/**
* Store a newly created resource in storage.
* POST /admin.permissions
*
* @return Response
*/
public function store()
{
//Asignamos los valores del post a la instancia.
$this->permission = new Permission();
//Si no es posible guardar la instancia mandamos errores
if (!$this->permission->save()) {
//dd($this->permission->errors()->all());
return Redirect::back()->withErrors($this->permission->errors());
}
//Se han guardado los valores, expresamos al usuario nuestra felicidad al respecto.
return Redirect::to('admin/permission/create')->with('success', '¡Se ha creado correctamente el permiso: ' . $this->permission->name . " !");
}
/**
* Grants access to an user over a resource.
*
* @param string $subj_type
* @param number $subj_id
* @param string $rule_name
* @param string $obj_type
* @param number $obj_id
* @return boolean
*/
public static function grantAccess($subj_type, $subj_id, $rule_name, $obj_type = null, $obj_id = null)
{
$ret_val = false;
if (isset($subj_type) && isset($subj_id) && isset($rule_name)) {
$rule = Rule::model()->findByAttributes(array('name' => $rule_name));
if (isset($rule)) {
$attr['subject_type'] = $subj_type;
$attr['subject_id'] = $subj_id;
$attr['rule_id'] = $rule->id;
$attr['object_type'] = isset($obj_type) ? $obj_type : null;
$attr['object_id'] = isset($obj_id) ? $obj_id : null;
$found = Permission::model()->findByAttributes($attr);
if (!isset($found)) {
$obj_perm = new Permission();
$obj_perm->subject_type = $subj_type;
$obj_perm->subject_id = $subj_id;
$obj_perm->rule_id = $rule->id;
$obj_perm->object_type = isset($obj_type) ? $obj_type : null;
$obj_perm->object_id = isset($obj_id) ? $obj_id : null;
if ($obj_perm->save()) {
$ret_val = true;
}
}
}
}
return $ret_val;
}
public function run()
{
$ver_usuarios = new Permission();
$ver_usuarios->name = 'ver_usuarios';
$ver_usuarios->display_name = 'ver usuarios';
$ver_usuarios->save();
$ver_roles = new Permission();
$ver_roles->name = 'ver_roles';
$ver_roles->display_name = 'ver roles';
$ver_roles->save();
$crear_roles = new Permission();
$crear_roles->name = 'crear_roles';
$crear_roles->display_name = 'crear roles';
$crear_roles->save();
$crear_usuarios = new Permission();
$crear_usuarios->name = 'crear_usuarios';
$crear_usuarios->display_name = 'crear usuarios';
$crear_usuarios->save();
$editar_roles = new Permission();
$editar_roles->name = 'editar_roles';
$editar_roles->display_name = 'editar roles';
$editar_roles->save();
$editar_usuarios = new Permission();
$editar_usuarios->name = 'editar_usuarios';
$editar_usuarios->display_name = 'editar usuarios';
$editar_usuarios->save();
$eliminar_usuarios = new Permission();
$eliminar_usuarios->name = 'eliminar_usuarios';
$eliminar_usuarios->display_name = 'eliminar usuarios';
$eliminar_usuarios->save();
$eliminar_roles = new Permission();
$eliminar_roles->name = 'eliminar_roles';
$eliminar_roles->display_name = 'eliminar roles';
$eliminar_roles->save();
}
/**
* Show the form for creating a new resource.
*
* @return Response
*/
public function createPermission()
{
$input = array('modulename' => Input::get('modulename'));
$validator = Validator::make($input, array('modulename' => 'required'));
// process the login
if ($validator->fails()) {
return Redirect::action('PermissionController@create')->withErrors($validator);
} else {
$module = Input::get('modulename');
$permission = new Permission();
$permission->modulename = strtolower(Input::get('modulename'));
$permission->permissions = Input::get('permissions');
$c = array();
$perms_array = $permission->permissions;
$c = explode(',', $perms_array);
$perm = '';
foreach ($c as $key => $value) {
$val = '"' . $permission->modulename . '.' . $c[$key] . '"';
$perm .= $val . ', ';
}
$perm2 = rtrim($perm, ", ");
$perm3 = '[' . $perm2 . ']';
//echo $perm3;
$permission->permissions = $perm3;
$permission->save();
return Redirect::action('PermissionController@index')->with('success', Lang::get('permissions.create_success'));
}
}
public function run()
{
if (file_exists(app_path() . '/config/creds.yml')) {
$creds = yaml_parse_file(app_path() . '/config/creds.yml');
} else {
$creds = array('admin_email' => '*****@*****.**');
}
$admin = new Role();
$admin->name = 'Admin';
$admin->save();
$independent_sponsor = new Role();
$independent_sponsor->name = 'Independent Sponsor';
$independent_sponsor->save();
$permIds = array();
foreach ($this->adminPermissions as $permClass => $data) {
$perm = new Permission();
foreach ($data as $key => $val) {
$perm->{$key} = $val;
}
$perm->save();
$permIds[] = $perm->id;
}
$admin->perms()->sync($permIds);
$user = User::where('email', '=', $creds['admin_email'])->first();
$user->attachRole($admin);
$createDocPerm = new Permission();
$createDocPerm->name = "independent_sponsor_create_doc";
$createDocPerm->display_name = "Independent Sponsoring";
$createDocPerm->save();
$independent_sponsor->perms()->sync(array($createDocPerm->id));
}
/**
* Displays a particular model.
* @param integer $id the ID of the model to be displayed
*/
public function actionSetpermission()
{
// echo "set permission";
$user = $_REQUEST['user'];
$permission_id = $_REQUEST['per_id'];
$bool = $_REQUEST['bool'];
echo $bool;
if ($bool == "true") {
$bool = 1;
} else {
$bool = 0;
}
// $ = $_REQUEST['per_id'];
$model = Permission::model()->count("username = '******' and permission_id = '{$permission_id}' ");
if ($model == 0) {
$p = new Permission();
$p->username = $user;
$p->permission_id = $permission_id;
$p->status = 1;
if ($p->save()) {
echo "added";
} else {
print_r($p->getErrors());
}
} else {
$p = Permission::model()->find("username = '******' and permission_id = '{$permission_id}' ");
$p->status = $bool;
if ($p->save()) {
echo "updated";
} else {
print_r($p->getErrors());
}
}
}
public function run()
{
$adminEmail = Config::get('madison.seeder.admin_email');
$admin = new Role();
$admin->name = 'Admin';
$admin->save();
$independent_sponsor = new Role();
$independent_sponsor->name = 'Independent Sponsor';
$independent_sponsor->save();
$permIds = array();
foreach ($this->adminPermissions as $permClass => $data) {
$perm = new Permission();
foreach ($data as $key => $val) {
$perm->{$key} = $val;
}
$perm->save();
$permIds[] = $perm->id;
}
$admin->perms()->sync($permIds);
$user = User::where('email', '=', $adminEmail)->first();
$user->attachRole($admin);
$createDocPerm = new Permission();
$createDocPerm->name = "independent_sponsor_create_doc";
$createDocPerm->display_name = "Independent Sponsoring";
$createDocPerm->save();
$independent_sponsor->perms()->sync(array($createDocPerm->id));
}
public function save($id = FALSE)
{
if ($_POST) {
$user_type = new User_type($id);
$user_type->from_array($_POST);
$user_type->save();
foreach ($user_type->permission as $item) {
$item->delete();
}
if (isset($_POST['checkbox'])) {
foreach ($_POST['checkbox'] as $module => $item) {
$data['user_type_id'] = $user_type->id;
$data['module'] = $module;
foreach ($item as $perm => $val) {
$data[$perm] = $val;
}
$permission = new Permission();
$permission->from_array($data);
$permission->save();
$data = array();
}
}
set_notify('success', lang('save_data_complete'));
}
//redirect('permissions/admin/permissions');
redirect($_SERVER['HTTP_REFERER']);
}
function _savePermissions($setting_values)
{
$newGroup = new Permission($this->dbcon);
foreach ($setting_values as $perid) {
$newGroup->dropID();
$newGroup->setData(array('perid' => $perid, 'groupid' => $this->id));
$newGroup->save();
}
}
public function createRbacRules()
{
$this->destroyRbacRules();
$ownerRole = new Role();
$ownerRole->name = "group_{$this->id}_owner";
$ownerRole->save();
$permissions = $this->getPermissionsArray();
$permIds = array();
$permLookup = array();
foreach ($permissions as $perm) {
$permModel = new Permission();
foreach ($perm as $key => $val) {
$permModel->{$key} = $val;
}
$permModel->save();
$permIds[] = $permModel->id;
switch ($perm['name']) {
case "group_{$this->id}_create_document":
$permLookup['create'] = $permModel->id;
break;
case "group_{$this->id}_edit_document":
$permLookup['edit'] = $permModel->id;
break;
case "group_{$this->id}_delete_document":
$permLookup['delete'] = $permModel->id;
break;
case "group_{$this->id}_manage_document":
$permLookup['manage'] = $permModel->id;
break;
}
}
$ownerRole->perms()->sync($permIds);
$editorRole = new Role();
$editorRole->name = "group_{$this->id}_editor";
$editorRole->save();
$editorRole->perms()->sync(array($permLookup['create'], $permLookup['edit'], $permLookup['manage']));
$staffRole = new Role();
$staffRole->name = "group_{$this->id}_staff";
$staffRole->save();
$users = array(static::ROLE_OWNER => $this->findUsersByRole(static::ROLE_OWNER), static::ROLE_EDITOR => $this->findUsersByRole(static::ROLE_EDITOR), static::ROLE_STAFF => $this->findUsersByRole(static::ROLE_STAFF));
foreach ($users as $role => $userList) {
foreach ($userList as $userObj) {
switch ($role) {
case static::ROLE_OWNER:
$userObj->attachRole($ownerRole);
break;
case static::ROLE_EDITOR:
$userObj->attachRole($editorRole);
break;
case static::ROLE_STAFF:
$userObj->attachRole($staffRole);
break;
}
}
}
}
/**
* @param string $sourceName
* @param int $sourceId
* @param string $targetName
* @param int $targetId
* @param string $permission
* @return bool Whether the permission record was saved successfully.
*/
protected function grantInternal($sourceName, $sourceId, $targetName, $targetId, $permission)
{
$perm = new Permission();
$perm->source = $sourceName;
$perm->source_id = $sourceId;
$perm->target = $targetName;
$perm->target_id = $targetId;
$perm->permission = $permission;
return $perm->save();
}
/**
* Store a newly created resource in storage.
* POST /permissions
*
* @return Response
*/
public function store()
{
$permission = new Permission();
$permission->name = Input::get('name');
$permission->display_name = Input::get('display_name');
if ($permission->save()) {
return Redirect::back()->with('permissions-notice', '"' . Input::get('display_name') . '" has been created.');
} else {
return Redirect::back()->with('permissions-errors', $permission->errors());
}
}
/**
* Store a newly created resource in storage.
*
* @return Response
*/
public function store()
{
$permission = new Permission();
$permission->perm_name = Input::get('perm_name');
$permission->perm_key = Input::get('perm_key');
$permission->visible = Input::get('visible');
$permission->date_created = new DateTime();
$permission->save();
$message = 'Permission has been created';
return Redirect::action('settings.permission')->with('success', $message);
}
public function run()
{
/**
* ------------------------ Role Definitions ------------------------
*/
$admin = new Role();
$admin->name = 'administrator';
$admin->display_name = 'Administrator';
$admin->description = 'master admin';
$admin->save();
$user = new Role();
$user->name = 'user';
$user->display_name = 'User';
$user->description = 'Generic user';
$user->save();
/**
* --------------------- Permission Definitions ---------------------
*/
$editAllPosts = new Permission();
$editAllPosts->name = 'edit_all_posts';
$editAllPosts->display_name = 'Can Edit All Posts';
$editAllPosts->description = 'permission for the master admin to be able to edit all posts';
$editAllPosts->save();
$editAllUsers = new Permission();
$editAllUsers->name = 'edit_all_users';
$editAllUsers->display_name = 'Can Edit All Users';
$editAllUsers->description = 'Able to edit all user profiles and information';
$editAllUsers->save();
$editAllRoles = new Permission();
$editAllRoles->name = 'edit_all_roles';
$editAllRoles->display_name = 'Can Edit All Roles';
$editAllRoles->description = 'Able to add or remove any role for any user';
$editAllRoles->save();
$editOwnPosts = new Permission();
$editOwnPosts->name = 'edit_own_posts';
$editOwnPosts->display_name = 'Can Edit Own Posts';
$editOwnPosts->description = 'Users can edit their own posts';
$editOwnPosts->save();
$editOwnProfile = new Permission();
$editOwnProfile->name = 'edit_own_profile';
$editOwnProfile->display_name = 'Can Edit Own Profile';
$editOwnProfile->description = 'Users can edit their own profiles';
$editOwnProfile->save();
$createPost = new Permission();
$createPost->name = 'create_post';
$createPost->display_name = 'Can Create Post';
$createPost->description = 'Able to create a post';
$createPost->save();
/**
* ----------------------- Attatch Permissions -----------------------
*/
$admin->attatchPermissions([$editAllPosts, $editAllUsers, $editAllRoles, $editOwnPosts, $editOwnProfile, $createPost]);
$user->attatchPermissions([$editOwnPosts, $editOwnProfile, $createPost]);
}
/**
* Performs the work of inserting or updating the row in the database.
*
* If the object is new, it inserts it; otherwise an update is performed.
* All related objects are also updated in this method.
*
* @param PropelPDO $con
* @return int The number of rows affected by this insert/update and any referring fk objects' save() operations.
* @throws PropelException
* @see save()
*/
protected function doSave(PropelPDO $con)
{
$affectedRows = 0;
// initialize var to track total num of affected rows
if (!$this->alreadyInSave) {
$this->alreadyInSave = true;
// We call the save method on the following object(s) if they
// were passed to this object by their coresponding set
// method. This object relates to these object(s) by a
// foreign key reference.
if ($this->aPermission !== null) {
if ($this->aPermission->isModified() || $this->aPermission->isNew()) {
$affectedRows += $this->aPermission->save($con);
}
$this->setPermission($this->aPermission);
}
if ($this->aPermissionItem !== null) {
if ($this->aPermissionItem->isModified() || $this->aPermissionItem->isNew()) {
$affectedRows += $this->aPermissionItem->save($con);
}
$this->setPermissionItem($this->aPermissionItem);
}
if ($this->isNew()) {
$this->modifiedColumns[] = PermissionToPermissionItemPeer::ID;
}
// If this object has been modified, then save it to the database.
$this->objectSaved = false;
if ($this->isModified()) {
if ($this->isNew()) {
$pk = PermissionToPermissionItemPeer::doInsert($this, $con);
$affectedRows += 1;
// we are assuming that there is only 1 row per doInsert() which
// should always be true here (even though technically
// BasePeer::doInsert() can insert multiple rows).
$this->setId($pk);
//[IMV] update autoincrement primary key
$this->setNew(false);
$this->objectSaved = true;
} else {
$affectedObjects = PermissionToPermissionItemPeer::doUpdate($this, $con);
if ($affectedObjects) {
$this->objectSaved = true;
}
$affectedRows += $affectedObjects;
}
$this->resetModified();
// [HL] After being saved an object is no longer 'modified'
}
$this->alreadyInSave = false;
}
return $affectedRows;
}
public function run()
{
DB::table('permissions')->delete();
//Permission 1
$manageUsers = new Permission();
$manageUsers->name = 'manage_users';
$manageUsers->display_name = 'Manage Users';
$manageUsers->save();
DB::table('permission_role')->delete();
//Role ID 1 and 2 are admin and user respectively.
$permissions = array(array('role_id' => 1, 'permission_id' => 1));
DB::table('permission_role')->insert($permissions);
}
public static function get_or_create($name, $codename, $contentType)
{
$q = Doctrine_Query::create()->from('Permission o')->where('o.codename = ? AND o.content_type_id = ?', array($codename, $contentType));
$permission = $q->fetchOne();
if (!$permission) {
$permission = new Permission();
$permission->content_type_id = $contentType;
$permission->codename = $codename;
$permission->name = $name;
$permission->save();
}
return $permission;
}
public function run()
{
$managePages = new Permission();
$managePages->name = 'manage_pages';
$managePages->display_name = 'Manage Pages';
$managePages->save();
$manageUsers = new Permission();
$manageUsers->name = 'manage_users';
$manageUsers->display_name = 'Manage Users';
$manageUsers->save();
$manageSermons = new Permission();
$manageSermons->name = 'manage_sermons';
$manageSermons->display_name = 'Manage Sermons';
$manageSermons->save();
}
public function postSavePermissions(Request $request)
{
//return $request->all();
$permissions = $request->get('permissions');
Permission::truncate();
foreach ($permissions as $role => $perms) {
foreach ($perms as $perm) {
$permission = new Permission();
$permission->roles_id = Role::where('name', $role)->first()->id;
$permission->route = $perm;
$permission->save();
}
}
return back();
}
/**
* Store a newly created resource in storage.
*
* @return Response
*/
public function store()
{
//
try {
$permission = new Permission();
$permission->name = Input::get('name');
$permission->title = Input::get('title');
$permission->status = Input::get('status');
$permission->sort = Permission::max('sort') + 1;
$permission->save();
return Redirect::route('admin.permissions.index');
} catch (Exception $e) {
return Redirect::back()->withInput()->withErrors('新增失敗');
}
}
/**
* Store a newly created permission in storage.
*
* @return Response
*/
public function store()
{
if (!Permission::canCreate()) {
return _access_denied();
}
Permission::setRules('store');
$permission = new Permission();
$permission->fill(Input::all());
if (!$permission->save()) {
return $this->_validation_error($permission);
}
if (Request::ajax()) {
return Response::json($permission, 201);
}
return Redirect::route('permissions.index')->with('notification:success', $this->created_message);
}
final public static function createPermissions( $permissions ) {
foreach ( explode(',', $permissions) as $permission ) {
$permission = trim($permission);
if ( ! Permission::findByName($permission) ) {
$p = new Permission( array('name'=>$permission) );
if ( ! $p->save() ) return self::__ERROR( __('Could not create Permission') . ': ' . $permission );
}
}
return true;
}
public function run()
{
DB::table('permissions')->delete();
$addUser = new Permission();
$addUser->name = 'add-user';
$addUser->display_name = 'Add Users';
// optional
// Allow a user to...
$addUser->description = 'Add new users';
// optional
$addUser->save();
$editUser = new Permission();
$editUser->name = 'edit-user';
$editUser->display_name = 'Edit Users';
// optional
// Allow a user to...
$editUser->description = 'Edit users already in the system';
// optional
$editUser->save();
$addAnimal = new Permission();
$addAnimal->name = 'add-animal';
$addAnimal->display_name = 'Add Animals';
// optional
// Allow a user to...
$addAnimal->description = 'Add animals to the inventory';
// optional
$addAnimal->save();
$editAnimal = new Permission();
$editAnimal->name = 'edit-animal';
$editAnimal->display_name = 'Edit Animals';
// optional
// Allow a user to...
$editAnimal->description = 'Edit animals already in the inventory';
// optional
$editAnimal->save();
$admin = Role::where('name', '=', 'admin')->first();
$admin->attachPermissions(array($addUser, $editUser, $addAnimal, $editAnimal));
$intakeCoordinator = Role::where('name', '=', 'intake_coordinator')->first();
$intakeCoordinator->attachPermissions(array($addAnimal, $editAnimal));
$fosterCoordinator = Role::where('name', '=', 'foster_coordinator')->first();
$fosterCoordinator->attachPermissions(array($addUser, $editUser));
$medicalCoordinator = Role::where('name', '=', 'medical_coordinator')->first();
$medicalCoordinator->attachPermissions(array($addAnimal, $editAnimal));
$fosterLiaison = Role::where('name', '=', 'foster_liaison')->first();
$fosterLiaison->attachPermissions(array($addAnimal, $editAnimal));
}
/**
* Run the migrations.
*/
public function up()
{
// Creates the users table
Schema::create('users', function ($table) {
$table->increments('id');
$table->string('username')->unique();
$table->string('email')->unique();
$table->string('password');
$table->string('confirmation_code');
$table->string('remember_token')->nullable();
$table->boolean('confirmed')->default(false);
$table->timestamps();
});
// Creates password reminders table
Schema::create('password_reminders', function ($table) {
$table->string('email');
$table->string('token');
$table->timestamp('created_at');
});
$admin = new Role();
$admin->name = 'Admin';
$admin->save();
$user = new Role();
$user->name = 'User';
$user->save();
$read = new Permission();
$read->name = 'can_read';
$read->display_name = 'Can Read Data';
$read->save();
$edit = new Permission();
$edit->name = 'can_edit';
$edit->display_name = 'Can Edit Data';
$edit->save();
$user->attachPermission($read);
$admin->attachPermission($read);
$admin->attachPermission($edit);
// print_r($userRole);
// die();
$user1 = User::where('username', '=', 'admin')->first();
$user1->roles()->attach($admin);
$user2 = User::where('username', '!=', 'admin')->first();
$user2->roles()->attach($user);
return Redirect::action('home');
}
public function run()
{
// Uncomment the below to wipe the table clean before populating
DB::statement('SET FOREIGN_KEY_CHECKS=0;');
DB::table('roles')->truncate();
$godRole = new Role();
$godRole->name = 'god';
$godRole->save();
$superadminRole = new Role();
$superadminRole->name = 'superadmin';
$superadminRole->save();
$adminRole = new Role();
$adminRole->name = 'admin';
$adminRole->save();
$userRole = new Role();
$userRole->name = 'user';
$userRole->save();
$god = User::where('username', '=', 'admin')->first();
$god->attachRole($godRole);
DB::table('permissions')->truncate();
$manageGods = new Permission();
$manageGods->name = 'manage_gods';
$manageGods->display_name = 'Manage Gods';
$manageGods->save();
$manageSuperadmins = new Permission();
$manageSuperadmins->name = 'manage_superadmins';
$manageSuperadmins->display_name = 'Manage Superadmins';
$manageSuperadmins->save();
$manageAdmins = new Permission();
$manageAdmins->name = 'manage_admins';
$manageAdmins->display_name = 'Manage Admins';
$manageAdmins->save();
$manageUsers = new Permission();
$manageUsers->name = 'manage_users';
$manageUsers->display_name = 'Manage Users';
$manageUsers->save();
$godRole->perms()->sync(array($manageGods->id, $manageSuperadmins->id, $manageAdmins->id, $manageUsers->id));
$superadminRole->perms()->sync(array($manageSuperadmins->id, $manageAdmins->id, $manageUsers->id));
$adminRole->perms()->sync(array($manageAdmins->id, $manageUsers->id));
DB::statement('SET FOREIGN_KEY_CHECKS=1;');
}
/**
* Store a newly created resource in storage.
*
* @return Response
*/
public function store()
{
$owner = new Role();
$owner->name = 'owner';
$owner->display_name = 'Project Owner';
// optional
$owner->description = 'User is the owner of a given project';
// optional
$owner->save();
$admin = new Role();
$admin->name = 'admin';
$admin->display_name = 'User Administrator';
// optional
$admin->description = 'User is allowed to manage and edit other users';
// optional
$admin->save();
$user = User::whereEMail('*****@*****.**')->first();
// role attach alias
$user->attachRole($admin);
$printReciept = new Permission();
$printReciept->name = 'print-reciept';
$printReciept->display_name = 'Create Posts';
// optional
// Allow a user to...
$printReciept->description = 'create new blog posts';
// optional
$printReciept->save();
$editUser = new Permission();
$editUser->name = 'edit-user';
$editUser->display_name = 'Edit Users';
// optional
// Allow a user to...
$editUser->description = 'edit existing users';
// optional
$editUser->save();
$admin->attachPermission($createPost);
// equivalent to $admin->perms()->sync(array($createPost->id));
$owner->attachPermissions(array($createPost, $editUser));
}
public function grantPermission()
{
$user_id = Input::get("user");
$permission_id = Input::get("permission");
$user = User::find($user_id);
$permission = PermissionDefinition::find($permission_id);
if ($user) {
if ($permission) {
if (!Permission::where(['permission_id' => $permission_id, 'user_id' => $user_id])->exists()) {
$new_permission = new Permission();
$new_permission->permission_id = $permission_id;
$new_permission->user_id = $user_id;
$new_permission->save();
}
Cache::forget('user-storyteller-' . $user_id);
return Redirect::to('/dashboard/storyteller/manage/permissions');
} else {
return Response::json(['success' => false, 'message' => 'Invalid permission definition.']);
}
} else {
return Response::json(['success' => false, 'message' => 'Invalid user.']);
}
}
public function setupFoundorAndBaseRolsPermission()
{
// Create Roles
$founder = new Role();
$founder->name = 'Founder';
$founder->save();
$admin = new Role();
$admin->name = 'Admin';
$admin->save();
// Create User
$user = User::create(['github_id' => 324764, 'github_url' => 'https://github.com/summerblue', 'name' => 'summerblue']);
// Attach Roles to user
$user->roles()->attach($founder->id);
// Create Permissions
$manageTopics = new Permission();
$manageTopics->name = 'manage_topics';
$manageTopics->display_name = 'Manage Topics';
$manageTopics->save();
$manageUsers = new Permission();
$manageUsers->name = 'manage_users';
$manageUsers->display_name = 'Manage Users';
$manageUsers->save();
// Assign Permission to Role
$founder->perms()->sync([$manageTopics->id, $manageUsers->id]);
$admin->perms()->sync([$manageTopics->id]);
}
$dryRun = false;
}
//------------------------------------------------------
require_once dirname(__FILE__) . '/../../../bootstrap.php';
//------------------------------------------------------
$permissionsData = array(array(-1, PermissionType::NORMAL, PermissionName::BATCH_BASE, 'Batch system permission', null), array(0, PermissionType::NORMAL, PermissionName::USER_SESSION_PERMISSION, 'User session permission', null), array(0, PermissionType::NORMAL, PermissionName::ALWAYS_ALLOWED_ACTIONS, 'No session permission', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_INGEST_UPLOAD, 'Upload', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_INGEST_BULK_UPLOAD, 'Bulk upload', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_INGEST_FEED, 'Feed subscription', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_MIX, 'Manage remix', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_BASE, 'Basic content management', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_METADATA, 'Modify metadata', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_ASSIGN_CATEGORIES, 'Assign categories', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_THUMBNAIL, 'Modify thumbnails', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_SCHEDULE, 'Modify scheduling', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_ACCESS_CONTROL, 'Modify content access control', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_CUSTOM_DATA, 'Modify custom data', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DELETE, 'Delete content', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_RECONVERT, 'Reconvert flavors', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_EDIT_CATEGORIES, 'Manage categories', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_EMBED_CODE, 'Grab embed code', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DISTRIBUTION_BASE, 'Distribution base', PermissionPeer::getPermissionNameFromPluginName(ContentDistributionPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DISTRIBUTION_WHERE, 'Where to distribute', PermissionPeer::getPermissionNameFromPluginName(ContentDistributionPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DISTRIBUTION_SEND, 'Distribution submit', PermissionPeer::getPermissionNameFromPluginName(ContentDistributionPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DISTRIBUTION_REMOVE, 'Distribution remove', PermissionPeer::getPermissionNameFromPluginName(ContentDistributionPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DISTRIBUTION_PROFILE_MODIFY, 'Distribution profile manage', PermissionPeer::getPermissionNameFromPluginName(ContentDistributionPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_VIRUS_SCAN, 'Virus scan actions', PermissionPeer::getPermissionNameFromPluginName(VirusScanPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_DOWNLOAD, 'Content download', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_ANNOTATION, 'Annotate', PermissionPeer::getPermissionNameFromPluginName(AnnotationPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MANAGE_SHARE, 'Share content', null), array(0, PermissionType::NORMAL, PermissionName::LIVE_STREAM_ADD, 'Add live streams', PermissionName::FEATURE_LIVE_STREAM), array(0, PermissionType::NORMAL, PermissionName::LIVE_STREAM_UPDATE, 'Modify live streams', PermissionName::FEATURE_LIVE_STREAM), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MODERATE_BASE, 'Basic moderation', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MODERATE_METADATA, 'Moderate metadata', null), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MODERATE_CUSTOM_DATA, 'Moderate custom data', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CONTENT_MODERATE_APPROVE_REJECT, 'Approve/Reject content', null), array(0, PermissionType::NORMAL, PermissionName::PLAYLIST_BASE, 'Playlist access', null), array(0, PermissionType::NORMAL, PermissionName::PLAYLIST_ADD, 'Add playlists', null), array(0, PermissionType::NORMAL, PermissionName::PLAYLIST_UPDATE, 'Modify playlists', null), array(0, PermissionType::NORMAL, PermissionName::PLAYLIST_DELETE, 'Delete playlists', null), array(0, PermissionType::NORMAL, PermissionName::PLAYLIST_EMBED_CODE, 'Grab playlist embed code', null), array(0, PermissionType::NORMAL, PermissionName::SYNDICATION_BASE, 'Syndication feeds access', null), array(0, PermissionType::NORMAL, PermissionName::SYNDICATION_ADD, 'Create syndication feeds', null), array(0, PermissionType::NORMAL, PermissionName::SYNDICATION_UPDATE, 'Modify syndication feeds', null), array(0, PermissionType::NORMAL, PermissionName::SYNDICATION_DELETE, 'Delete syndication feeds', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_BASE, 'Appstudio access', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_ADD_UICONF, 'Create players', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_UPDATE_UICONF, 'Modify players', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_DELETE_UICONF, 'Delete players', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_BRAND_UICONF, 'Set player branding', null), array(0, PermissionType::NORMAL, PermissionName::STUDIO_SELECT_CONTENT, 'Select player content', null), array(0, PermissionType::NORMAL, PermissionName::ADVERTISING_BASE, 'Advertising access', null), array(0, PermissionType::NORMAL, PermissionName::ADVERTISING_UPDATE_SETTINGS, 'Modify advertising settings', null), array(0, PermissionType::NORMAL, PermissionName::ACCOUNT_BASE, 'Account settings access', null), array(0, PermissionType::NORMAL, PermissionName::ACCOUNT_UPDATE_SETTINGS, 'Modify account settings', null), array(0, PermissionType::NORMAL, PermissionName::INTEGRATION_BASE, 'Integration settings access', null), array(0, PermissionType::NORMAL, PermissionName::INTEGRATION_UPDATE_SETTINGS, 'Modify integration settings', null), array(0, PermissionType::NORMAL, PermissionName::ACCESS_CONTROL_BASE, 'Access control profiles access', null), array(0, PermissionType::NORMAL, PermissionName::ACCESS_CONTROL_ADD, 'Create access control profiles', null), array(0, PermissionType::NORMAL, PermissionName::ACCESS_CONTROL_UPDATE, 'Modify access control profiles', null), array(0, PermissionType::NORMAL, PermissionName::ACCESS_CONTROL_DELETE, 'Delete access control profiles', null), array(0, PermissionType::NORMAL, PermissionName::TRANSCODING_BASE, 'Transcoding profiles access', null), array(0, PermissionType::NORMAL, PermissionName::TRANSCODING_ADD, 'Create transcoding profiles', null), array(0, PermissionType::NORMAL, PermissionName::TRANSCODING_UPDATE, 'Modify transcoding profiles', null), array(0, PermissionType::NORMAL, PermissionName::TRANSCODING_DELETE, 'Delete transcoding profiles', null), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_PROFILE_BASE, 'Custom data access', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_PROFILE_ADD, 'Create custom data', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_PROFILE_UPDATE, 'Modify custom data', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_PROFILE_DELETE, 'Delete custom data', PermissionPeer::getPermissionNameFromPluginName(MetadataPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::ADMIN_BASE, 'Administration settings access', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_USER_ADD, 'Add users', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_USER_UPDATE, 'Modify users', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_USER_DELETE, 'Delete users', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_ROLE_ADD, 'Add roles', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_ROLE_UPDATE, 'Modify roles', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_ROLE_DELETE, 'Delete roles', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_PUBLISHER_MANAGE, 'Manage publishers', null), array(0, PermissionType::NORMAL, PermissionName::ADMIN_WHITE_BRANDING, 'Manage whitebranding', null), array(0, PermissionType::NORMAL, PermissionName::ANALYTICS_BASE, 'Analytics access', PermissionName::FEATURE_ANALYTICS_TAB), array(0, PermissionType::NORMAL, PermissionName::WIDGET_ADMIN, 'Widget admin', null), array(0, PermissionType::NORMAL, PermissionName::ANALYTICS_SEND_DATA, 'Send analytics data', null), array(0, PermissionType::NORMAL, PermissionName::WIDGET_ADMIN, 'Widget admin', null), array(0, PermissionType::NORMAL, PermissionName::SEARCH_SERVICE, 'Search service', null), array(0, PermissionType::NORMAL, PermissionName::ANALYTICS_SEND_DATA, 'Send analytics data', null), array(0, PermissionType::NORMAL, PermissionName::AUDIT_TRAIL_BASE, 'Audit trail base', PermissionPeer::getPermissionNameFromPluginName(AuditPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::AUDIT_TRAIL_ADD, 'Audit trail add', PermissionPeer::getPermissionNameFromPluginName(AuditPlugin::getPluginName())), array(0, PermissionType::NORMAL, PermissionName::KMC_ACCESS, 'KMC access', null), array(0, PermissionType::NORMAL, PermissionName::KMC_READ_ONLY, 'KMC access', PermissionName::KMC_ACCESS), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_FIELD_ADD, 'Add custom data field', null), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_FIELD_UPDATE, 'Update custom data field', null), array(0, PermissionType::NORMAL, PermissionName::CUSTOM_DATA_FIELD_DELETE, 'Delete custom data field', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_BASE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_BASE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_KMC_ACCESS, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_CONFIG, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_BLOCK, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_REMOVE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_ADD, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PUBLISHER_USAGE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_USER_MANAGE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_SYSTEM_MONITOR, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_DEVELOPERS_TAB, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_BATCH_CONTROL, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_BATCH_CONTROL_INPROGRESS, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_BATCH_CONTROL_FAILED, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_BATCH_CONTROL_SETUP, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_STORAGE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_VIRUS_SCAN, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_EMAIL_INGESTION, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_CONTENT_DISTRIBUTION_BASE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_CONTENT_DISTRIBUTION_MODIFY, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_PERMISSIONS_MANAGE, 'Base system admin permission', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_INTERNAL, 'System internal actions', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_ADMIN_ENTRY_INVESTIGATION, 'Entry investigation', null), array(-2, PermissionType::NORMAL, PermissionName::SYSTEM_FILESYNC, 'Filesync actions', null), array(99, PermissionType::SPECIAL_FEATURE, PermissionName::FEATURE_PS2_PERMISSIONS_VALIDATION, 'PS2 permissions validation', null));
//------------------------------------------------------
$allPermissions = array();
foreach ($permissionsData as $data) {
$permission = new Permission();
$permission->setPartnerId($data[0]);
$permission->setType($data[1]);
$permission->setName($data[2]);
$permission->setFriendlyName($data[3]);
$permission->setDependsOnPermissionNames($data[4]);
$permission->setStatus(PermissionStatus::ACTIVE);
$allPermissions[] = $permission;
}
//------------------------------------------------------
foreach ($allPermissions as $permission) {
if ($dryRun) {
KalturaLog::log('DRY RUN - Adding new permission [' . $permission->getName() . '] to partner [' . $permission->getPartnerId() . ']');
} else {
KalturaLog::log('Adding new permission [' . $permission->getName() . '] to partner [' . $permission->getPartnerId() . ']');
$permission->save();
}
}
$msg = 'Done - ' . ($dryRun ? 'DRY RUN!' : 'REAL RUN!');
KalturaLog::log($msg);
echo $msg;
//------------------------------------------------------
public function actionUpdatepermission()
{
$count = Permission::model()->count("username='******'username']}' and permission_id={$_REQUEST['permission_id']}");
if ($count == 0) {
$p = new Permission();
$p->username = $_REQUEST['username'];
$p->permission_id = $_REQUEST['permission_id'];
$p->status = 1;
if ($p->save()) {
echo "sukses";
} else {
print_r($p->getErrors());
}
} else {
if ($count >= 1) {
$p = Permission::model()->find("username='******'username']}' and permission_id={$_REQUEST['permission_id']}");
$p->delete();
// echo "delete sukse";
}
}
}
