/** inheritdoc */
public static function displayForm($value, &$settings, $model)
{
if (!\CMF\Auth::can(array('view', 'edit'), 'CMF\\Model\\Permission')) {
return '';
}
// Kick the permissions and get the active classes
\CMF\Auth::create_permissions();
$all_actions = \CMF\Auth::all_actions();
$activeClasses = \CMF\Admin::activeClasses();
// Set up the values
$values = array();
if (isset($value) && ($value instanceof \Doctrine\Common\Collections\Collection || is_array($value))) {
foreach ($value as $val) {
$resource = $val->resource;
$action = $val->action;
$actions = isset($values[$resource]) ? $values[$resource] : array();
if (!in_array($action, $actions)) {
$actions[] = $action;
}
$values[$resource] = $actions;
}
}
// Get the resources defined in the config
$extra_resources = \CMF\Auth::extra_resources();
$resources = array();
$resource_group = array('title' => \Lang::get('admin.common.resources'), 'classes' => array());
$classes_index = 0;
// Set the values of the resources
foreach ($extra_resources as $resource_id => $extra_resource) {
$extra_resource['values'] = isset($values[$resource_id]) ? $values[$resource_id] : array();
$resource_group['classes'][$resource_id] = $extra_resource;
}
// If there are resources, add them at the top and update the classes index
if (count($resource_group['classes']) > 0) {
$resources[] = $resource_group;
$classes_index = 1;
}
$resources[] = array('title' => \Lang::get('admin.common.content_types'), 'classes' => array());
// Build the resources list...
foreach ($activeClasses as $class_name => $classes) {
if (count($classes) > 1) {
$class_group = array();
foreach ($classes as $group_class) {
$resource_title = $group_class::_static() ? $group_class::singular() : $group_class::plural();
$resource_icon = $group_class::icon();
$class_group[$group_class] = array('title' => $resource_title, 'icon' => $resource_icon, 'actions' => $group_class::_static() ? array('view', 'edit') : $all_actions, 'values' => isset($values[$group_class]) ? $values[$group_class] : array());
}
uasort($class_group, function ($a, $b) {
return strcmp(strtolower($a['title']), strtolower($b['title']));
});
$resources[] = array('title' => $class_name::plural(), 'classes' => $class_group);
} else {
$resource_title = $class_name::_static() ? $class_name::singular() : $class_name::plural();
$resource_icon = $class_name::icon();
$resources[$classes_index]['classes'][$class_name] = array('title' => $resource_title, 'icon' => $resource_icon, 'actions' => $class_name::_static() ? array('view', 'edit') : $all_actions, 'values' => isset($values[$class_name]) ? $values[$class_name] : array());
}
}
uasort($resources[$classes_index]['classes'], function ($a, $b) {
return strcmp(strtolower($a['title']), strtolower($b['title']));
});
$content = strval(\View::forge('admin/fields/auth/permissions.twig', array('settings' => $settings, 'resources' => $resources, 'actions' => $all_actions), false));
return array('content' => $content, 'widget' => true, 'widget_title' => $settings['title'], 'assets' => array());
}
public function action_permissions($table_name, $role_id = null)
{
$class_name = \Admin::getClassForTable($table_name);
if ($class_name === false) {
return $this->show404(null, "type");
}
if ($role_id == null) {
$first_role = \CMF\Model\Role::select('item.id')->setMaxResults(1)->getQuery()->getArrayResult();
if (count($first_role) > 0) {
$role_id = intval($first_role[0]['id']);
} else {
return $this->show404();
}
}
$role_check = intval(\CMF\Model\Role::select("COUNT(item.id)")->where("item.id = {$role_id}")->getQuery()->getSingleScalarResult());
if ($role_check === 0) {
return $this->show404(null, "role");
}
// Redirect straight to the edit page if the item is static
if ($class_name::_static() === true) {
$static_item = $class_name::select('item')->setMaxResults(1)->getQuery()->getResult();
if (count($static_item) > 0) {
$static_item = $static_item[0];
\Response::redirect("/admin/{$table_name}/" . $static_item->id . "/edit", 'location');
} else {
\Response::redirect("/admin/{$table_name}/create", 'location');
}
}
// Permissions
if (!\CMF\Auth::can(array('view', 'edit'), 'CMF\\Model\\Permission')) {
return $this->show403('action_plural', array('action' => \Lang::get('admin.verbs.manage'), 'resource' => \Lang::get('admin.common.permissions')));
} elseif (!\CMF\Auth::can('view', $class_name)) {
return $this->show403('action_plural', array('action' => \Lang::get('admin.verbs.manage'), 'resource' => strtolower($class_name::plural())));
}
// Get the values for the list
$qb = $class_name::select('item', 'item', 'item.id');
if (is_subclass_of($class_name, 'CMF\\Model\\Node')) {
$rows = $qb->where('item.is_root != true')->orderBy('item.root, item.lft', 'ASC')->getQuery()->getResult();
$this->is_tree = true;
} else {
$rows = $qb->getQuery()->getResult();
uasort($rows, function ($a, $b) {
return strcmp(strtolower($a->display()), strtolower($b->display()));
});
}
// Get the permissions associated with this role and these items
$ids = array_keys($rows);
$permissions = \CMF\Model\Permission::select('item')->leftJoin('item.roles', 'roles')->where("item.resource = '{$class_name}'")->andWhere("roles.id = {$role_id}");
if (count($ids) > 0) {
$permissions->andWhere("item.item_id IN(?1)")->setParameter(1, $ids);
}
$permissions = $permissions->getQuery()->getArrayResult();
// Transform the permissions into a form the template can understand
$values = array();
foreach ($permissions as $val) {
$item_id = $val['item_id'];
$action = $val['action'];
$actions = isset($values[$item_id]) ? $values[$item_id] : array();
if (!in_array($action, $actions)) {
$actions[] = $action;
}
$values[$item_id] = $actions;
}
// Get the roles for the menu
$roles = \CMF\Model\Role::select('item', 'item', 'item.id')->getQuery()->getArrayResult();
// Other data for the list
$all_actions = \CMF\Auth::all_actions();
$this->actions = array_filter(array_merge($all_actions, $class_name::actions()), function ($var) {
return $var != 'create';
});
$this->icon = $class_name::icon();
$this->rows = $rows;
$this->values = $values;
$this->plural = $class_name::plural();
$this->singular = $class_name::singular();
$this->template = 'admin/item/list-permissions.twig';
$this->roles = $roles;
$this->role_id = $role_id;
$this->role_name = isset($roles[$role_id]) ? $roles[$role_id]['name'] : '';
$this->table_name = $table_name;
// Add the stuff for JS
$this->js['table_name'] = $table_name;
$this->js['role_id'] = $role_id;
}
