Exemple #1
0
 function editAction()
 {
     $request = new Bolts_Request($this->getRequest());
     $roles_table = new Roles();
     $role = null;
     if ($request->has('id')) {
         if (!is_null($request->id)) {
             $role = $roles_table->fetchRow($roles_table->select()->where("id = ?", $request->id));
             if (!is_null($role)) {
                 // we do not edit the guest role
                 if ($role->shortname == "guest") {
                     $this->_redirect("/bolts/role");
                 }
                 $this->view->role = $role->toArray();
                 $this->view->role_tree = $roles_table->getRoleTree(null, $role->id);
                 $this->view->inherited_ids = $roles_table->getInheritedRoles($role->id);
             }
         }
     }
     if (is_null($role)) {
         $this->view->role_tree = $roles_table->getRoleTree();
     }
     if ($this->getRequest()->isPost()) {
         $errors = array();
         if ($request->has('inherit_role')) {
             $parents = array();
             foreach ($request->inherit_role as $inherit_role) {
                 $parents = array_merge($parents, $roles_table->getAllAncestors($inherit_role));
             }
             $inherit_ids = array();
             foreach ($request->inherit_role as $inherit_role) {
                 if (!in_array($inherit_role, $parents)) {
                     $inherit_ids[] = $inherit_role;
                 }
             }
         }
         if ($request->has('shortname')) {
             $shortname = $request->shortname;
             if (!Bolts_Validate::checkLength($request->shortname, 1, 255)) {
                 $errors[] = $this->_T("Shortname must be between 1 and 255 chars.");
             }
         } else {
             $errors[] = $this->_T("Shortname is a requried field.");
         }
         $description = $request->description;
         $isadmin = (int) $request->checkbox('isadmin');
         if (count($errors) == 0) {
             $data = array('shortname' => $shortname, 'description' => $description, 'isadmin' => $isadmin);
             //If we have an id, this is an update.
             $id = (int) $this->_request->getPost('id');
             if ($id != 0) {
                 $where = 'id = ' . $id;
                 $roles_table->update($data, $where);
             } else {
                 //We don't, this is an insert.
                 $id = $roles_table->insert($data);
             }
             $roles_table->removeInheritedRole($id);
             foreach ($inherit_ids as $in_id) {
                 $roles_table->setInheritedRole($id, $in_id);
             }
             $this->_redirect("/bolts/role");
         } else {
             $this->view->errors = $errors;
         }
     }
     if ($request->has('id')) {
         // this is an edit
         $id = $request->id;
         if ($id > 0) {
             $this->view->role = $roles_table->fetchRow('id = ' . $id)->toArray();
         }
         $this->view->inherited_ids = $roles_table->getInheritedRoles($id);
     } else {
         foreach ($roles_table->fetchAll()->toArray() as $role) {
             $role_choices[$role['id']] = $role['shortname'];
         }
         $this->view->role_choices = $role_choices;
     }
 }
	function editAction()
	{
		$request = new RivetyCore_Request($this->getRequest());

		$modules_table = new Modules('modules');
		$modules_table_core = new Modules('core');

		$roles_resources_table = new RolesResources();
		$roles_res_extra_table = new RolesResourcesExtra();

		if ($request->has("id"))
		{
			$role_id = $request->id;
			$roles_table = new Roles();
			$role = $roles_table->fetchRow("id = " . $role_id);
			if (!is_null($role))
			{
				$this->view->role = $role->toArray();
				$this->view->roleshortname = $role->shortname;
			}
			else
			{
				$this->_redirect("/role");
			}
		}
		else
		{
			$this->_redirect("/role");
		}

		if ($request->has("modid"))
		{
			if ($modules_table->exists($request->modid))
			{
				$module_id = $request->modid;
			}
			else
			{
				$module_id = "default";
			}
		}
		else
		{
			$module_id = "default";
		}

		if ($this->getRequest()->isPost())
		{
			$resources = $this->getRequest()->getPost('resource');

			// Hose everything for this role and module
			$where = $roles_resources_table->getAdapter()->quoteInto("role_id = ? and ", $role_id);
			$where .= $roles_resources_table->getAdapter()->quoteInto("module = ? ", $module_id);
			$roles_resources_table->delete($where);

			foreach ($resources as $resource)
			{
				$resource_array = explode("-", $resource);
				$resource_module = $resource_array[0];
				$resource_controller = $resource_array[1];
				$resource_action = $resource_array[2];
				$data = array(
					'role_id' => $role_id,
					'module' => $resource_module,
					'controller' => $resource_controller,
					'action' => $resource_action,
				);
				$roles_resources_table->insert($data);
			}

			$where = $roles_res_extra_table->getAdapter()->quoteInto("role_id = ? and ", $role_id);
			$where .= $roles_res_extra_table->getAdapter()->quoteInto("module = ? ", $module_id);
			$roles_res_extra_table->delete($where);

			if ($request->has("extra_resource"))
			{
				foreach ($request->extra_resource as $extra_resource_item)
				{
					$data = array(
						'role_id' => $role_id,
						'module'  => $module_id,
						'resource'=> $extra_resource_item,
					);
					$roles_res_extra_table->insert($data);
				}
			}
			$this->view->success = $this->_T("Resources updated.");
		}

		$db_roles_resources = $roles_resources_table->fetchAll('role_id = ' . $role_id );

		$resources = array();

		foreach ($db_roles_resources as $resource)
		{
			if (!array_key_exists($resource->module, $resources))
			{
				$resources[$resource->module] = array();
			}
			if (!array_key_exists($resource->controller, $resources[$resource->module]))
			{
				$resources[$resource->module][$resource->controller] = array();
			}
			$resources[$resource->module][$resource->controller][] = $resource->action;
		}

		/*
		* This is a poor man's introspector. The reflection API needs the classes actually available,
		* which creates naming conflicts between modules. What I do instead is read the physical files,
		* line by line, find the lines with "function fooAction" and determine that the action name is
		* "foo". It's a hack, but it works.
		*/

		$all_actions = array();
		$modules = array();
		$controllerdirs = array();

		$enabled_modules = $modules_table->getEnabledModules();

		foreach ($enabled_modules as $enabled_module)
		{
			$module_dir = 'modules';
			if ($enabled_module == 'default') $module_dir = 'core';
			$controllerdirs[$enabled_module] = Zend_Registry::get("basepath") . DIRECTORY_SEPARATOR . $module_dir . DIRECTORY_SEPARATOR . $enabled_module . DIRECTORY_SEPARATOR . "controllers";
		}

		$controllerdir = $controllerdirs[$module_id];

		$d = dir($controllerdir);
		$modules[] = $module_id;

		while (($entry = $d->read()) !== false)
		{
			if ($entry != '.' and $entry != '..' and $entry != '.svn')
			{
				$controller_name = substr($entry, 0, stripos($entry, 'Controller.php'));
				if ($module_id != "default" && substr($controller_name, 0, 1) == "_")
				{
					$controller_name = substr($controller_name, stripos($controller_name, '_') + 1);
				}
				$lines = file($controllerdir . DIRECTORY_SEPARATOR . $entry);
				foreach ($lines as $line)
				{
					if (preg_match('/function.*Action.*\(.*\).*\{?/', $line))
					{
						$action_name = trim(preg_replace('/Action.*/', '', preg_replace('/^.*function/', '', $line)));

						$allowed = false;
						if (array_key_exists($module_id, $resources))
						{
							if (array_key_exists($controller_name, $resources[$module_id]))
							{
								if (in_array($action_name, $resources[$module_id][$controller_name]))
								{
									$allowed = true;
								}
							}
						}
						$inherited = false;
						if (count($roles_table->getInheritedRoles($role_id)) > 0)
						{
							$inherited = $this->isResourceInherited($module_id, $controller_name, $action_name, $role_id);
						}
						$all_actions[$module_id][$controller_name][$action_name] = array(
							'allowed' => $allowed,
							'inherited' => $inherited,
						);
					}
				}
			}
		}

		$d->close();
		$this->view->modid = $module_id;

		if ($module_id == 'default') $mod_cfg = $modules_table_core->parseIni($module_id);
		else $mod_cfg = $modules_table->parseIni($module_id);

		$this->view->module_title = $mod_cfg['general']['name'];
		$this->view->actions = $all_actions;
		$this->view->modules = $enabled_modules;

		// get "extra" resources
		$extra_resources = array();
		if (array_key_exists('resources', $mod_cfg))
		{
			foreach ($mod_cfg['resources'] as $resource_name => $nicename)
			{
				$extra_resources[$resource_name]['nicename'] = $nicename;
				$extra_resources[$resource_name]['inherited'] = $this->isExtraResourceInherited($module_id, $resource_name, $role_id);
				$extra_resources[$resource_name]['allowed'] = $roles_res_extra_table->isAllowed($role_id, $module_id, $resource_name);
			}
		}
		$this->view->extra_resources = $extra_resources;

		$this->view->breadcrumbs = array(
			'Roles' => '/default/role/index',
			$role['shortname'] => '/default/role/edit/id/' . $role['id'],
			'Resources' => null,
		);
	}