public static function generate($userId) { $usersRolesModel = Model::load("auth.users_roles")->setQueryResolve(false); $roles = $usersRolesModel->getWithField2('user_id', $userId); self::$permissionsModel = Model::load('system.permissions'); $menu = []; foreach ($roles as $role) { $menu = self::mergeMenus($menu, self::generateMenus($role['role_id'])); } $flatened = self::flatenMenu($menu); $sideMenu = Controller::load(array("system", "side_menu", "generate", serialize($menu))); file_put_contents("app/cache/menus/side_menu_u{$userId}.html", $sideMenu->content); file_put_contents("app/cache/menus/menu_u{$userId}.object", serialize($flatened)); }
public static function checkRolePermissionChange($data) { $userId = $data[0]['user_id']; $userModel = Model::load("auth.users"); $userData = $userModel->getWithField("user_id", $data[0]['user_id']); $roleValidityModel = Model::load('auth.role_validity'); $roleValidityData = $roleValidityModel->getWithField("role_id", $data[0]['role_id']); if (count($roleValidityData) > 0) { if ($userData[0]['last_login_time'] < $roleValidityData[0]['last_modified']) { AuthMenu::generate($userId); } } }
public static function roles_callback($data, $form) { $usersRolesModel = Model::load("auth.users_roles"); $usersRolesModel->datastore->beginTransaction(); $userId = array_pop($data); $loggedInUsersRoles = $usersRolesModel->getWithField("user_id", $_SESSION['user_id']); //this is for hackers who try to use scripts of a kind to bypass the UI..this throws an exception to prevent //the user from giving himself super user access //the exception is thrown and basically the use's roles are deleted from the table -> bug or not //If a user tries to set the role to 1 and the user is not super user throw exception foreach ($data as $role) { if ($role == 1) { foreach ($loggedInUsersRoles as $userRole) { if ($userRole['role_id'] == 1) { $throwException = false; break; } else { $throwException = true; } } if ($throwException) { throw new Exception('Unauthorised Action'); } } } //delete all the entries related to that user $usersRolesModel->delete('user_id', $userId); //defaults to true and changes to false if the logged in user is really superuser $throwException = true; foreach ($data as $role) { if ($role != 0) { $usersRolesModel->setData(array('user_id' => $userId, 'role_id' => $role)); $usersRolesModel->save(); } } $menuFile = __DIR__ . "/cache/menus/side_menu_u{$userId}.html"; $objectFile = __DIR__ . "/cache/menus/menu_u{$userId}.object"; //delete menu & object file for user if (file_exists($menuFile)) { unlink($menuFile); } if (file_exists($objectFile)) { unlink($objectFile); } //generate menu for user AuthMenu::generate($userId); $usersRolesModel->datastore->endTransaction(); Application::redirect("/auth/users?notification=Role(s) saved successfully"); return true; }