protected function initRoles() { $this->roles = array(); $sql = "SELECT user_role.role_id, roles.role_name FROM user_role\n JOIN roles ON user_role.role_id = roles.role_id\n WHERE user_role.user_id = :user_id"; $sth = $this->db->prepare($sql); $sth->execute([":user_id" => $this->user_id]); while ($row = $sth->fetch(PDO::FETCH_ASSOC)) { $this->roles[$row["role_name"]] = Role::getRolePerms($row["role_id"]); } }
public function getPermsByRoleIdAction() { header('Content-type: application/json; charset=utf-8'); header('Cache-Control: no-store, no-cache'); header('Expires: ' . date('r')); if (filter_has_var(INPUT_GET, 'id')) { $id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); } else { throw new Exception('Не удалось получить id роли'); } $perms = Role::getRolePerms(DB::init()->connect(), $id)->getPermissions(); echo json_encode($perms); }
public function editUserAction() { $fc = FrontController::getInstance(); $model = new AdminModel('Редактирование пользователя'); $userModel = new UserUpdateTableModel(); $userModel->setTable('user'); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $userModel->setData('userUpdate'); $userModel->updateRecord(); header('Location: /admin/profile/id/' . $userModel->getId()); exit; } else { $id = filter_var($fc->getParams()['id'], FILTER_SANITIZE_NUMBER_INT); if (!$id) { header('Location: /admin/notFound'); exit; } $userModel->setId($id); $user = []; $db = DB::init()->connect(); $userModel->readRecordsById(); $userModel->readUserAddress(); $userModel->readUserPhones(); $roles = PrivilegedUser::getUserRoleById($db, $id); $model->setData(['profile' => $userModel->getRecordsById(), 'contacts' => $userModel->getUserContacts(), 'role' => $roles, 'allRoles' => Role::getRoles($db), 'perms' => Role::getRolePerms($db, $roles['role_id'])->getPermissions()]); } $output = $model->render('../views/admin/user/editUser.php', 'admin'); $fc->setPage($output); }