest::getString("direction"); } $query->order("answer_text " . $direction); } // фильтр по пользователю if (!is_null(CRequest::getFilter("user"))) { $query->innerJoin(TABLE_USERS . " as user", "quest.user_id = user.id and user.id = " . CRequest::getFilter("user")); $selectedUser = CRequest::getFilter("user"); } // фильтр по вопросу if (!is_null(CRequest::getFilter("question"))) { $query->condition("quest.id = " . CRequest::getFilter("question")); } // фильтр по ответу if (!is_null(CRequest::getFilter("answer"))) { $query->condition("quest.id = " . CRequest::getFilter("answer")); } // фильтр по контактам if (!is_null(CRequest::getFilter("contact"))) { $query->condition("quest.id = " . CRequest::getFilter("contact")); } $quests = new CArrayList(); $isArchive = CRequest::getString("isArchive") == "1"; if (!$isArchive) { if (CSession::getCurrentUser()->getLevelForCurrentTask() == ACCESS_LEVEL_READ_OWN_ONLY or CSession::getCurrentUser()->getLevelForCurrentTask() == ACCESS_LEVEL_WRITE_OWN_ONLY) { $query->condition('quest.user_id = "' . CSession::getCurrentUser()->getId() . '" and (quest.datetime_quest > "' . date("Y-m-d", strtotime(CUtils::getCurrentYear()->date_start)) . '" or quest.datetime_quest is NULL) and quest.status!=5'); } else { $query->condition('(quest.datetime_quest > "' . date("Y-m-d", strtotime(CUtils::getCurrentYear()->date_start)) . '" or quest.datetime_quest is NULL) and quest.status!=5'); } } else { if (CSession::getCurrentUser()->getLevelForCurrentTask() == ACCESS_LEVEL_READ_OWN_ONLY or CSession::getCurrentUser()->getLevelForCurrentTask() == ACCESS_LEVEL_WRITE_OWN_ONLY) { $query->condition('quest.user_id = "' . CSession::getCurrentUser()->getId() . '" and quest.status!=5'); } else { $query->condition("quest.status!=5"); } } if (CRequest::getInt("showAll") == 1) { if (!$isArchive) { if (CSession::getCurrentUser()->getLevelForCurrentTask() == ACCESS_LEVEL_READ_OWN_ONLY or CSession::getCurrentUser()->getLevelForCurrentTask() == ACCESS_LEVEL_WRITE_OWN_ONLY) { $query->condition('quest.user_id = "' . CSession::getCurrentUser()->getId() . '" and (quest.datetime_quest > "' . date("Y-m-d", strtotime(CUtils::getCurrentYear()->date_start)) . '" or quest.datetime_quest is NULL)'); } else { $query->condition('quest.datetime_quest > "' . date("Y-m-d", strtotime(CUtils::getCurrentYear()->date_start)) . '" or quest.datetime_quest is NULL'); } } else { if (CSession::getCurrentUser()->getLevelForCurrentTask() == ACCESS_LEVEL_READ_OWN_ONLY or CSession::getCurrentUser()->getLevelForCurrentTask() == ACCESS_LEVEL_WRITE_OWN_ONLY) { $query->condition('quest.user_id = "' . CSession::getCurrentUser()->getId() . '"'); } } $showAll = true; } foreach ($set->getPaginated()->getItems() as $ar) { $quest = new CQuestion($ar); $quests->add($quest->getId(), $quest); } if ($isArchive) { $requestParams = array(); foreach (CRequest::getGlobalRequestVariables()->getItems() as $key => $value) { if ($key != "isArchive") { $requestParams[] = $key . "=" . $value; } } $this->addActionsMenuItem(array(array("title" => "Текущий год", "link" => "?" . implode("&", $requestParams), "icon" => "mimetypes/x-office-calendar.png"))); } else { $requestParams = array(); foreach (CRequest::getGlobalRequestVariables()->getItems() as $key => $value) { $requestParams[] = $key . "=" . $value; } $requestParams[] = "isArchive=1"; $this->addActionsMenuItem(array(array("title" => "Архив", "link" => "?" . implode("&", $requestParams), "icon" => "devices/media-floppy.png"))); } $usersQuery = new CQuery(); $usersQuery->select("user.*")->from(TABLE_USERS . " as user")->order("user.fio asc")->innerJoin(TABLE_QUESTION_TO_USERS . " as quest", "user.id = quest.user_id"); $users = array(); foreach ($usersQuery->execute()->getItems() as $ar) { $user = new CUser(new CActiveRecord($ar)); $users[$user->getId()] = $user->getName(); } $this->setData("isArchive", $isArchive); $this->setData("showAll", $showAll); $this->setData("quests", $quests); $this->setData("users", $users); $this->setData("selectedUser", $selectedUser); $this->setData("paginator", $set->getPaginator()); $this->renderView("_question_answ/index.tpl"); }