public function authenticate()
{
$record = Usuario::model()->findByAttributes(array('nombre' => $this->username));
$conexion = Yii::app()->db;
$consulta = "SELECT nombre, clave FROM usuario ";
$consulta .= "WHERE nombre='" . $this->username . "' AND ";
$consulta .= "clave='" . $this->password . "'";
$resultado = $conexion->createCommand($consulta)->query();
$resultado->bindColumn(1, $this->username);
$resultado->bindColumn(2, $this->password);
while ($resultado->read() !== false) {
$this->errorCode = self::ERROR_NONE;
$this->_id = $record->id;
//bien
$role = Roles::model()->findByPk($record->IdRol);
//bien
$this->setState('role', $role->NOMBRE);
//bien
return !$this->errorCode;
}
/*$users=array(
// username => password
'demo'=>'demo',
'admin'=>'admin',
);
if(!isset($users[$this->username]))
$this->errorCode=self::ERROR_USERNAME_INVALID;
elseif($users[$this->username]!==$this->password)
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
$this->errorCode=self::ERROR_NONE;
return !$this->errorCode;*/
}
/**
* @Author: bb - recopy ANH DUNG May 12, 2014
* @Todo: phân quyền cho group
*/
public function actionGroup($id)
{
if (in_array($id, Roles::$aRoleRestrict)) {
$this->redirect(Yii::app()->createAbsoluteUrl('admin/roles'));
}
$this->pageTitle = Yii::app()->params['title'] . ' - Group Privilege';
$mGroup = Roles::model()->findByPk($id);
try {
if (isset($_POST['submit'])) {
foreach ($this->aControllers as $keyController => $aController) {
$mController = Controllers::getByName($keyController);
if ($mController) {
$mController->addGroupRoles($this->postArrayCheckBoxToAllowDenyValue($keyController), $id);
$this->setNotifyMessage(NotificationType::Success, 'Successful Update');
}
}
$this->refresh();
}
$this->render('group', array('id' => $id, 'mGroup' => $mGroup, 'actions' => $this->listActionsCanAccess));
} catch (Exception $exc) {
Yii::log("Uid: " . Yii::app()->user->id . " Exception " . $exc->getMessage(), 'error');
$code = 404;
if (isset($exc->statusCode)) {
$code = $exc->statusCode;
}
if ($exc->getCode()) {
$code = $exc->getCode();
}
throw new CHttpException($code, $exc->getMessage());
}
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$user = User::model()->findByAttributes(array('user_id' => $this->username));
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
}
if (Yii::app()->getModule('admin')->encrypting($this->password) !== $user->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
if ($user->status == 0 && Yii::app()->getModule('admin')->loginNotActiv == false) {
$this->errorCode = self::ERROR_STATUS_NOTACTIV;
} else {
if ($user->status == -1) {
$this->errorCode = self::ERROR_STATUS_BAN;
} else {
$role = $user->user_role;
$role_model = Roles::model()->findByPk($role);
if ($role_model->role == "admin") {
$this->_id = $user->id;
$this->username = $user->agency_name;
$this->errorCode = self::ERROR_NONE;
$this->setState('user_role', $role_model->role);
} else {
$this->errorCode = self::ERROR_USERNAME_INVALID;
}
}
}
}
return !$this->errorCode;
}
public function loadModel($id)
{
$model = Roles::model()->findByPk($id);
if ($model === null) {
throw new CHttpException(404, 'The requested page does not exist.');
}
return $model;
}
/**
* @param string $attribute the name of the attribute to be validated
* @param array $params options specified in the validation rule
*/
public function roleValidator($attribute, $params)
{
$roles = Roles::model()->registration_roles()->findAll();
foreach ($roles as $role) {
if ($role->name === $this->{$attribute}) {
return true;
}
}
$this->addError($attribute, 'Specify a right role!');
}
<?php
$account_id;
?>
<div>
<div>
Module:
<?php
$modelModule = Roles::model()->getRoles();
echo CHtml::dropDownList('assign_roles_account', '', CHtml::listData($modelModule, 'lb_record_primary_key', 'role_name'), array());
echo CHtml::button('add', array('onclick' => 'add_roles_account();return false;', 'class' => 'btn btn-default', 'style' => 'margin-bottom: 10px;margin-left:10px;'));
?>
</div>
<div id="contentai-account-role">
<?php
$this->renderPartial('permission.views.account._form_account_role', array('account_id' => $account_id));
?>
</div>
</div>
<script type="text/javascript">
function add_roles_account()
{
var account_id = <?php
echo $account_id;
?>
;
var role_id = $('#assign_roles_account').val();
$.ajax({
type:'POST',
public function actionShowAttributes($role)
{
$criteria = new CDbCriteria();
$criteria->condition = 'role='.$role;
$dataProvider = new CActiveDataProvider('RoleAttribute', array(
'criteria'=>$criteria,
));
$model = Roles::model()->findByPk($role);
$this->render('showRoleAttributes',array(
'model'=>$model,
'dataProvider'=>$dataProvider,
));
}
public static function getNameRoleById($role_id)
{
$model = Roles::model()->findByPk($role_id);
if ($model) {
return $model->role_name;
}
return '';
}
/**
* Echo out a series of inputs for a role editor page.
*
* This method is called via AJAX from the "Edit Role" portion of the "Manage Roles"
* page. Upon selection of a role in the dropdown on that page, this method
* finds all relevant information about the role and echoes it back as a form
* to allow for editing of the role.
*/
public function actionGetRole()
{
if (isset($_POST['Roles'])) {
$id = $_POST['Roles']['name'];
$role = Roles::model()->findByAttributes(array('name' => $id));
if (!$role) {
echo "";
exit;
}
$id = $role->id;
$roles = RoleToUser::model()->findAllByAttributes(array('roleId' => $id));
$users = array();
foreach ($roles as $link) {
if ($link->type == 'user') {
$user = User::model()->findByPk($link->userId);
if (isset($user)) {
$users[] = $user->username;
}
} else {
$group = Groups::model()->findByPk($link->userId);
if (isset($group)) {
$users[] = $group->id;
}
}
/* end x2temp */
}
$allUsers = User::model()->findAll('status="1"');
$selected = array();
$unselected = array();
foreach ($users as $user) {
$selected[] = $user;
}
foreach ($allUsers as $user) {
$unselected[CHtml::encode($user->username)] = CHtml::encode($user->firstName . " " . $user->lastName);
}
/* x2temp */
$groups = Groups::model()->findAll();
foreach ($groups as $group) {
$unselected[$group->id] = CHtml::encode($group->name);
}
/* end x2temp */
unset($unselected['admin']);
$sliderId = 'editTimeoutSlider';
$textfieldId = 'editTimeout';
if (isset($_GET['mode']) && in_array($_GET['mode'], array('edit', 'exception'))) {
// Handle whether this was called from editRole or roleException, they
// need different IDs to work on the same page.
$sliderId .= "-" . $_GET['mode'];
$textfieldId .= "-" . $_GET['mode'];
}
$timeoutSet = $role->timeout !== null;
echo "\n <div class='row' id='set-session-timeout-row'>\n <input id='set-session-timeout' type='checkbox' class='left' " . ($timeoutSet ? 'checked="checked"' : '') . ">\n <label>" . Yii::t('admin', 'Enable Session Timeout') . "</label>\n </div>\n ";
echo "<div id='timeout-row' class='row' " . ($timeoutSet ? '' : "style='display: none;'") . ">";
echo Yii::t('admin', 'Set role session expiration time (in minutes).');
echo "<br />";
$this->widget('zii.widgets.jui.CJuiSlider', array('value' => $role->timeout / 60, 'options' => array('min' => 5, 'max' => 1440, 'step' => 5, 'change' => "js:function(event,ui) {\n \$('#" . $textfieldId . "').val(ui.value);\n \$('#save-button').addClass('highlight');\n }", 'slide' => "js:function(event,ui) {\n \$('#" . $textfieldId . "').val(ui.value);\n }"), 'htmlOptions' => array('style' => 'width:340px;margin:10px 9px;', 'id' => $sliderId)));
echo CHtml::activeTextField($role, 'timeout', array('id' => $textfieldId, 'disabled' => $role->timeout !== null ? '' : 'disabled'));
echo "</div>";
Yii::app()->clientScript->registerScript('timeoutScript', "\n \$('#set-session-timeout').change (function () {\n if (\$(this).is (':checked')) {\n \$('#timeout-row').slideDown ();\n \$('#" . $textfieldId . "').removeAttr ('disabled');\n } else {\n \$('#timeout-row').slideUp ();\n \$('#" . $textfieldId . "').attr ('disabled', 'disabled');\n }\n });\n \$('#" . $textfieldId . "').val( \$('#" . $sliderId . "').slider('value') );\n ", CClientScript::POS_READY);
echo "<script>";
Yii::app()->clientScript->echoScripts();
echo "</script>";
echo "<div id='users'><label>Users</label>";
echo CHtml::dropDownList('users[]', $selected, $unselected, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8));
echo "</div>";
$fields = Fields::model()->findAllBySql("SELECT * FROM x2_fields ORDER BY modelName ASC");
$viewSelected = array();
$editSelected = array();
$fieldUnselected = array();
$fieldPerms = RoleToPermission::model()->findAllByAttributes(array('roleId' => $role->id));
foreach ($fieldPerms as $perm) {
if ($perm->permission == 2) {
$viewSelected[] = $perm->fieldId;
$editSelected[] = $perm->fieldId;
} else {
if ($perm->permission == 1) {
$viewSelected[] = $perm->fieldId;
}
}
}
foreach ($fields as $field) {
$fieldUnselected[$field->id] = X2Model::getModelTitle($field->modelName) . " - " . $field->attributeLabel;
}
echo "<br /><label>View Permissions</label>";
echo CHtml::dropDownList('viewPermissions[]', $viewSelected, $fieldUnselected, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8));
echo "<br /><label>Edit Permissions</label>";
echo CHtml::dropDownList('editPermissions[]', $editSelected, $fieldUnselected, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8));
}
}
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "Powered by
* X2Engine" logo. If the display of the logo is not reasonably feasible for
* technical reasons, the Appropriate Legal Notices must display the words
* "Powered by X2Engine".
*****************************************************************************************/
LoginThemeHelper::init();
Yii::app()->clientScript->registerCssFile($this->module->assetsUrl . '/css/users.css');
$groups = array();
foreach (Groups::model()->findAll() as $group) {
$groups[$group->id] = $group->name;
}
$roles = array();
foreach (Roles::model()->findAll() as $role) {
$roles[$role->id] = $role->name;
}
?>
<!--<div class="page-title icon users"><h2>
<?php
echo Yii::t('users', 'Create {user}', array('{user}' => Modules::displayName(false)));
?>
</h2></div> -->
<div id="container">
<div id="login-box-outer">
<div id="login-box">
<?php
echo $this->renderPartial('_form', array('update' => false, 'model' => $user, 'roles' => $roles, 'groups' => $groups, 'selectedGroups' => array(), 'selectedRoles' => array(), 'flag' => true, 'create' => true, 'status' => false));
?>
</div>
public function actionEdit($id)
{
$typeAccount = Yii::app()->user->hasState('typeAccountCurrent') ? Yii::app()->user->getState('typeAccountCurrent') : null;
$this->pageTitle = $typeAccount != null ? 'Edit Account Of ' . $typeAccount : 'Edit Account';
$model = $this->loadModel($id);
$passwordOld = $model->s_password;
$storeOld = $model->s_store_id;
$store = Store::model()->findAll('i_account_manager = 0');
$model->s_password = '******';
if (isset($_POST['User'])) {
$flagSave = false;
$flagChangeImage = false;
$model->attributes = $_POST['User'];
$levelAccount = Yii::app()->user->level;
$role = Roles::model()->findByPk($model->i_user_role);
if ($model->s_store_id != $storeOld) {
$checkStore = Store::model()->find('pk_s_id = :pk_s_id', array(':pk_s_id' => $model->s_store_id));
if ($checkStore == null) {
$model->s_store_id = $storeOld;
$model->addError('s_store_id', 'Store invalid');
}
$storeManager = $checkStore->userManager();
if ($storeManager != null) {
$model->addError('i_user_role', 'The store has managed. Please select user type other or stores other');
}
}
$model->i_manager = 0;
$model->i_device_max = intval($model->i_device_max);
$model->i_flag_sync = 1;
if ($model->i_user_role == 3) {
$model->i_manager = 1;
}
if ($role == null) {
$model->addError('i_user_role', 'Type not exist');
} elseif ($levelAccount < $role->level) {
$model->addError('i_user_role', 'Your are not authorized to make this type of account');
}
if ($model->s_password != '' && $model->s_password != 'posNail@2015' && $model->s_password != $passwordOld) {
$password = sha1($model->s_secret_code . sha1($model->s_password . $model->s_secret_code));
$model->s_password = $password;
} else {
$model->s_password = $passwordOld;
}
$image = CUploadedFile::getInstance($model, 's_image_server');
if ($image != null) {
if ($image->saveAs(Yii::app()->basePath . '/../data/users/' . $model->s_image_server)) {
$imgthumb = Yii::app()->phpThumb->create(Yii::app()->basePath . '/../data/users/' . $model->s_image_server);
$imgthumb->resize(240, 240);
$imgthumb->save(Yii::app()->basePath . '/../data/users/240x240_' . $model->s_image_server);
$imgthumb->resize(120, 120);
$imgthumb->save(Yii::app()->basePath . '/../data/users/120x120_' . $model->s_image_server);
$flagChangeImage = true;
} else {
$model->addError('s_image_server', 'Upload image fail');
}
}
if (count($model->errors) == 0) {
if ($model->save()) {
$flagSave = true;
} elseif ($flagChangeImage == true) {
$flagSave = false;
@unlink(Yii::app()->basePath . '/../data/users/' . $model->s_image_server);
@unlink(Yii::app()->basePath . '/../data/users/240x240_' . $model->s_image_server);
@unlink(Yii::app()->basePath . '/../data/users/120x120_' . $model->s_image_server);
}
if ($flagSave == true) {
$this->redirect(array('index'));
}
}
}
$this->render('create', array('model' => $model, 'store' => $store, 'typeAccount' => $typeAccount));
}
<?php
echo CHtml::link('Advanced Search', '#', array('class' => 'search-button'));
?>
<div class="search-form" style="display:none">
<?php
$this->renderPartial('_search', array('model' => $model));
?>
</div><!-- search-form -->
</br>
<div class="form" style="padding-left: 0px;">
<div class="row">
<label class="required" for="UsersActions_user_id">Role: <span class="required">*</span></label>
<?php
echo CHtml::dropDownList('roles', 1, CHtml::listData(Roles::model()->findAll(), 'id', 'role_name'));
?>
<?php
//echo $form->error($model,'user_id');
?>
</div>
</div>
<?php
$this->widget('zii.widgets.grid.CGridView', array('id' => 'controllers-grid', 'dataProvider' => $model->search(), 'columns' => array(array('header' => 'S/N', 'type' => 'raw', 'value' => '$row+1', 'headerHtmlOptions' => array('width' => '30px', 'style' => 'text-align:center;'), 'htmlOptions' => array('style' => 'text-align:center;')), array('class' => 'CButtonColumn', 'template' => ControllerActionsName::createIndexButtonRoles($actions, array('update'))), 'controller_name', 'module_name', 'actions')));
?>
<div id="re"></div>
<script type="text/javascript">
public static function hasRole($user, $role)
{
if (is_numeric($role)) {
$lookup = RoleToUser::model()->findByAttributes(array('userId' => $user, 'roleId' => $role));
return isset($lookup);
} else {
$roleRecord = Roles::model()->findByAttributes(array('name' => $role));
if (isset($roleRecord)) {
$lookup = RoleToUser::model()->findByAttributes(array('userId' => $user, 'roleId' => $roleRecord->id));
return isset($lookup);
} else {
return false;
}
}
}
echo $form->labelEx($model, 'tbl_user_email');
?>
<?php
echo $form->textField($model, 'tbl_user_email', array('size' => 60, 'maxlength' => 255));
?>
<?php
echo $form->error($model, 'tbl_user_email');
?>
</div>
<div class="row">
<?php
echo $form->labelEx($model, 'tbl_roles_idtbl_role');
?>
<?php
$models = Roles::model()->findAll(array('order' => 'tbl_role_title'));
$list = CHtml::listData($models, 'idtbl_role', 'tbl_role_title');
echo CHtml::dropDownList('Users[tbl_roles_idtbl_role]', $model->tblRolesIdtblRole, $list);
?>
<?php
echo $form->error($model, 'tbl_roles_idtbl_role');
?>
</div>
<div class="row">
<?php
echo $form->labelEx($model, 'tbl_user_notifications');
?>
<?php
echo $form->checkBox($model, 'tbl_user_notifications', array('Yes', 'No'));
?>
$this->breadcrumbs = array('Usuarios');
?>
<title><?php
echo Yii::app()->controller->module->getName() . " >> " . $this->pageTitle;
?>
</title>
<?php
$this->widget('zii.widgets.CBreadcrumbs', array('links' => $this->breadcrumbs, 'htmlOptions' => array('class' => 'breadcrumb')));
?>
<div class="page-header">
<h1>Catálogo Usuarios </h1>
</div>
<?php
echo TbHtml::linkButton('Crear Registro', array('color' => TbHtml::BUTTON_COLOR_PRIMARY, 'method' => 'post', 'submit' => array('usuarios/create')));
?>
<br /><br />
<?php
$this->widget('zii.widgets.grid.CGridView', array('id' => 'usuarios-grid', 'dataProvider' => $model->search(), 'filter' => $model, 'summaryText' => "Mostrando {start} – {end} de {count} resultados", 'pager' => array('header' => 'Ir a la pagina:', 'firstPageLabel' => '< <', 'prevPageLabel' => 'Anterior', 'nextPageLabel' => 'Siguiente', 'lastPageLabel' => '>>'), 'htmlOptions' => array('style' => 'word-wrap:break-word; width:1250px; font-family:"Times New Roman"'), 'columns' => array(array('name' => 'IdUsuario', 'htmlOptions' => array('width' => '50')), array('name' => 'username', 'htmlOptions' => array('width' => '50')), array('name' => 'NumeroDocumento', 'htmlOptions' => array('width' => '50', 'align' => 'right'), 'value' => function ($model) {
return Yii::app()->format->formatNumber($model->NumeroDocumento);
}), array('name' => 'PrimerNombre', 'htmlOptions' => array('width' => '50')), array('name' => 'SegundoNombre', 'htmlOptions' => array('width' => '50')), array('name' => 'PrimerApellido', 'htmlOptions' => array('width' => '50')), array('name' => 'SegundoApellido', 'htmlOptions' => array('width' => '100')), array('name' => 'EmailUsuario', 'htmlOptions' => array('width' => '100')), 'IdRol' => array('name' => 'IdRol', 'htmlOptions' => array('width' => '100'), 'value' => function ($model) {
return Roles::getNombreRol($model->IdRol);
}, 'filter' => CHtml::listData(Roles::model()->findAll(array('order' => 'NombreRol')), 'IdRol', 'NombreRol')), 'IdEstadoRegistro' => array('name' => 'IdEstadoRegistro', 'htmlOptions' => array('width' => '80'), 'value' => function ($model) {
return EstadosRegistro::getNombreEstado($model->IdEstadoRegistro);
}, 'filter' => CHtml::listData(EstadosRegistro::model()->findAll(array('order' => 'NombreEstadoRegistro')), 'IdEstadoRegistro', 'NombreEstadoRegistro')), array('class' => 'CButtonColumn', 'htmlOptions' => array('width' => '120')))));
/**
* getRoles
* @return array
*/
public function getRoles()
{
$roles = Roles::model()->findAll();
$rolesArray = CHtml::listData($roles, 'id', 'name');
return $rolesArray;
}
public static function wruaRole()
{
return Roles::model()->wrua_role()->find()->name;
}
echo $form->textFieldRow($model, 'username', array('class' => 'span5', 'maxlength' => 45));
?>
<?php
echo $form->textFieldRow($model, 'first_name', array('class' => 'span5', 'maxlength' => 30));
?>
<?php
echo $form->textFieldRow($model, 'last_name', array('class' => 'span5', 'maxlength' => 30));
?>
<?php
echo $form->passwordFieldRow($model, 'password', array('class' => 'span5', 'maxlength' => 128));
?>
<?php
echo $form->passwordFieldRow($model, 'password_repeat', array('class' => 'span5', 'maxlength' => 128));
?>
<?php
echo $form->dropDownListRow($model, 'role_id', Roles::model()->getRoles());
?>
<div class="form-actions">
<?php
$this->widget('bootstrap.widgets.TbButton', array('buttonType' => 'submit', 'type' => 'primary', 'label' => $model->isNewRecord ? 'Create' : 'Save'));
?>
</div>
<?php
$this->endWidget();
* IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
********************************************************************************/
?>
<h3>Add Exception</h3>
<div class="form">
<?php
Yii::app()->clientScript->registerScriptFile(Yii::app()->getBaseUrl() . '/js/multiselect/js/ui.multiselect.js');
Yii::app()->clientScript->registerCssFile(Yii::app()->getBaseUrl() . '/js/multiselect/css/ui.multiselect.css', 'screen, projection');
Yii::app()->clientScript->registerCss('multiselectCss', "\n.multiselect {\n\twidth: 460px;\n\theight: 200px;\n}\n#switcher {\n\tmargin-top: 20px;\n}\n", 'screen, projection');
$list = Roles::model()->findAll();
$names = array();
foreach ($list as $role) {
$names[$role->name] = $role->name;
}
$form = $this->beginWidget('CActiveForm', array('id' => 'roleException-form', 'enableAjaxValidation' => false, 'action' => 'roleException'));
?>
<label>Workflow</label>
<?php
echo CHtml::dropDownList('workflow', '', $workflows, array('empty' => 'Select a workflow', 'ajax' => array('type' => 'POST', 'url' => CController::createUrl('admin/getWorkflowStages'), 'update' => '#workflowStages')));
?>
<label>Workflow Stage</label>
<?php
echo CHtml::dropDownList('workflowStages', '', array(), array('id' => 'workflowStages', 'empty' => 'Select a workflow first'));
?>
/**
* Deletes a particular model.
* If deletion is successful, the browser will be redirected to the 'index' page.
*/
public function actionDelete()
{
if (Yii::app()->request->isPostRequest) {
// we only allow deletion via POST request
$model = $this->loadModel();
$profile = Profile::model()->findByPk($model->id);
$roles = Roles::model()->findByPk($model->id);
$transaction = Yii::app()->db->beginTransaction();
try {
// поиск и сохранение — шаги, между которыми могут быть выполнены другие запросы,
// поэтому мы используем транзакцию, чтобы удостовериться в целостности данных
$profile->delete();
$model->delete();
$roles->delete();
$transaction->commit();
} catch (Exception $e) {
$transaction->rollback();
}
// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
if (!isset($_POST['ajax'])) {
$this->redirect(array('/user/admin'));
}
} else {
throw new CHttpException(400, 'Invalid request. Please do not repeat this request again.');
}
}
/**
* Updates a particular model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id the ID of the model to be updated
*/
public function actionUpdate($id)
{
$model = $this->loadModel($id);
$groups = array();
foreach (Groups::model()->findAll() as $group) {
$groups[$group->id] = CHtml::encode($group->name);
}
$selectedGroups = array();
foreach (GroupToUser::model()->findAllByAttributes(array('userId' => $model->id)) as $link) {
$selectedGroups[] = $link->groupId;
}
$roles = array();
foreach (Roles::model()->findAll() as $role) {
$roles[$role->id] = CHtml::encode($role->name);
}
$selectedRoles = array();
foreach (RoleToUser::model()->findAllByAttributes(array('userId' => $model->id)) as $link) {
$selectedRoles[] = $link->roleId;
}
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if (!isset($model->userAlias)) {
$model->userAlias = $model->username;
}
if (isset($_POST['User'])) {
$old = $model->attributes;
$temp = $model->password;
$model->attributes = $_POST['User'];
if ($model->password != "") {
$model->password = PasswordUtil::createHash($model->password);
} else {
$model->password = $temp;
}
if (empty($model->userKey)) {
$model->userKey = substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789', 32)), 0, 32);
}
if ($model->save()) {
$profile = $model->profile;
if (!empty($profile)) {
$profile->emailAddress = $model->emailAddress;
$profile->fullName = $model->firstName . ' ' . $model->lastName;
$profile->save();
}
if ($old['username'] != $model->username) {
$fieldRecords = Fields::model()->findAllByAttributes(array('fieldName' => 'assignedTo'));
$modelList = array();
foreach ($fieldRecords as $record) {
$modelList[$record->modelName] = $record->linkType;
}
foreach ($modelList as $modelName => $type) {
if ($modelName == 'Quotes') {
$modelName = "Quote";
}
if ($modelName == 'Products') {
$modelName = 'Product';
}
if (empty($type)) {
$list = X2Model::model($modelName)->findAllByAttributes(array('assignedTo' => $old['username']));
foreach ($list as $item) {
$item->assignedTo = $model->username;
$item->save();
}
} else {
$list = X2Model::model($modelName)->findAllBySql("SELECT * FROM " . X2Model::model($modelName)->tableName() . " WHERE assignedTo LIKE '%" . $old['username'] . "%'");
foreach ($list as $item) {
$assignedTo = explode(", ", $item->assignedTo);
$key = array_search($old['username'], $assignedTo);
if ($key >= 0) {
$assignedTo[$key] = $model->username;
}
$item->assignedTo = implode(", ", $assignedTo);
$item->save();
}
}
}
$profile = Profile::model()->findByAttributes(array('username' => $old['username']));
if (isset($profile)) {
$profile->username = $model->username;
$profile->save();
}
}
foreach (RoleToUser::model()->findAllByAttributes(array('userId' => $model->id)) as $link) {
$link->delete();
}
foreach (GroupToUser::model()->findAllByAttributes(array('userId' => $model->id)) as $link) {
$link->delete();
}
if (isset($_POST['roles'])) {
$roles = $_POST['roles'];
foreach ($roles as $role) {
$link = new RoleToUser();
$link->roleId = $role;
$link->type = "user";
$link->userId = $model->id;
$link->save();
}
}
if (isset($_POST['groups'])) {
$groups = $_POST['groups'];
foreach ($groups as $group) {
$link = new GroupToUser();
$link->groupId = $group;
$link->userId = $model->id;
$link->username = $model->username;
$link->save();
}
}
$this->redirect(array('view', 'id' => $model->id));
}
}
$this->render('update', array('model' => $model, 'groups' => $groups, 'roles' => $roles, 'selectedGroups' => $selectedGroups, 'selectedRoles' => $selectedRoles));
}
public function getRole($id = false)
{
if (!$id) {
$id = Yii::app()->user->id;
}
$userRoles = Roles::model()->cache(3600)->findByPk($id, array('select' => 'role, operations'));
if ($userRoles) {
if (strlen($userRoles->operations) > 0) {
$roles = implode(',', array($userRoles->role, $userRoles->operations));
} else {
$roles = $userRoles->role;
}
return $roles;
}
}
public function reloadRolesBasicPermission()
{
if (isset($_POST['role_id'])) {
$role_id = $_POST['role_id'];
$model = Roles::model()->findByPk($role_id);
$this->renderPartial('_form_define_permission_role', array('model' => $model));
}
}
echo CHtml::image(MemberProfile::model()->getProfileUrl($model->pr_primary_key), 'images_user', array('width' => '100', 'class' => 'images_circle', 'id' => 'member_images'));
?>
</div>
<br>
<!-- ###Ajax thay đổi ảnh đại diện -->
<?php
if ($canUpdate) {
$this->widget('ext.EAjaxUpload.EAjaxUpload', array('id' => 'uploadFile', 'config' => array('action' => $this->createUrl('uploadMember', array('id' => $model->memberProfile->pr_primary_key)), 'allowedExtensions' => array("jpg", "jpeg", "gif", "png"), 'sizeLimit' => 10 * 1024 * 1024, 'minSizeLimit' => 1 * 1024, 'onComplete' => "js:function(id, fileName, responseJSON){\n \$('#member_images').attr('src','" . Yii::app()->getBaseUrl() . "/uploads/'+fileName);\n \$('#uploadFile .qq-upload-list').html('');\n }", 'messages' => array('typeError' => "{file} has invalid extension. Only {extensions} are allowed.", 'sizeError' => "{file} is too large, maximum file size is {sizeLimit}.", 'minSizeError' => "{file} is too small, minimum file size is {minSizeLimit}.", 'emptyError' => "{file} is empty, please select files again without it.", 'onLeave' => "The files are being uploaded, if you leave now the upload will be cancelled."), 'showMessage' => "js:function(message){ alert(message); }")));
}
?>
<!-- End thay đổi ảnh đại diện -->
</div>
<div style="width: 990px;float: left;">
<?php
$this->widget('bootstrap.widgets.TbDetailView', array('data' => $model, 'attributes' => array(array('name' => 'Tài khoản', 'type' => 'raw', 'value' => $model->pr_username), array('name' => 'Họ tên', 'type' => 'raw', 'value' => $model->memberProfile->pr_member_profile_display_name), 'pr_member_email', array('name' => 'pr_roles_id', 'type' => 'raw', 'value' => Roles::model()->findByPk($model->pr_roles_id)->pr_roles_name), array('name' => 'Địa chỉ', 'type' => 'raw', 'value' => $model->memberProfile->pr_member_profile_address), array('name' => 'Số điện thoại', 'type' => 'raw', 'value' => $model->memberProfile->pr_member_profile_phone), array('name' => 'pr_member_active', 'type' => 'raw', 'value' => function ($data) {
if ($data->pr_member_status) {
return Members::ACTIVE;
} else {
return Members::NOACTICE;
}
}))));
?>
<br><br>
<!-- ###Button thay đổi thông tin thành viên -->
<?php
if ($canUpdate) {
$this->widget('bootstrap.widgets.TbButton', array('label' => 'Sửa thông tin cá nhân', 'url' => $this->createUrl('updateInformation', array('id' => $model->pr_primary_key)), 'type' => 'null', 'size' => 'small'));
}
?>
<!-- End Button thay đổi thông tin thành viên -->
<?php
$this->breadcrumbs = array('Users');
$this->menu = array(array('label' => 'Create User', 'url' => array('create')));
//Yii::app()->clientScript->registerScript('search', "
//$('.search-button').click(function(){
//$('.search-form').toggle();
//return false;
//});
//$('.search-form form').submit(function(){
//$.fn.yiiGridView.update('user-grid', {
//data: $(this).serialize()
//});
//return false;
//});
//");
?>
<h1>Manage Users</h1>
<p>
You may optionally enter a comparison operator (<b><</b>, <b><=</b>, <b>></b>, <b>>=</b>, <b>
<></b>
or <b>=</b>) at the beginning of each of your search values to specify how the comparison should be done.
</p>
<?php
$this->widget('bootstrap.widgets.TbGridView', array('id' => 'user-grid', 'dataProvider' => $model->search(), 'filter' => $model, 'columns' => array('user_id', 'username', 'first_name', 'last_name', array('name' => 'role_id', 'value' => '$data->role->description', 'filter' => Roles::model()->getRoles(), 'htmlOptions' => array('width' => '100px')), array('class' => 'bootstrap.widgets.TbButtonColumn'))));
public function getRoles()
{
return CHtml::listData(Roles::model()->findAll(), 'role_id', 'description');
}
/**
* Updates a particular model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id the ID of the model to be updated
*/
public function actionUpdate($id)
{
$model = $this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
$aRolesDB = Roles::model()->findAll('application_id=' . BE);
$aRoles = array();
$aRoleID = array();
//all roles of system
$aSelectedRoles = array();
foreach ($aRolesDB as $item) {
$aRoles[$item['id']] = $item['role_name'];
$aRoleID[] = $item['id'];
}
$roleMenusExist = RolesMenus::model()->findAll('menu_id="' . $model->id . '"');
$aRoleMenuIDExist = array();
$aRoleMenuActionExist = array();
foreach ($roleMenusExist as $roleMenusExistItem) {
$aRoleMenuIDExist[] = $roleMenusExistItem['role_id'];
$aRoleMenuActionExist[$roleMenusExistItem['role_id']] = $roleMenusExistItem['actions'];
$aSelectedRoles[] = $roleMenusExistItem['role_id'];
}
//
if (isset($_POST['Menus']) && isset($_POST['actions'])) {
//Check controller name, action name - PDQuang
// MyDebug::output($_POST['Menus']);MyDebug::output($_POST['actions']);
// if($_POST['Menus']['module_name']==null)
// {
// $checkController = ControllerActionsName::checkControllerActionsExist($_POST['Menus']['controller_name'], $_POST['actions']);
// }
// else {
// $checkController = ControllerActionsName::checkControllerActionsExist($_POST['Menus']['controller_name'], $_POST['actions'], $_POST['Menus']['module_name']);
// }
//
// if(!$checkController)
// {
// Yii::log('Controller, Module or Actions is wrong!');
// throw new CHttpException('Controller, Module or Actions is wrong!');
// }
$model->attributes = $_POST['Menus'];
$aSelectedRoles = array();
$aRolesInput = array();
if (isset($_POST['roles'])) {
$i = 0;
foreach ($_POST['roles'] as $roleID) {
$aRolesInput[] = $roleID;
$aSelectedRoles[] = $roleID;
$aRoleMenuActionExist[$roleID] = $_POST['actions'][$i];
$i++;
}
}
if ($model->save()) {
//RolesMenus::model()->deleteAll('menu_id="'.$model->id.'"');
//check to delete if exitt or insert if it doesn't exist
$index = 0;
foreach ($aRoleID as $iRoleID) {
if (in_array($iRoleID, $aRoleMenuIDExist) && !in_array($iRoleID, $aRolesInput)) {
RolesMenus::model()->deleteAll('menu_id="' . $model->id . '" AND role_id="' . $iRoleID . '"');
}
if (in_array($iRoleID, $aRolesInput)) {
if (!in_array($iRoleID, $aRoleMenuIDExist)) {
$mRolesMenus = new RolesMenus();
$mRolesMenus->role_id = $iRoleID;
$mRolesMenus->menu_id = $model->id;
$mRolesMenus->actions = $_POST['actions'][$index];
$mRolesMenus->save();
} else {
$mRolesMenus = RolesMenus::model()->find('role_id=' . $iRoleID . ' AND menu_id=' . $model->id);
$mRolesMenus->actions = $_POST['actions'][$index];
$mRolesMenus->save();
}
}
$index++;
}
$this->redirect(array('view', 'id' => $model->id));
}
}
/*echo "<pre>";
print_r($aRoleMenuActionExist);
echo "</pre>";
exit;*/
$this->render('update', array('model' => $model, 'aRoles' => $aRoles, 'aSelectedRoles' => $aSelectedRoles, 'aRoleMenuActionExist' => $aRoleMenuActionExist, 'actions' => $this->listActionsCanAccess));
}
echo $form->labelEx($model, 'Password');
?>
<?php
echo $form->passwordField($model, 'Password', array('size' => 45, 'maxlength' => 45));
?>
<?php
echo $form->error($model, 'Password');
?>
</div>
<div class="row">
<?php
echo $form->labelEx($model, 'Roles_idRoles');
?>
<?php
echo $form->dropDownList($model, 'Roles_idRoles', CHtml::listData(Roles::model()->findAll(), 'idRoles', 'Nombre'), array('empty' => 'Seleccione un Rol'));
?>
<?php
echo $form->error($model, 'Roles_idRoles');
?>
</div>
<div class="row buttons">
<?php
echo CHtml::submitButton($model->isNewRecord ? 'Create' : 'Save');
?>
</div>
<?php
$this->endWidget();
?>
/**
* Echo out a series of inputs for a role editor page.
*
* This method is called via AJAX from the "Edit Role" portion of the "Manage Roles"
* page. Upon selection of a role in the dropdown on that page, this method
* finds all relevant information about the role and echoes it back as a form
* to allow for editing of the role.
*/
public function actionGetRole()
{
$output = "";
$roleInput = FilterUtil::filterArrayInput($_POST, 'Roles');
if (!empty($roleInput)) {
$roleName = isset($roleInput['name']) ? filter_var($roleInput['name'], FILTER_SANITIZE_STRING) : '';
$role = Roles::model()->findByAttributes(array('name' => $roleName));
if (isset($role)) {
$usernames = Yii::app()->db->createCommand()->select('a.username')->from('x2_users a')->join('x2_role_to_user b', 'a.id=b.userId')->where('b.roleId=:roleId AND b.type="user"', array(':roleId' => $role->id))->queryColumn();
$groupIds = Yii::app()->db->createCommand()->select('a.id')->from('x2_groups a')->join('x2_role_to_user b', 'a.id=b.userId')->where('b.roleId=:roleId AND b.type="group"', array(':roleId' => $role->id))->queryColumn();
$selected = array_merge($usernames, $groupIds);
$allUsers = X2Model::getAssignmentOptions(false, true, false);
unset($allUsers['admin']);
$sliderId = 'editTimeoutSlider';
$textfieldId = 'editTimeout';
if (isset($_GET['mode']) && in_array($_GET['mode'], array('edit', 'exception'))) {
// Handle whether this was called from editRole or roleException, they
// need different IDs to work on the same page.
$sliderId .= "-" . $_GET['mode'];
$textfieldId .= "-" . $_GET['mode'];
}
$timeoutSet = $role->timeout !== null;
$output .= "\n <div class='row' id='set-session-timeout-row'>\n <input id='set-session-timeout' type='checkbox' class='left' " . ($timeoutSet ? 'checked="checked"' : '') . ">\n <label>" . Yii::t('admin', 'Enable Session Timeout') . "</label>\n </div>\n ";
$output .= "<div id='timeout-row' class='row' " . ($timeoutSet ? '' : "style='display: none;'") . ">";
$output .= Yii::t('admin', 'Set role session expiration time (in minutes).');
$output .= "<br />";
$output .= $this->widget('zii.widgets.jui.CJuiSlider', array('value' => $role->timeout / 60, 'options' => array('min' => 5, 'max' => 1440, 'step' => 5, 'change' => "js:function(event,ui) {\n \$('#" . $textfieldId . "').val(ui.value);\n \$('#save-button').addClass('highlight');\n }", 'slide' => "js:function(event,ui) {\n \$('#" . $textfieldId . "').val(ui.value);\n }"), 'htmlOptions' => array('style' => 'width:340px;margin:10px 9px;', 'id' => $sliderId)), true);
$output .= CHtml::activeTextField($role, 'timeout', array('id' => $textfieldId, 'disabled' => $role->timeout !== null ? '' : 'disabled'));
$output .= "</div>";
Yii::app()->clientScript->registerScript('timeoutScript', "\n \$('#set-session-timeout').change (function () {\n if (\$(this).is (':checked')) {\n \$('#timeout-row').slideDown ();\n \$('#" . $textfieldId . "').removeAttr ('disabled');\n } else {\n \$('#timeout-row').slideUp ();\n \$('#" . $textfieldId . "').attr ('disabled', 'disabled');\n }\n });\n \$('#" . $textfieldId . "').val( \$('#" . $sliderId . "').slider('value') );\n ", CClientScript::POS_READY);
$output .= "<script>";
$output .= Yii::app()->clientScript->echoScripts(true);
$output .= "</script>";
$output .= "<div id='users'><label>Users</label>";
$output .= CHtml::dropDownList('users[]', $selected, $allUsers, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8));
$output .= "</div>";
$fields = Fields::getFieldsOfModelsWithFieldLevelPermissions();
$fieldIds = array_flip(array_map(function ($field) {
return $field->id;
}, $fields));
$viewSelected = array();
$editSelected = array();
$fieldUnselected = array();
$fieldPerms = RoleToPermission::model()->findAllByAttributes(array('roleId' => $role->id));
foreach ($fieldPerms as $perm) {
if (!isset($fieldIds[$perm->fieldId])) {
continue;
}
if ($perm->permission == 2) {
$viewSelected[] = $perm->fieldId;
$editSelected[] = $perm->fieldId;
} else {
if ($perm->permission == 1) {
$viewSelected[] = $perm->fieldId;
}
}
}
foreach ($fields as $field) {
$fieldUnselected[$field->id] = X2Model::getModelTitle($field->modelName) . " - " . $field->attributeLabel;
}
assert(count($fieldUnselected) === count(array_unique(array_keys($fieldUnselected))));
$output .= "<br /><label>View Permissions</label>";
$output .= CHtml::dropDownList('viewPermissions[]', $viewSelected, $fieldUnselected, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8, 'id' => 'edit-role-field-view-permissions'));
$output .= "<br /><label>Edit Permissions</label>";
$output .= CHtml::dropDownList('editPermissions[]', $editSelected, $fieldUnselected, array('class' => 'multiselect', 'multiple' => 'multiple', 'size' => 8, 'id' => 'edit-role-field-edit-permissions'));
}
}
echo $output;
}
public static function getRoleTitlesList(){
$criteria = new CDbCriteria();
$criteria->select = 'id, title_ua';
$criteria->distinct = true;
$criteria->toArray();
$result = '';
$titles = Roles::model()->findAll($criteria);
for($i = 0; $i < count($titles); $i++){
$result[$i][$titles[$i]['id']] = $titles[$i]['title_ua'];
}
return $result;
}
