/** Функция возвращает массив с правами пользователей на разделы в зависимости от выбранного режима section->use_organization = true|false если true - возвращает права по организациям access_organization->right_(view|create|edit|delete) если false - возвращает права на текущий раздел access->right_(view|create|edit|delete) Передаваемые параметры: $section_id (обязательный) - ИД Раздела (Section->id) $org_id (не обязательный, по умолчанию = 0) - ИД Результат: array('allow|deny' {,actions=array('index'|,'admin'|,'create'|,'edit'|,'delete')} ,users=>array('имя текущего пользователя') ) **/ public static function getAccessRight($section_id, $org_id = 0) { if (Yii::app()->user->role_admin) { return array('allow', 'users' => array(Yii::app()->user->name)); } $result_array = array('users' => array(Yii::app()->user->name)); $result_actions = array(); $modelSection = Section::model()->findByPk($section_id); if (count($modelSection) == 0) { return $result_array; } $tableAccess = Access::model()->tableSchema->rawName; $tableAccessOrganization = Yii::app()->db->tablePrefix . 'access_organization'; $tableGroupUser = Yii::app()->db->tablePrefix . 'group_user'; $model = Yii::app()->db->createCommand()->select('t.id,t.date_create,t.date_modification,' . (!$modelSection->use_organization ? 't.right_view,t.right_create,t.right_edit,t.right_delete' : ($org_id == 0 && $modelSection->use_organization ? 'a_o.right_view,' : 'a_o.right_view,') . 'a_o.right_view,a_o.right_create,a_o.right_edit,a_o.right_delete'))->from('{{access}} t')->leftJoin($tableAccessOrganization . ' a_o', '[t].[id]=[a_o].[id_access]' . (!($org_id == 0 && $modelSection->use_organization) ? ' AND [a_o].[id_organization]=' . $org_id : ''))->where('[t].[id_section]=' . $section_id . ' AND ([t].[id_user]=' . Yii::app()->user->id . ' OR ' . '[t].[id_group] IN (select [g_u].[id_group] from ' . $tableGroupUser . ' [g_u] ' . 'where [g_u].[id_user]=' . Yii::app()->user->id . '))')->queryAll(); foreach ($model as $value) { if ($value['right_view'] == true) { if (!in_array('index', $result_actions)) { $result_actions[] = 'index'; } if (!in_array('admin', $result_actions)) { $result_actions[] = 'admin'; } } if (!($modelSection->use_organization && $org_id == 0)) { if ($value['right_create'] == true) { if (!in_array('create', $result_actions)) { $result_actions[] = 'create'; } } if ($value['right_edit'] == true) { if (!in_array('edit', $result_actions)) { $result_actions[] = 'edit'; } } if ($value['right_delete'] == true) { if (!in_array('delete', $result_actions)) { $result_actions[] = 'delete'; } } } } if (count($result_actions)) { $result_array = array_merge($result_array, array('allow', 'actions' => $result_actions)); } else { $result_array = array_merge($result_array, array('deny')); } return $result_array; }
/** * Returns the data model based on the primary key given in the GET variable. * If the data model is not found, an HTTP exception will be raised. * @param integer $id the ID of the model to be loaded * @return Section the loaded model * @throws CHttpException */ public function loadModel($id) { $model = Section::model()->findByPk($id); if ($model === null) { throw new CHttpException(404, 'The requested page does not exist.'); } return $model; }
{ $criteria = new CDbCriteria(); $criteria->condition = "sectionid={$sid} and questionid={$questionid} and projectid={$projectid}"; $ans = Answers::model()->find($criteria); if ($ans) { return $ans->Answer; } } ?> <div style="margin: 10px auto;width: 700px;"> <?php $criteria = new CDbCriteria(); $criteria->order = "XOrder"; $steps = Section::model()->findAll($criteria); foreach ($steps as $step) { if (checkQuestion($step->Id)) { ?> <h3><?php echo $step->Title; ?> <a style="margin-left: 90px;font-size:13px;" onclick="doredirects('<?php echo $step->Id; ?> ')"> Click here to edit this section </a> </h3> <?php $criteria = new CDbCriteria();
}); if ($('#<?php echo CHtml::activeId($model, 'use_organization'); ?> ').is(':checked')) { $('#orgs').show(); } else { $('#orgs').hide(1); } }); </script> <div class="well" style="background: #fff;" id="orgs"> <?php $this->widget('CTreeView', array('data' => Section::model()->getListOrganization(0, $model->id))); ?> </div> <div class="form-actions"> <?php $this->widget('bootstrap.widgets.TbButton', array('buttonType' => 'submit', 'type' => 'primary', 'label' => $model->isNewRecord ? 'Создать' : 'Сохранить')); ?> </div> <?php $this->endWidget();