function getRoleAction() { $translate = DevblocksPlatform::getTranslationService(); $worker = CerberusApplication::getActiveWorker(); if (!$worker || !$worker->is_superuser) { echo $translate->_('common.access_denied'); return; } @($id = DevblocksPlatform::importGPC($_REQUEST['id'])); $tpl = DevblocksPlatform::getTemplateService(); $tpl->assign('path', $this->_TPL_PATH); $plugins = DevblocksPlatform::getPluginRegistry(); $tpl->assign('plugins', $plugins); $acl = DevblocksPlatform::getAclRegistry(); $tpl->assign('acl', $acl); $workers = DAO_Worker::getAllActive(); $tpl->assign('workers', $workers); $role = DAO_WorkerRole::get($id); $tpl->assign('role', $role); $role_privs = DAO_WorkerRole::getRolePrivileges($id); $tpl->assign('role_privs', $role_privs); $role_roster = DAO_WorkerRole::getRoleWorkers($id); $tpl->assign('role_workers', $role_roster); $tpl->assign('license', CerberusLicense::getInstance()); $tpl->display('file:' . $this->_TPL_PATH . 'configuration/tabs/acl/edit_role.tpl'); }
/** * @param integer $role_id * @param array $privileges * @param boolean $replace */ static function setRolePrivileges($role_id, $privileges) { if (!is_array($privileges)) { $privileges = array($privileges); } $db = DevblocksPlatform::getDatabaseService(); if (empty($role_id)) { return; } // Wipe all privileges on blank replace $sql = sprintf("DELETE FROM worker_role_acl WHERE role_id = %d", $role_id); $db->Execute($sql); // Load entire ACL list $acl = DevblocksPlatform::getAclRegistry(); // Set ACLs according to the new master list if (!empty($privileges) && !empty($acl)) { foreach ($privileges as $priv) { /* @var $priv DevblocksAclPrivilege */ $sql = sprintf("INSERT INTO worker_role_acl (role_id, priv_id, has_priv) " . "VALUES (%d, %s, %d)", $role_id, $db->qstr($priv), 1); $db->Execute($sql); } } unset($privileges); self::clearCache(); }