/**
* Write link permissions method
*
*/
protected function _writeLinkPermissions()
{
$acos = array();
$privileges = $this->find('all', array('conditions' => array('Privilege._create' => 1, 'Privilege._read' => 1, 'Privilege._update' => 1, 'Privilege._delete' => 1)));
foreach ($privileges as $privilege) {
if (!empty($acos[$privilege['Privilege']['aco_id']])) {
$acos[$privilege['Privilege']['aco_id']] = $acos[$privilege['Privilege']['aco_id']] . ',' . $privilege['Privilege']['aro_id'];
} else {
$acos[$privilege['Privilege']['aco_id']] = $privilege['Privilege']['aro_id'];
}
}
$settings = '';
foreach ($acos as $aco => $aros) {
$path = $this->Section->getPath($aco);
// all of the acos parents
if ($path === null) {
// if path is null we need to delete the aros_acos that use that aco because it doesn't exist
$this->deleteAll(array('Privilege.aco_id' => $aco));
} else {
$url = str_replace('controllers', '', Inflector::singularize(Inflector::tableize(ZuhaInflector::flatten(Set::extract('/Section/alias', $path), array('separator' => '/')))));
$settings .= $url . ' = ' . $aros . PHP_EOL;
}
}
App::uses('Setting', 'Model');
$Setting = new Setting();
$data['Setting']['type'] = 'APP';
$data['Setting']['name'] = 'LINK_PERMISSIONS';
$data['Setting']['value'] = trim($settings);
$Setting->add($data);
}
/**
* Procreate method
*
* @param uuid $userRoleId
*/
public function procreate($userRoleId = null)
{
if ($this->request->is('post')) {
$this->User->autoLogin = false;
if ($this->User->procreate($this->request->data)) {
$this->Session->setFlash(__('User created.'));
$this->redirect(array('action' => 'dashboard'));
} else {
$this->Session->setFlash(__('Error, user save failed ' . ZuhaInflector::flatten($this->User->invalidFields())));
}
}
$userRoles = $this->User->UserRole->find('list', array('conditions' => array('UserRole.id !=' => 1, 'UserRole.name !=' => 'guests')));
// remove the administrators group by default - too insecure
$userRoleId = count($userRoles) == 1 && empty($userRoleId) ? key($userRoles) : $userRoleId;
$userRoleId = defined('__APP_DEFAULT_USER_REGISTRATION_ROLE_ID') && empty($userRoleId) ? __APP_DEFAULT_USER_REGISTRATION_ROLE_ID : $userRoleId;
$this->set(compact('userRoleId', 'userRoles'));
$title = !empty($userRoles[$userRoleId]) ? Inflector::humanize($userRoles[$userRoleId]) . ' Registration' : 'User Registration';
$this->set('title_for_layout', $title . ' | ' . __SYSTEM_SITE_NAME);
$this->set('page_title_for_layout', $title);
}
/**
* Import
*
* Note: To avoid having to tweak the contents of $csvData,
* you should use your db field names as the heading names.
* eg: User.id, User.title, User.description
*
* @param array $data
* @return type
* @todo Make sure fopen can't be hacked, it's the main point of entry for the base64 attack.
*/
function importFromCsv($data = array(), $options = array())
{
$options = array_merge(array($this->alias => array('notify' => true)), $options);
$this->caller = 'import';
if ($data['Import']['csv']['error'] !== UPLOAD_ERR_OK) {
return array('errors' => 'We did not receive your file. Please try again.');
}
// open the file
$handle = fopen($data['Import']['csv']['tmp_name'], "r");
// read the 1st row as headings
$header = fgetcsv($handle);
// create a message container
$return = array('messages' => array(), 'errors' => array());
// read each data row in the file
while (($row = fgetcsv($handle)) !== FALSE) {
$i++;
$csvData['User'] = $data['User'];
// for each header field
foreach ($header as $k => $head) {
// get the data field from Model.field
if (strpos($head, '.') !== false) {
$h = explode('.', $head);
$csvData[$h[0]][$h[1]] = isset($row[$k]) ? $row[$k] : '';
} else {
$csvData[$this->alias][$head] = isset($row[$k]) ? $row[$k] : '';
}
}
// see if we have an id
$id = isset($csvData[$this->alias]['id']) ? $csvData[$this->alias]['id'] : 0;
// we have an id, so we update
if ($id) {
// there is 2 options here,
// option 1:
// load the current row, and merge it with the new data
//$this->recursive = -1;
//$event = $this->read(null,$id);
//$csvData['Event'] = array_merge($event['Event'],$csvData['Event']);
// option 2:
// set the model id
$this->id = $id;
} else {
// or create a new record
$this->create();
}
// save the row
if ($this->procreate($csvData)) {
// success message!
$return['messages'][] = __('User for Row %d was saved.', $i);
} else {
$return['errors'][] = ZuhaInflector::flatten($this->validationErrors);
$return['messages'][] = __('User for Row %d failed to save.', $i);
}
}
// close the file
fclose($handle);
// return the messages
return $return;
}
/**
* Protected add method
*
* If a gallery id is given, check the defaults, attach the upload behavior, and perform the upload.
* If no gallery id is given, create a gallery first using site settings, and make the submitted image the th
* The gallery add() function calls back to this function to perform the upload.
*
* This protected version of the add function was pushed down so that it could be called multiple times.
*
* @access protected
* @param array
* @param string
* @return bool
*/
protected function _add($data, $uploadFieldName)
{
$data = $this->checkForGallery($data);
if (!empty($data['GalleryImage']['gallery_id'])) {
if ($data['GalleryImage']['mimetype'] == 'video') {
// special "video" keyword case where we just save the image data because its a video
return $this->save($data);
} else {
if (!empty($data['GalleryImage'][$uploadFieldName])) {
// existing gallery and image submitted
$uploadOptions[$uploadFieldName] = $this->_getImageOptions($data);
$this->Behaviors->attach('Galleries.MeioUpload', $uploadOptions);
$this->create();
if ($this->save($data)) {
return true;
} else {
throw new Exception(__('ERROR : %s', ZuhaInflector::flatten($this->invalidFields())));
}
} else {
// just saving an existing gallery
if ($this->Gallery->save($data)) {
return true;
} else {
throw new Exception(__d('galleries', 'ERROR : Gallery save failed.', true));
}
}
}
} else {
// new gallery
if ($this->Gallery->add($data, $uploadFieldName)) {
return true;
} else {
throw new Exception(__d('galleries', 'ERROR : Gallery add failed.', true));
}
}
}
