/**
* Edit access.
*
* @param int $id Identity.
*
* @return ResponseInterface|mixed|void
*
* @Route("/edit/{id:[a-zA-Z_-]+}", methods={"GET", "POST"}, name="admin-access-edit")
*/
public function editAction($id)
{
// Normalize id.
$urlId = $id;
$id = str_replace('_', '\\', $id);
// Check current role change request.
$changeRole = $this->request->get('role');
if ($changeRole !== null) {
$this->session->set('admin-current-role', $changeRole);
return $this->response->redirect(['for' => 'admin-access-edit', 'id' => $urlId]);
}
$resources = $this->core->acl()->getResources();
$resourceFound = false;
foreach ($resources as $resource) {
if ($resource->getName() == $id) {
$resourceFound = true;
break;
}
}
if (!$resourceFound) {
return $this->response->redirect(['for' => 'admin-access']);
}
// get all roles and current
$roles = Role::find();
$currentRole = $this->session->get('admin-current-role');
$currentRole = Role::findFirst($currentRole);
if (!$currentRole) {
$currentRole = Role::getRoleByType(Acl::DEFAULT_ROLE_ADMIN);
}
$objectAcl = $this->core->acl()->getObject($id);
$form = $this->_getForm($objectAcl, $currentRole);
$this->view->currentObject = $id;
$this->view->form = $form;
$this->view->roles = $roles;
$this->view->currentRole = $currentRole;
if (!$this->request->isPost() || !$form->isValid()) {
return;
}
$data = $form->getValues();
// save actions
foreach ($objectAcl->actions as $action) {
$result = Access::findFirst(["conditions" => "object = ?1 AND action = ?2 AND role_id = ?3", "bind" => [1 => $id, 2 => $action, 3 => $currentRole->id]]);
if (!$result) {
$result = new Access();
$result->object = $id;
$result->action = $action;
$result->role_id = $currentRole->id;
}
if (empty($data[$action])) {
$result->value = 'deny';
} else {
$result->value = 'allow';
}
$result->save();
}
//save options
foreach ($objectAcl->options as $options) {
$result = Access::findFirst(["conditions" => "object = ?1 AND action = ?2 AND role_id = ?3", "bind" => [1 => $id, 2 => $options, 3 => $currentRole->id]]);
if (!$result) {
$result = new Access();
$result->object = $id;
$result->action = $options;
$result->role_id = $currentRole->id;
}
if (empty($data[$options])) {
$data[$options] = null;
}
$result->value = $data[$options];
$result->save();
}
$this->core->acl()->clearAcl();
$this->flash->success('Settings saved!');
}
/**
* Get default guest role.
*
* @return Role
*/
public static function getDefaultRole()
{
$role = Role::findFirst(["is_default = 1", 'cache' => ['key' => self::CACHE_KEY_ROLE_DEFAULT]]);
if (!$role) {
$role = new Role();
$role->name = "User";
$role->description = 'Default user role.';
$role->type = 'user';
$role->undeletable = 1;
$role->save();
}
return $role;
}
/**
* Delete role.
*
* @param int $id Role identity.
*
* @return mixed
*
* @Get("/roles-delete/{id:[0-9]+}", name="admin-roles-delete")
*/
public function rolesDeleteAction($id)
{
$item = Role::findFirst($id);
if ($item) {
if ($item->is_default) {
$anotherRole = Role::findFirst();
if ($anotherRole) {
$anotherRole->is_default = 1;
$anotherRole->save();
}
}
if ($item->delete()) {
$this->flashSession->notice('Object deleted!');
} else {
$this->flashSession->error($item->getMessages());
}
}
return $this->response->redirect(['for' => 'admin-users-roles']);
}
