/**
  * check if a valid role Id is given. if not throw an exception
  *
  * @access private
  * @throws Exception if no valid id is given
  * @return integer the Id
  */
 private function checkRoleIdParam()
 {
     $id = $this->getRequest()->getParam('id');
     if ($id === NULL || is_numeric($id) === FALSE || $this->dbRole->find($id)->count() === 0) {
         throw new Admin_Model_Acl_Exception('Invalid or no Id Parameter given');
     }
     return (int) $id;
 }
 /**
  * Save the Permission for an action
  *
  * @return array
  */
 public function saveActionPermissionsAction()
 {
     $ruleModel = new Admin_Model_DbTable_Acl_Rule();
     $roleModel = new Admin_Model_DbTable_Acl_Role();
     $actionModel = new Admin_Model_DbTable_Acl_Action();
     $data = Zend_Json::decode($this->request->getParam('permissions', array()));
     $return = array();
     if (!is_array($data) || !empty($data['aId'])) {
         // if we have no array or the controller id is directly in the array
         // we nest the array in an array to get the foreach to work
         // extjs is sending object if only 1 row has changed and an array of object
         // if multiple changes occure
         $data = array($data);
     }
     foreach ($data as $el) {
         $role = $roleModel->find($el['roleId']);
         $action = $actionModel->find($el['aId']);
         // not an action provided or multiple controller found
         if ($action->count() !== 1) {
             continue;
         }
         // not a roleId provided or multiple roles found
         if ($role->count() !== 1) {
             continue;
         }
         $action = new Admin_Model_DbRow_Action($action->current());
         $role = new Admin_Model_DbRow_Role($role->current());
         if ($el['rule'] == Admin_Model_DbTable_Acl_Rule::RULE_DENY) {
             $rule = Admin_Model_DbTable_Acl_Rule::RULE_DB_DENY;
         } elseif ($el['rule'] == Admin_Model_DbTable_Acl_Rule::RULE_ALLOW) {
             $rule = Admin_Model_DbTable_Acl_Rule::RULE_DB_ALLOW;
         } else {
             $rule = NULL;
         }
         $ruleModel->deleteWithActionRole($action->get('id'), $role->get('id'));
         if ($rule !== NULL) {
             $permission = new Admin_Model_DbRow_Rule(array('mcId' => $action->get('mcId'), 'aId' => $action->get('id'), 'roleId' => $role->get('id'), 'rule' => $rule));
             $ruleModel->insert($permission->toDbArray());
         }
         $return[] = array('ident' => join("_", array($role->get('id'), $action->get('mcId'), $action->get('id'))), 'mcId' => $action->get('mcId'), 'aId' => $action->get('id'), 'roleName' => $role->get('name'), 'roleId' => $role->get('id'), 'rule' => $rule);
     }
     return $this->responseSuccess(array('permissions' => $return));
 }
 /**
  * change to permission for this action
  *
  * @view views/scripts/action/permission.phtml
  * @access public
  */
 public function permissionAction()
 {
     $actionRow = new Admin_Model_DbRow_Action($this->dbAction->find($this->checkActionIdParam()));
     $ctrlRow = new Admin_Model_DbRow_Controller($this->dbController->find($actionRow->get('mcId')));
     $dbRoles = new Admin_Model_DbTable_Acl_Role();
     $dbRules = new Admin_Model_DbTable_Acl_Rule();
     $roles = array();
     $rules = array();
     $allowRules = array();
     $denyRules = array();
     foreach ($dbRoles->fetchActiveRoles() as $row) {
         $roles[] = new Admin_Model_DbRow_Role($row);
     }
     foreach ($dbRules->fetchRulesForAction($actionRow->get('id')) as $row) {
         $rules[] = new Admin_Model_DbRow_Rule($row);
     }
     foreach ($rules as $rule) {
         if ($rule->get('rule') === Admin_Model_DbTable_Acl_Rule::RULE_DB_ALLOW) {
             $allowRules[] = $rule->get('roleId');
         } elseif ($rule->get('rule') === Admin_Model_DbTable_Acl_Rule::RULE_DB_DENY) {
             $denyRules[] = $rule->get('roleId');
         }
     }
     $form = new Admin_Form_Action_Permission($ctrlRow, $actionRow, $roles, $allowRules, $denyRules);
     $form->setAction('/noc/admin/action/permission');
     if ($this->getRequest()->isPost()) {
         if ($form->isValid($this->getRequest()->getParams()) && $form->hasPermissionCollision($this->getRequest()) === FALSE) {
             $dbRules->deleteByActionId($actionRow->get('id'));
             $allow = (array) $form->getElement('rolesallow')->getValue();
             $deny = (array) $form->getElement('rolesdeny')->getValue();
             foreach ($allow as $roleId) {
                 $dbRules->addRule($ctrlRow->get('id'), $actionRow->get('id'), $roleId, Admin_Model_DbTable_Acl_Rule::RULE_DB_ALLOW);
             }
             foreach ($deny as $roleId) {
                 $dbRules->addRule($ctrlRow->get('id'), $actionRow->get('id'), $roleId, Admin_Model_DbTable_Acl_Rule::RULE_DB_DENY);
             }
             $this->_redirect(sprintf('admin/action/index/control/%d/id/%d', $ctrlRow->get('id'), $actionRow->get('id')));
         } else {
             $form->addError('Mindestens eine Rolle wurde der Zugriff erlaubt und verweigert.');
         }
     }
     $this->view->form = $form;
     $this->view->controller = $ctrlRow;
 }