public function pageGroupAuthorization($group_id)
{
// Access-controlled page
if (!$this->_app->user->checkAccess('uri_authorization_settings')) {
$this->_app->notFound();
}
$group = Group::find($group_id);
// Load all auth rules
$rules = GroupAuth::where('group_id', $group_id)->get();
$this->_app->render('config/authorization.twig', ["group" => $group, "rules" => $rules]);
}
/**
* get actions system admin or another type user
* @param int $group_id
* @param type $className
* @return type
*/
public static function getActions($group_id, $className)
{
$count = GroupAuth::model()->countByAttributes(array('className' => $className, 'group_id' => $group_id));
if ($count <= 0) {
return array('');
} else {
$model = GroupAuth::model()->findByAttributes(array('className' => $className, 'group_id' => $group_id))->action;
$model = trim($model);
$arrayModels = explode(',', $model);
$data = array();
for ($i = 0; $i < sizeof($arrayModels); $i++) {
$data[$i] = $arrayModels[$i];
}
return $data;
}
}
/**
* get actions system admin or another type user
* @param int $group_id
* @param type $className
* @return type
*/
public static function getActions($group_id, $className)
{
$group_id = 2;
//2 is admin users
if ($group_id == 2) {
$model = GroupAuth::model()->find("className = '{$className}' AND group_id = {$group_id} OR group_id = 1")->action;
} elseif ($group_id == 1) {
$model = GroupAuth::model()->find("className = '{$className}' AND group_id = {$group_id}")->action;
}
$model = trim($model);
$arrayModels = explode(',', $model);
$data = array();
for ($i = 0; $i < sizeof($arrayModels); $i++) {
$data[$i] = $arrayModels[$i];
}
return $data;
}
/**
* Processes the request to delete an existing group auth rule.
*
* Deletes the specified auth rule.
* Before doing so, checks that:
* 1. The user has permission to delete auth rules.
* This route requires authentication (and should generally be limited to admins or the root user).
* Request type: POST
* @param int $auth_id the id of the group auth rule to delete.
* @todo make this work for user-level rules as well
*/
public function deleteAuthRule($auth_id)
{
$post = $this->_app->request->post();
// Get the target rule
$rule = GroupAuth::find($auth_id);
// Get the alert message stream
$ms = $this->_app->alerts;
// Check authorization
if (!$this->_app->user->checkAccess('delete_auth', ['rule' => $rule])) {
$ms->addMessageTranslated("danger", "ACCESS_DENIED");
$this->_app->halt(403);
}
// Get group and generate success messages
$group = Group::find($rule->group_id);
$ms->addMessageTranslated("success", "GROUP_AUTH_DELETION_SUCCESSFUL", ["name" => $group->name, "hook" => $rule->hook]);
$rule->delete();
unset($rule);
}
public function getDeveloperActions($className = 'default')
{
$group_id = 1;
//1 is developer users
$model = GroupAuth::model()->findByAttributes(array('className' => $className, 'group_id' => $group_id))->action;
$model = trim($model);
$arrayModels = explode(',', $model);
$data = array();
for ($i = 0; $i < sizeof($arrayModels); $i++) {
$data[$i] = $arrayModels[$i];
}
return $data;
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer the ID of the model to be loaded
*/
public function loadModel($id)
{
$model = GroupAuth::model()->findByPk($id);
if ($model === null) {
throw new CHttpException(404, 'The requested page does not exist.');
}
return $model;
}
