Exemple #1
0
 public function buildPermissions()
 {
     $options = [];
     $options['clearSelect'] = true;
     $options['select'][] = \Rebond\Core\Permission\Data::getList(['id', 'title']);
     $options['where'][] = 'permission.status IN (0,1)';
     $options['order'][] = 'permission.title';
     $items = \Rebond\Core\Permission\Data::loadAll($options);
     $options['clearSelect'] = true;
     $options['select'][] = \Rebond\Core\RolePermission\Data::getList(['permission_id']);
     $permissions = \Rebond\Core\RolePermission\Data::loadAllByRoleId($this->getModel()->getId());
     $selectedValues = [];
     if (isset($permissions)) {
         foreach ($permissions as $permission) {
             $selectedValues[] = $permission->getPermissionId();
         }
     }
     return Util\Form::buildCheckboxList('permission' . $this->unique, $items, 'id', 'title', $selectedValues);
 }
Exemple #2
0
 public function role_permission()
 {
     // auth
     Auth::isAdminAuthorized($this->signedUser, 'admin.user.role', true, '/user/role');
     // check
     $id = Converter::int('id');
     $permissionIds = Converter::arr('permission', 'post');
     $role = \Rebond\Core\Role\Data::loadById($id);
     if (!isset($role)) {
         Session::adminError('itemNotFound', [$id], '/user/role');
     }
     $form = new \Rebond\Core\Role\Form($role);
     // action
     if (isset($_POST['save'])) {
         Auth::isAdminAuthorized($this->signedUser, 'admin.user.role.edit', true, '/user/role-permission?id=' . $id);
         \Rebond\Core\RolePermission\Data::deleteByRoleId($id);
         $newPermissions = [];
         if (isset($permissionIds)) {
             foreach ($permissionIds as $permissionId) {
                 $rolePermission = new \Rebond\Core\RolePermission\Model();
                 $rolePermission->setRoleId($role->getId());
                 $rolePermission->setPermissionId($permissionId);
                 $newPermissions[] = $rolePermission;
             }
         }
         \Rebond\Core\RolePermission\Data::saveAll($newPermissions);
         Session::adminSuccess('saved', '/user/role');
     }
     // view
     $this->setTpl();
     // main
     $tplMain = new Template(Template::MODULE, ['core', 'role']);
     $tplMain->set('item', $form);
     // layout
     if (Auth::isAdminAuthorized($this->signedUser, 'admin.user.role.edit', false)) {
         $this->tplLayout->set('column1', $tplMain->render('editor-permission'));
     } else {
         // @todo create viewer-permission template
         $this->tplLayout->set('column1', $tplMain->render('editor-permission'));
     }
     // master
     $this->tplMaster->set('layout', $this->tplLayout->render('layout-1-col'));
     return $this->tplMaster->render('tpl-default');
 }
Exemple #3
0
 public function updateStatus()
 {
     if (!$this->hasPrivilege(null)) {
         return $this->noPrivilege('admin');
     }
     $json = [];
     $json['result'] = ResultType::ERROR;
     // check
     $package = Converter::string('package', 'post');
     $entity = Converter::string('entity', 'post');
     $id = Converter::int('id', 'post');
     $id2 = Converter::int('id2', 'post');
     $status = Converter::int('status', 'post');
     if (!isset($package) || !isset($entity) || !isset($id) || !isset($status)) {
         $json['message'] = Lang::lang('errorInvalidParameters');
         return json_encode($json);
     }
     $update = 'saved';
     // check item
     $genericData = '\\Rebond\\' . $package . '\\' . $entity . '\\Data';
     $newStatus = StatusType::INACTIVE;
     // active
     if ($status == StatusType::INACTIVE) {
         $newStatus = StatusType::ACTIVE;
         // inactive
     } else {
         if ($status == StatusType::ACTIVE) {
             $newStatus = StatusType::INACTIVE;
             // undelete
         } else {
             if ($status == StatusType::DELETED) {
                 $newStatus = StatusType::INACTIVE;
                 // delete
             } else {
                 if ($status === 3) {
                     $newStatus = StatusType::DELETED;
                 }
             }
         }
     }
     // update status
     // single id table
     if ($id2 == 0) {
         // update
         if ($newStatus == StatusType::INACTIVE || $newStatus == StatusType::ACTIVE) {
             if (!$this->hasPrivilege('admin.status')) {
                 return $this->noPrivilege('admin.status');
             }
             $genericData::updateStatus($id, $newStatus);
         } else {
             if ($newStatus == StatusType::DELETED) {
                 $update = 'deleted';
                 switch ($entity) {
                     case 'Component':
                         if (!$this->hasPrivilege('admin.cms.component.edit')) {
                             return $this->noPrivilege('admin.cms.component.edit');
                         }
                         \Rebond\Cms\Gadget\Data::deleteByComponentId($id);
                         $genericData::updateStatus($id, $newStatus);
                         break;
                     case 'Feedback':
                         if (!$this->hasPrivilege('admin.dev')) {
                             return $this->noPrivilege('admin.dev');
                         }
                         $genericData::deleteById($id);
                         break;
                     case 'Filter':
                         if (!$this->hasPrivilege('admin.cms.filter.edit')) {
                             return $this->noPrivilege('admin.cms.filter.edit');
                         }
                         \Rebond\Cms\Content\Data::clearFilter($id);
                         $genericData::deleteById($id);
                         break;
                     case 'Gadget':
                         if (!$this->hasPrivilege('admin.page.gadget.edit')) {
                             return $this->noPrivilege('admin.page.gadget.edit');
                         }
                         $genericData::deleteById($id);
                         break;
                     case 'Layout':
                         if (!$this->hasPrivilege('admin.cms.layout.edit')) {
                             return $this->noPrivilege('admin.cms.layout.edit');
                         }
                         $options = [];
                         $options['clearSelect'] = true;
                         $options['select'][] = \Rebond\Cms\Page\Data::getList(['id']);
                         $options['join'][] = 'cms_layout layout ON layout.id = page.layout_id';
                         $options['where'][] = ['layout.id = ?', $id];
                         $pages = \Rebond\Cms\Page\Data::loadAll($options);
                         if (isset($pages) && count($pages) > 0) {
                             $json['result'] = ResultType::ERROR;
                             $json['message'] = 'The layout could not be deleted because ' . count($pages) . ' pages still use it';
                             return json_encode($json);
                         }
                         $genericData::deleteById($id);
                         break;
                     case 'Log':
                         if (!$this->hasPrivilege('admin.tools.log.edit')) {
                             return $this->noPrivilege('admin.tools.log.edit');
                         }
                         $genericData::deleteById($id);
                         break;
                     case 'Module':
                         if (!$this->hasPrivilege('admin.cms.module.edit')) {
                             return $this->noPrivilege('admin.cms.module.edit');
                         }
                         $options = [];
                         $options['clearSelect'] = true;
                         $options['select'][] = \Rebond\Cms\Component\Data::getList(['id']);
                         $options['where'][] = ['component.module_id = ?', $id];
                         $components = \Rebond\Cms\Component\Data::loadAll($options);
                         if (count($components) > 0) {
                             foreach ($components as $component) {
                                 \Rebond\Cms\Component\Data::updateStatus($component->getComponentId(), $newStatus);
                                 \Rebond\Cms\Gadget\Data::deleteByComponentId($component->getComponentId());
                             }
                         }
                         $genericData::updateStatus($id, $newStatus);
                         break;
                     case 'ModuleMedia':
                         if (!$this->hasPrivilege('admin.cms.media-link.edit')) {
                             return $this->noPrivilege('admin.cms.media-link.edit');
                         }
                         $genericData::deleteById($id);
                         break;
                     case 'Permission':
                         if (!$this->hasPrivilege('admin.user.permission.edit')) {
                             return $this->noPrivilege('admin.user.permission.edit');
                         }
                         \Rebond\Core\RolePermission\Data::deleteByPermissionId($id);
                         $genericData::deleteById($id);
                         break;
                     case 'Role':
                         if (!$this->hasPrivilege('admin.user.role.edit')) {
                             return $this->noPrivilege('admin.user.role.edit');
                         }
                         $userRoles = \Rebond\Core\UserRole\Data::loadAllByRoleId($id);
                         if (isset($userRoles) && count($userRoles) > 0) {
                             $json['result'] = ResultType::ERROR;
                             $json['message'] = 'The role could not be deleted because ' . count($userRoles) . ' users still use it';
                             return json_encode($json);
                         }
                         \Rebond\Core\UserRole\Data::deleteByRoleId($id);
                         \Rebond\Core\RolePermission\Data::deleteByRoleId($id);
                         $genericData::deleteById($id);
                         break;
                     case 'Template':
                         if (!$this->hasPrivilege('admin.cms.template.edit')) {
                             return $this->noPrivilege('admin.cms.template.edit');
                         }
                         $options = [];
                         $options['clearSelect'] = true;
                         $options['select'][] = \Rebond\Cms\Page\Data::getList(['id']);
                         $options['join'][] = 'cms_template template ON template.id = page.template_id';
                         $options['where'][] = ['template.id = ?', $id];
                         $pages = \Rebond\Cms\Page\Data::loadAll($options);
                         if (isset($pages) && count($pages) > 0) {
                             $json['result'] = ResultType::ERROR;
                             $json['message'] = 'The template could not be deleted because ' . count($pages) . ' pages still use it';
                             return json_encode($json);
                         }
                         $genericData::deleteById($id);
                         break;
                     case 'User':
                         if (!$this->hasPrivilege('admin.user.edit')) {
                             return $this->noPrivilege('admin.user.edit');
                         }
                         $genericData::updateStatus($id, $newStatus);
                         break;
                     default:
                         Log::log(Error::ITEM_NOT_FOUND, 'entity: ' . $entity, __FILE__, __LINE__);
                         if (!$this->hasPrivilege('admin.status')) {
                             return $this->noPrivilege('admin.status');
                         }
                         $genericData::deleteById($id);
                         break;
                 }
             }
         }
         // double id table
     } else {
         if ($newStatus == StatusType::DELETED) {
             if (!$this->hasPrivilege('admin.status.relation')) {
                 return $this->noPrivilege('admin.status.relation');
             }
             $genericData::deleteByIds($id, $id2);
             $update = 'deleted';
         } else {
             if (!$this->hasPrivilege('admin.status')) {
                 return $this->noPrivilege('admin.status');
             }
             $genericData::updateStatus($id, $id2, $newStatus);
         }
     }
     // result
     $json['result'] = ResultType::SUCCESS;
     $json['message'] = Lang::lang($update);
     return json_encode($json);
 }