public function rebuild()
{
$acl = new AclMemory();
$acl->setDefaultAction(\Phalcon\Acl::DENY);
$profiles = Profiles::find('active = "Y"');
foreach ($profiles as $profile) {
$acl->addRole(new AclRole($profile->name));
}
foreach ($this->privateResource as $resource => $actions) {
$acl->addResource(new AclResource($resource), $actions);
}
//数据库中查找到profiles表中的角色, 在找对应permissions表中的权限.
foreach ($profiles as $profile) {
foreach ($profile->getPermissions() as $permission) {
$acl->allow($profile->name, $permission->resource, $permission->action);
}
//所有的角色都可以访问 users
$acl->allow($profile->name, 'users', 'changePassword');
}
if (touch(APP_DIR . $this->filePath) && is_writable(APP_DIR . $this->filePath)) {
file_put_contents(APP_DIR . $this->filePath, serialize($acl));
} else {
$this->flash->error('The user does not have write permissions to create the ACL list at ' . APP_DIR . $this->filePath);
}
return $acl;
}
/**
* View the permissions for a profile level, and change them if we have a POST.
*/
public function indexAction()
{
$this->view->setTemplateBefore('private');
if ($this->request->isPost()) {
// Validate the profile
$profile = Profiles::findFirstById($this->request->getPost('profileId'));
if ($profile) {
if ($this->request->hasPost('permissions')) {
// Deletes the current permissions
$profile->getPermissions()->delete();
// Save the new permissions
foreach ($this->request->getPost('permissions') as $permission) {
$parts = explode('.', $permission);
$permission = new Permissions();
$permission->profilesId = $profile->id;
$permission->resource = $parts[0];
$permission->action = $parts[1];
$permission->save();
}
$this->flash->success('Permissions were updated with success');
}
// Rebuild the ACL with
$this->acl->rebuild();
// Pass the current permissions to the view
$this->view->permissions = $this->acl->getPermissions($profile);
}
$this->view->profile = $profile;
}
// Pass all the active profiles
$this->view->profiles = Profiles::find('active = "Y"');
}
public function indexAction()
{
$this->view->form = new UsersForm();
$profiles = Profiles::find("active='Y'");
foreach ($profiles as $profile) {
$datas[] = $profile;
}
$this->view->profiles = $datas;
}
public function listAction()
{
$response = new Response();
$response->setHeader('Content-Type', 'application/json');
$datas = array();
if ($this->request->get('active') == '1') {
$profiles = Profiles::find(array("active = 'Y'", "columns" => 'id, name, active'));
} else {
$profiles = Profiles::find(array("columns" => 'id, name, active'));
}
foreach ($profiles as $profile) {
$datas[] = $profile;
}
$response->setJsonContent($datas);
return $response;
}
public function initialize($entity = null, $options = null)
{
// In edition the id is hidden
if (isset($options['edit']) && $options['edit']) {
$id = new Hidden('id');
} else {
$id = new Text('id');
}
$this->add($id);
$name = new Text('name', array('placeholder' => '用户帐号'));
$name->addValidators(array(new PresenceOf(array('message' => '必须填定帐号名'))));
$this->add($name);
$email = new Text('email', array('placeholder' => 'Email'));
$email->addValidators(array(new PresenceOf(array('message' => '必须填写用户邮箱')), new Email(array('message' => '邮箱格式不正确'))));
$this->add($email);
$this->add(new Select('profilesId', Profiles::find('active = "Y"'), array('using' => array('id', 'name'), 'useEmpty' => true, 'emptyText' => '请选择角色', 'emptyValue' => '')));
$this->add(new Select('banned', array('Y' => 'Yes', 'N' => 'No')));
$this->add(new Select('suspended', array('Y' => 'Yes', 'N' => 'No')));
$this->add(new Select('active', array('Y' => 'Yes', 'N' => 'No')));
}
