/** * @desc addassignments */ public function actionManage() { // get changable collumnnames $colUsername = Yii::app()->controller->module->columnUsername; $colUserid = Yii::app()->controller->module->columnUserid; // check access to view $this->checkAccess('RbacAssignmentViewer', true); if (isset($_GET['userid'])) { // warn if user is protected if (in_array($_GET['userid'], $this->protectedUsers)) { $this->messageWarnings[] = "Warning! User is protected by Controller"; } // user must exist if ($user = User::model()->findByAttributes(array("{$colUserid}" => urldecode($_GET['userid'])))) { $this->manageUser = $user; } else { throw new CHttpException("Selected User " . urldecode($_GET['username']) . " does not exist"); } } elseif (isset($_POST['userid'])) { // check access for edit assignments $this->checkAccess('RbacAssignmentEditor', true); if (in_array($_POST['userid'], $this->protectedUsers)) { $this->messageErrors[] = "Sorry, User is protected by Controller"; $this->actionIndex(); } $username = $_POST['username']; $userid = (int) $_POST['userid']; if (!($user = User::model()->findByAttributes(array("{$colUserid}" => $userid)))) { throw new CHttpException("Managed User {$username} does not exist"); } // add selected assignments if (isset($_POST['addAssignments'])) { // fill bizRule with deny-always code if selected from user $bizRule = isset($_POST['secureMode']) ? 'return false;' : ''; foreach ($_POST['addAssignments'] as $itemname) { // add default code to bizRule if selected if (isset($_POST['addData'])) { $item = AuthItem::model()->findByAttributes(array('name' => $itemname)); $bizRule .= $item->data; } // add assignment $assignment = new AuthAssignment(); $assignment->attributes = array('userid' => $userid, 'itemname' => $itemname, 'bizrule' => $bizRule, 'data' => ''); if (!$assignment->validate()) { throw new CHttpException("New Assignment validation Error"); } $assignment->save(); $this->messageSuccess[] = "Assignment {$itemname} succesfull added."; } } // remove selected assignments if (isset($_POST['removeAssignments'])) { foreach ($_POST['removeAssignments'] as $itemname) { $assignment = AuthAssignment::model()->findByAttributes(array('userid' => $userid, 'itemname' => $itemname)); $assignment->delete(); $this->messageSuccess[] = "Assignment {$itemname} succesfull removed."; } } $this->manageUser = $user; } else { $this->actionIndex(); } $this->manageUser = $user; $this->_getSearchFields(); $displayHelper = new RBACDisplayHelper($this, 'renderItemAssign'); $displayHelper->setUser($this->manageUser); $this->doRender('manage', array('displayHelper' => $displayHelper, 'manageUser' => $this->manageUser, 'getVars' => $this->getGetVars())); Yii::app()->end(); }