function getRoleAction()
{
$translate = DevblocksPlatform::getTranslationService();
$worker = CerberusApplication::getActiveWorker();
if (!$worker || !$worker->is_superuser) {
echo $translate->_('common.access_denied');
return;
}
@($id = DevblocksPlatform::importGPC($_REQUEST['id']));
$tpl = DevblocksPlatform::getTemplateService();
$tpl->assign('path', $this->_TPL_PATH);
$plugins = DevblocksPlatform::getPluginRegistry();
$tpl->assign('plugins', $plugins);
$acl = DevblocksPlatform::getAclRegistry();
$tpl->assign('acl', $acl);
$workers = DAO_Worker::getAllActive();
$tpl->assign('workers', $workers);
$role = DAO_WorkerRole::get($id);
$tpl->assign('role', $role);
$role_privs = DAO_WorkerRole::getRolePrivileges($id);
$tpl->assign('role_privs', $role_privs);
$role_roster = DAO_WorkerRole::getRoleWorkers($id);
$tpl->assign('role_workers', $role_roster);
$tpl->assign('license', CerberusLicense::getInstance());
$tpl->display('file:' . $this->_TPL_PATH . 'configuration/tabs/acl/edit_role.tpl');
}
/**
* @param integer $role_id
* @param array $privileges
* @param boolean $replace
*/
static function setRolePrivileges($role_id, $privileges)
{
if (!is_array($privileges)) {
$privileges = array($privileges);
}
$db = DevblocksPlatform::getDatabaseService();
if (empty($role_id)) {
return;
}
// Wipe all privileges on blank replace
$sql = sprintf("DELETE FROM worker_role_acl WHERE role_id = %d", $role_id);
$db->Execute($sql);
// Load entire ACL list
$acl = DevblocksPlatform::getAclRegistry();
// Set ACLs according to the new master list
if (!empty($privileges) && !empty($acl)) {
foreach ($privileges as $priv) {
/* @var $priv DevblocksAclPrivilege */
$sql = sprintf("INSERT INTO worker_role_acl (role_id, priv_id, has_priv) " . "VALUES (%d, %s, %d)", $role_id, $db->qstr($priv), 1);
$db->Execute($sql);
}
}
unset($privileges);
self::clearCache();
}
