Exemple #1
0
 /**
  * Echo out a series of inputs for a role editor page.
  *
  * This method is called via AJAX from the "Edit Role" portion of the "Manage Roles"
  * page.  Upon selection of a role in the dropdown on that page, this method
  * finds all relevant information about the role and echoes it back as a form
  * to allow for editing of the role.
  */
 public function actionGetRole()
 {
     $output = "";
     $roleInput = FilterUtil::filterArrayInput($_POST, 'Roles');
     if (!empty($roleInput)) {
         $roleName = isset($roleInput['name']) ? filter_var($roleInput['name'], FILTER_SANITIZE_STRING) : '';
         $role = Roles::model()->findByAttributes(array('name' => $roleName));
         if (isset($role)) {
             $usernames = Yii::app()->db->createCommand()->select('a.username')->from('x2_users a')->join('x2_role_to_user b', 'a.id=b.userId')->where('b.roleId=:roleId AND b.type="user"', array(':roleId' => $role->id))->queryColumn();
             $groupIds = Yii::app()->db->createCommand()->select('a.id')->from('x2_groups a')->join('x2_role_to_user b', 'a.id=b.userId')->where('b.roleId=:roleId AND b.type="group"', array(':roleId' => $role->id))->queryColumn();
             $selected = array_merge($usernames, $groupIds);
             $allUsers = X2Model::getAssignmentOptions(false, true, false);
             unset($allUsers['admin']);
             $sliderId = 'editTimeoutSlider';
             $textfieldId = 'editTimeout';
             if (isset($_GET['mode']) && in_array($_GET['mode'], array('edit', 'exception'))) {
                 // Handle whether this was called from editRole or roleException, they
                 // need different IDs to work on the same page.
                 $sliderId .= "-" . $_GET['mode'];
                 $textfieldId .= "-" . $_GET['mode'];
             }
             $timeoutSet = $role->timeout !== null;
             $output .= "\n                    <div class='row' id='set-session-timeout-row'>\n                    <input id='set-session-timeout' type='checkbox' class='left' " . ($timeoutSet ? 'checked="checked"' : '') . ">\n                    <label>" . Yii::t('admin', 'Enable Session Timeout') . "</label>\n                    </div>\n                ";
             $output .= "<div id='timeout-row' class='row' " . ($timeoutSet ? '' : "style='display: none;'") . ">";
             $output .= Yii::t('admin', 'Set role session expiration time (in minutes).');
             $output .= "<br />";
             $output .= $this->widget('zii.widgets.jui.CJuiSlider', array('value' => $role->timeout / 60, 'options' => array('min' => 5, 'max' => 1440, 'step' => 5, 'change' => "js:function(event,ui) {\n                                        \$('#" . $textfieldId . "').val(ui.value);\n                                        \$('#save-button').addClass('highlight');\n                                    }", 'slide' => "js:function(event,ui) {\n                                        \$('#" . $textfieldId . "').val(ui.value);\n                                    }"), 'htmlOptions' => array('style' => 'width:340px;margin:10px 9px;', 'id' => $sliderId)), true);
             $output .= CHtml::activeTextField($role, 'timeout', array('id' => $textfieldId, 'disabled' => $role->timeout !== null ? '' : 'disabled'));
             $output .= "</div>";
             Yii::app()->clientScript->registerScript('timeoutScript', "\n                    \$('#set-session-timeout').change (function () {\n                        if (\$(this).is (':checked')) {\n                            \$('#timeout-row').slideDown ();\n                            \$('#" . $textfieldId . "').removeAttr ('disabled');\n                        } else {\n                            \$('#timeout-row').slideUp ();\n                            \$('#" . $textfieldId . "').attr ('disabled', 'disabled');\n                        }\n                    });\n                    \$('#" . $textfieldId . "').val( \$('#" . $sliderId . "').slider('value') );\n                ", CClientScript::POS_READY);
             $output .= "<script>";
             $output .= Yii::app()->clientScript->echoScripts(true);
             $output .= "</script>";
             $output .= "<div id='users'><label>Users</label>";
             $output .= CHtml::dropDownList('users[]', $selected, $allUsers, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8));
             $output .= "</div>";
             $fields = Fields::getFieldsOfModelsWithFieldLevelPermissions();
             $fieldIds = array_flip(array_map(function ($field) {
                 return $field->id;
             }, $fields));
             $viewSelected = array();
             $editSelected = array();
             $fieldUnselected = array();
             $fieldPerms = RoleToPermission::model()->findAllByAttributes(array('roleId' => $role->id));
             foreach ($fieldPerms as $perm) {
                 if (!isset($fieldIds[$perm->fieldId])) {
                     continue;
                 }
                 if ($perm->permission == 2) {
                     $viewSelected[] = $perm->fieldId;
                     $editSelected[] = $perm->fieldId;
                 } else {
                     if ($perm->permission == 1) {
                         $viewSelected[] = $perm->fieldId;
                     }
                 }
             }
             foreach ($fields as $field) {
                 $fieldUnselected[$field->id] = X2Model::getModelTitle($field->modelName) . " - " . $field->attributeLabel;
             }
             assert(count($fieldUnselected) === count(array_unique(array_keys($fieldUnselected))));
             $output .= "<br /><label>View Permissions</label>";
             $output .= CHtml::dropDownList('viewPermissions[]', $viewSelected, $fieldUnselected, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8, 'id' => 'edit-role-field-view-permissions'));
             $output .= "<br /><label>Edit Permissions</label>";
             $output .= CHtml::dropDownList('editPermissions[]', $editSelected, $fieldUnselected, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8, 'id' => 'edit-role-field-edit-permissions'));
         }
     }
     echo $output;
 }
Exemple #2
0
 /**
  * Getter for {@link fieldPermissions}
  * @return type
  */
 public function getFieldPermissions()
 {
     $class = get_class($this);
     if (!isset(self::$_fieldPermissions[$class])) {
         $roles = Roles::getUserRoles(Yii::app()->getSuId());
         if (!$this->isExemptFromFieldLevelPermissions) {
             $permRecords = Yii::app()->db->createCommand()->select("f.fieldName,MAX(rtp.permission),f.readOnly")->from(RoleToPermission::model()->tableName() . ' rtp')->join(Fields::model()->tableName() . ' f', 'rtp.fieldId=f.id ' . 'AND rtp.roleId IN ' . AuxLib::arrToStrList($roles) . ' ' . 'AND f.modelName=:class', array(':class' => $class))->group('f.fieldName')->queryAll(false);
         } else {
             $permRecords = Yii::app()->db->createCommand()->select("fieldName,CAST(2 AS UNSIGNED INTEGER),readOnly")->from(Fields::model()->tableName() . ' f')->where('modelName=:class', array(':class' => $class))->queryAll(false);
         }
         $fieldPerms = array();
         foreach ($permRecords as $record) {
             // If the permissions of the user on the field are "2" (write),
             // subtract the readOnly field
             $fieldPerms[$record[0]] = $record[1] - (int) ((int) $record[1] === 2 ? $record[2] : 0);
         }
         self::$_fieldPermissions[$class] = $fieldPerms;
     }
     return self::$_fieldPermissions[$class];
 }
Exemple #3
0
            echo $top;
            ?>
px;" id="<?php 
            echo $field->fieldName;
            ?>
">
    
        <div class="label"><label for="Contacts_<?php 
            echo $field->fieldName;
            ?>
"><?php 
            echo Yii::t('contacts', $field->attributeLabel);
            ?>
</label></div>
                <?php 
            $fieldPerms = RoleToPermission::model()->findAllByAttributes(array('fieldId' => $field->id));
            $perms = array();
            foreach ($fieldPerms as $permission) {
                $perms[$permission->roleId] = $permission->permission;
            }
            $tempPerm = 2;
            foreach ($roles as $role) {
                if (array_search($role, array_keys($perms)) !== false) {
                    if ($perms[$role] < $tempPerm) {
                        $tempPerm = $perms[$role];
                    }
                }
            }
            $fieldName = $field->fieldName;
            isset($editor) && $editor ? $disabled = 'disabled' : ($disabled = "");
            $tempPerm == 1 ? $disabled = 'disabled' : ($disabled = $disabled);
Exemple #4
0
 /**
  * Perform the creation of a new database column.
  *
  * The extra work in this method is skipped over in the "newModule" scenario
  * because the database schema altering commands to set up columns are
  * performed separately in that case.
  *
  * @return type
  */
 public function afterSave()
 {
     // Does the column already exist?
     $table = Yii::app()->db->schema->tables[$this->myTableName];
     $existing = array_key_exists($this->fieldName, $table->columns) && $table->columns[$this->fieldName] instanceof CDbColumnSchema;
     if (!$existing) {
         // Going to create the column.
         $this->createColumn();
     }
     if ($this->keyType != 'PRI' && $this->keyType != 'FIX') {
         // The key for this column is not primary/hard-coded (managed by
         // X2Engine developers, and cannot be user-modified), so it can
         // be allowed to change.
         if ($this->keyType != null) {
             $this->dropIndex();
             $this->createIndex($this->keyType === 'UNI');
         } else {
             $this->dropIndex();
         }
     }
     if ($this->isNewRecord) {
         // A new fields permissions default to read/write for all roles
         $dataProvider = new CActiveDataProvider('Roles');
         foreach ($dataProvider->getData() as $role) {
             $permission = new RoleToPermission();
             $permission->roleId = $role->id;
             $permission->fieldId = $this->id;
             $permission->permission = 2;
             $permission->save();
         }
     }
     return parent::afterSave();
 }
Exemple #5
0
 /**
  * A catch all page for roles.
  *
  * This action renders a page with forms for the creation, editing, and deletion
  * of roles.  It also displays a grid with all user created roles (default
  * roles are not included and cannot be edited this way).
  */
 public function actionManageRoles()
 {
     $dataProvider = new CActiveDataProvider('Roles');
     $roles = $dataProvider->getData();
     $arr = array();
     foreach ($roles as $role) {
         $arr[$role->name] = $role->name;
     }
     $temp = Workflow::model()->findAll();
     $workflows = array();
     foreach ($temp as $workflow) {
         $workflows[$workflow->id] = $workflow->name;
     }
     $model = new Roles();
     $model->timeout = 60;
     if (isset($_POST['Roles'])) {
         $model->attributes = $_POST['Roles'];
         if (!isset($_POST['viewPermissions'])) {
             $viewPermissions = array();
         } else {
             $viewPermissions = $_POST['viewPermissions'];
         }
         if (!isset($_POST['editPermissions'])) {
             $editPermissions = array();
         } else {
             $editPermissions = $_POST['editPermissions'];
         }
         if (isset($_POST['Roles']['users'])) {
             $users = $model->users;
         } else {
             $users = array();
         }
         $model->users = "";
         $model->timeout *= 60;
         if ($model->save()) {
             foreach ($users as $user) {
                 $role = new RoleToUser();
                 $role->roleId = $model->id;
                 if (!is_numeric($user)) {
                     $userRecord = User::model()->findByAttributes(array('username' => $user));
                     $role->userId = $userRecord->id;
                     $role->type = 'user';
                 } else {
                     $role->userId = $user;
                     $role->type = 'group';
                 }
                 /* end x2temp */
                 $role->save();
             }
             $fields = Fields::model()->findAll();
             $temp = array();
             foreach ($fields as $field) {
                 $temp[] = $field->id;
             }
             $both = array_intersect($viewPermissions, $editPermissions);
             $view = array_diff($viewPermissions, $editPermissions);
             $neither = array_diff($temp, $viewPermissions);
             foreach ($both as $field) {
                 $rolePerm = new RoleToPermission();
                 $rolePerm->roleId = $model->id;
                 $rolePerm->fieldId = $field;
                 $rolePerm->permission = 2;
                 $rolePerm->save();
             }
             foreach ($view as $field) {
                 $rolePerm = new RoleToPermission();
                 $rolePerm->roleId = $model->id;
                 $rolePerm->fieldId = $field;
                 $rolePerm->permission = 1;
                 $rolePerm->save();
             }
             foreach ($neither as $field) {
                 $rolePerm = new RoleToPermission();
                 $rolePerm->roleId = $model->id;
                 $rolePerm->fieldId = $field;
                 $rolePerm->permission = 0;
                 $rolePerm->save();
             }
         } else {
             foreach ($model->getErrors() as $err) {
                 $errors = $err;
             }
             $errors = implode(',', $errors);
             Yii::app()->user->setFlash('error', Yii::t('admin', "Unable to save role: {errors}", array('{errors}' => $errors)));
         }
         $this->redirect('manageRoles');
     }
     $this->render('manageRoles', array('dataProvider' => $dataProvider, 'model' => $model, 'roles' => $arr, 'workflows' => $workflows));
 }
 public function actionGetRole()
 {
     if (isset($_POST['Roles'])) {
         $id = $_POST['Roles']['name'];
         if (is_null($id)) {
             echo "";
             exit;
         }
         $role = Roles::model()->findByAttributes(array('name' => $id));
         $id = $role->id;
         $roles = RoleToUser::model()->findAllByAttributes(array('roleId' => $id));
         $users = array();
         foreach ($roles as $link) {
             if ($link->type == 'user') {
                 $users[] = User::model()->findByPk($link->userId)->username;
             } else {
                 $users[] = Groups::model()->findByPk($link->userId)->id;
             }
             /* end x2temp */
         }
         $allUsers = User::model()->findAll();
         $selected = array();
         $unselected = array();
         foreach ($users as $user) {
             $selected[] = $user;
         }
         foreach ($allUsers as $user) {
             $unselected[$user->username] = $user->firstName . " " . $user->lastName;
         }
         /* x2temp */
         $groups = Groups::model()->findAll();
         foreach ($groups as $group) {
             $unselected[$group->id] = $group->name;
         }
         /* end x2temp */
         unset($unselected['admin']);
         echo "<div id='users'><label>Users</label>";
         echo CHtml::dropDownList('users[]', $selected, $unselected, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8));
         echo "</div>";
         $fields = Fields::model()->findAllBySql("SELECT * FROM x2_fields ORDER BY modelName ASC");
         $viewSelected = array();
         $editSelected = array();
         $fieldUnselected = array();
         $fieldPerms = RoleToPermission::model()->findAllByAttributes(array('roleId' => $role->id));
         foreach ($fieldPerms as $perm) {
             if ($perm->permission == 2) {
                 $viewSelected[] = $perm->fieldId;
                 $editSelected[] = $perm->fieldId;
             } else {
                 if ($perm->permission == 1) {
                     $viewSelected[] = $perm->fieldId;
                 }
             }
         }
         foreach ($fields as $field) {
             $fieldUnselected[$field->id] = $field->modelName . " - " . $field->attributeLabel;
         }
         echo "<br /><label>View Permissions</label>";
         echo CHtml::dropDownList('viewPermissions[]', $viewSelected, $fieldUnselected, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8));
         echo "<br /><label>Edit Permissions</label>";
         echo CHtml::dropDownList('editPermissions[]', $editSelected, $fieldUnselected, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8));
     }
 }