protected function controllerRules($controller, $module = null)
{
$accessArray = array();
$controller_model = Controllers::model()->find("controller_name like '{$controller}' and module_name like '{$module}'");
//var_dump($controller_model);
if (!$controller_model) {
echo 'denied';
return array(array('deny'));
}
//user roles
// $actions_user = ActionsUsers::model()->findAll(array('condition' => "controller_id = $controller_model->id and can_access like 'allow'",
// 'order' => 'controller_id desc'));
// ANH DUNG CLOSE JAN 29, 2015
// ANH DUNG ADD JAN 29, 2015
$criteria = new CDbCriteria();
$criteria->compare("t.controller_id", $controller_model->id);
$criteria->compare("t.user_id", Yii::app()->user->id);
$criteria->compare("t.can_access", "allow", true);
$criteria->order = "t.controller_id desc";
$actions_user = ActionsUsers::model()->findAll($criteria);
// ANH DUNG ADD JAN 29, 2015
// if($actions_user)
// {
foreach ($actions_user as $key => $user_action) {
if ($user_action->user) {
$array_action = array_map('trim', explode(",", trim($user_action->actions)));
$accessArray[] = array($user_action->can_access, 'actions' => $array_action, 'users' => array($user_action->user->username));
} else {
$user_action->delete();
}
// delete data not valid
}
// }
//menu roles ANH DUNG FIX Oct 07, 2014
$criteria = new CDbCriteria();
$criteria->compare('controller_id', $controller_model->id);
$criteria->compare('can_access', 'allow');
$criteria->compare('roles_id', Yii::app()->user->role_id);
$actions_role = ActionsRoles::model()->findAll($criteria);
// $actions_role = ActionsRoles::model()->findAll(array('condition' => "controller_id = $controller_model->id and can_access LIKE 'allow'",
// 'order' => 'controller_id desc'));
// //menu roles ANH DUNG FIX Oct 07, 2014
if ($actions_role) {
foreach ($actions_role as $key => $action_role) {
$array_action = array_map('trim', explode(",", trim($action_role->actions)));
$accessArray[] = array('allow', 'actions' => $array_action, 'users' => array('@'));
}
}
// $accessArray[] = array('deny'); // ANH DUNG CLOSE JAN 29, 2015
$accessArray[] = array('deny', 'users' => array('*'));
// ANH DUNG ADD JAN 29, 2015
return $accessArray;
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer the ID of the model to be loaded
*/
public function loadModel($id)
{
$model = ActionsRoles::model()->findByPk($id);
if ($model === null) {
Yii::log("The requested page does not exist.");
throw new CHttpException(404, 'The requested page does not exist.');
}
return $model;
}
">Cancel</a>-->
</div>
</div>
<div id="accordion">
<?php
foreach ($this->aControllers as $keyController => $aController) {
?>
<div class="block_privilege">
<h3><a class="l_margin_20 item_b" href="#"><?php
echo $aController['alias'];
?>
</a></h3>
<?php
$mController = Controllers::getByName($keyController);
$aActionsAllow = ActionsRoles::getActionArrayByRoleIdAndControllerId($id, $mController->id);
?>
<div class="wrap_privilege">
<!--<h2><?php
echo $aController['alias'];
?>
</h2>-->
<a href="javascript:void(0)" class="checkAll item_b">Select All</a> | <a href="javascript:void(0)" class="clearAll item_b">Deselect All</a><br><br>
<ul class="permission-list">
<?php
foreach ($aController['actions'] as $keyAction => $aAction) {
?>
<li><input type="checkbox" name="<?php
echo $keyController . '[' . $keyAction . ']';
?>
" value="1" id="<?php
">Cancel</a>-->
</div>
</div>
<div id="accordion">
<?php
foreach ($this->aControllers as $keyController => $aController) {
?>
<div class="block_privilege">
<h3><a class="l_margin_20 item_b" href="#"><?php
echo $aController['alias'];
?>
</a></h3>
<?php
$mController = Controllers::getByName($keyController);
$aActionsAllowGroup = ActionsRoles::getActionArrayByRoleIdAndControllerId($mUser->role_id, $mController->id);
$aActionsAllowUser = ActionsUsers::getActionArrayByUserIdAndControllerId($id, $mController->id);
$mActionsUsers = ActionsUsers::model()->findAll('user_id=' . $id . ' AND controller_id=' . $mController->id);
?>
<div class="wrap_privilege">
<!--<h2><?php
echo $aController['alias'];
?>
</h2>-->
<a href="javascript:void(0)" class="checkAll item_b">Select All</a> | <a href="javascript:void(0)" class="clearAll item_b">Deselect All</a><br><br>
<ul class="permission-list">
<?php
foreach ($aController['actions'] as $keyAction => $aAction) {
?>
<?php
$classCheck = '';
public static function canAccess($action, $controller_id, $class)
{
try {
$roles = Yii::app()->session['roles'];
$obj = new $class();
if ($class == 'ActionsRoles') {
$actions = ActionsRoles::model()->findAll('controller_id = ' . $controller_id . ' and roles_id = ' . $roles);
} else {
$user_id = Users::model()->find("username like '{$roles}'")->id;
$actions = ActionsUsers::model()->findAll('controller_id = ' . $controller_id . ' and user_id = ' . $user_id);
}
foreach ($actions as $key => $model) {
$array_action = array_map('trim', explode(",", trim($model->actions)));
foreach ($array_action as $key2 => $value) {
if (strtolower($value) == strtolower($action)) {
return $model->can_access;
}
}
}
return 'allow';
} catch (Exception $e) {
Yii::log("Exception " . print_r($e, true), 'error');
throw new CHttpException("Exception " . print_r($e, true));
}
}
public static function getActionArrayAllowForCurrentUserByControllerName($controllerName)
{
try {
$aResult = array();
$user_id = Yii::app()->user->id;
$mUser = Users::model()->findByPk($user_id);
$mController = Controllers::getByName($controllerName);
// ANH DUNG FIX NOW 14, 2014
if ($mController) {
$mActionsUsers = ActionsUsers::model()->findAll('user_id=' . $user_id . ' AND controller_id=' . $mController->id);
if ($mActionsUsers == NULL) {
$aActionsAllowGroup = ActionsRoles::getActionArrayByRoleIdAndControllerId($mUser->role_id, $mController->id);
$aResult = $aActionsAllowGroup;
} else {
$aActionsAllowUser = ActionsUsers::getActionArrayByUserIdAndControllerId($user_id, $mController->id);
$aResult = $aActionsAllowUser;
}
}
// ANH DUNG FIX NOW 14, 2014
// if($mController)
// {
// $mActionsUsers = ActionsUsers::model()->find('user_id='.$user_id.' AND controller_id='.$mController->id);
// $aActionsAllowGroup = ActionsRoles::getActionArrayByRoleIdAndControllerId($mUser->role_id, $mController->id);
// $aActionsAllowUser = ActionsUsers::getActionArrayByUserIdAndControllerId($user_id, $mController->id);
// if($mActionsUsers == NULL)
// {
// $aResult = $aActionsAllowGroup;
// }
// else
// $aResult = $aActionsAllowUser;
// }
return $aResult;
} catch (Exception $exc) {
echo $exc->getMessage();
die;
}
}
