public static function generate($userId)
{
$usersRolesModel = Model::load("auth.users_roles")->setQueryResolve(false);
$roles = $usersRolesModel->getWithField2('user_id', $userId);
self::$permissionsModel = Model::load('system.permissions');
$menu = [];
foreach ($roles as $role) {
$menu = self::mergeMenus($menu, self::generateMenus($role['role_id']));
}
$flatened = self::flatenMenu($menu);
$sideMenu = Controller::load(array("system", "side_menu", "generate", serialize($menu)));
file_put_contents("app/cache/menus/side_menu_u{$userId}.html", $sideMenu->content);
file_put_contents("app/cache/menus/menu_u{$userId}.object", serialize($flatened));
}
public static function checkRolePermissionChange($data)
{
$userId = $data[0]['user_id'];
$userModel = Model::load("auth.users");
$userData = $userModel->getWithField("user_id", $data[0]['user_id']);
$roleValidityModel = Model::load('auth.role_validity');
$roleValidityData = $roleValidityModel->getWithField("role_id", $data[0]['role_id']);
if (count($roleValidityData) > 0) {
if ($userData[0]['last_login_time'] < $roleValidityData[0]['last_modified']) {
AuthMenu::generate($userId);
}
}
}
public static function roles_callback($data, $form)
{
$usersRolesModel = Model::load("auth.users_roles");
$usersRolesModel->datastore->beginTransaction();
$userId = array_pop($data);
$loggedInUsersRoles = $usersRolesModel->getWithField("user_id", $_SESSION['user_id']);
//this is for hackers who try to use scripts of a kind to bypass the UI..this throws an exception to prevent
//the user from giving himself super user access
//the exception is thrown and basically the use's roles are deleted from the table -> bug or not
//If a user tries to set the role to 1 and the user is not super user throw exception
foreach ($data as $role) {
if ($role == 1) {
foreach ($loggedInUsersRoles as $userRole) {
if ($userRole['role_id'] == 1) {
$throwException = false;
break;
} else {
$throwException = true;
}
}
if ($throwException) {
throw new Exception('Unauthorised Action');
}
}
}
//delete all the entries related to that user
$usersRolesModel->delete('user_id', $userId);
//defaults to true and changes to false if the logged in user is really superuser
$throwException = true;
foreach ($data as $role) {
if ($role != 0) {
$usersRolesModel->setData(array('user_id' => $userId, 'role_id' => $role));
$usersRolesModel->save();
}
}
$menuFile = __DIR__ . "/cache/menus/side_menu_u{$userId}.html";
$objectFile = __DIR__ . "/cache/menus/menu_u{$userId}.object";
//delete menu & object file for user
if (file_exists($menuFile)) {
unlink($menuFile);
}
if (file_exists($objectFile)) {
unlink($objectFile);
}
//generate menu for user
AuthMenu::generate($userId);
$usersRolesModel->datastore->endTransaction();
Application::redirect("/auth/users?notification=Role(s) saved successfully");
return true;
}
