public function actionIndex() { $this->layout = 'column1'; $model = new AuthItem(); $child = new AuthItemchild(); if (isset($_POST['AuthItem'])) { $model->attributes = $_POST['AuthItem']; $model->type = 1; $child->attributes = $_POST['AuthItemchild']; $child->child = $model->name; $save = $child->validate() && $model->validate(); if ($save) { $auth = Yii::app()->authManager; $auth->createTask($model->name, $model->description, $model->bizrule, $model->data); $child->attributes = $_POST['AuthItemchild']; if ($child->validate()) { $auth->addItemChild($child->parent, $child->child); } Yii::app()->user->setFlash('success', 'Action allowed successfully.'); $this->redirect(array('index')); } else { Yii::app()->user->setFlash('error', 'Error in saving.'); } } $role = AuthItem::model()->findAll(array('condition' => 'type=2')); $this->render('index', array('model' => $model, 'role' => $role, 'child' => $child)); }
/** * Add role action */ public function actionaddauthitem() { // Perms if (!Yii::app()->user->checkAccess('op_roles_add_auth')) { throw new CHttpException(403, Yii::t('error', 'Sorry, You don\'t have the required permissions to enter this section')); } $model = new AuthItem(); if (isset($_POST['AuthItem'])) { $model->attributes = $_POST['AuthItem']; if ($model->validate()) { // Create an auth item based on those parameters Yii::app()->authManager->createAuthItem($model->name, $model->type, $model->description, $model->bizrule, $model->data ? $model->data : null); Yii::app()->user->setFlash('success', Yii::t('adminroles', 'Role Added.')); $this->redirect(array('roles/index')); } } $this->breadcrumbs[Yii::t('adminroles', 'Adding Role')] = ''; $this->pageTitle[] = Yii::t('adminroles', 'Adding Role'); $this->render('authitem_form', array('model' => $model, 'label' => Yii::t('adminroles', 'Adding Auth Item'))); }
public function actionCreate() { $parent = $this->getItem(); $item = new AuthItem(); $item_child = new AuthItemChild(); if (isset($_POST['AuthItem'])) { $item->attributes = $_POST['AuthItem']; $item_child->attributes = $_POST['AuthItemChild']; $item_child->child = $item->name; if ($item->validate() && $item_child->validate()) { $item->save(false); $item_child->save(false); $this->redirect(array('view', 'name' => $item->name)); } } $this->render('create', array('parent' => $parent, 'item' => $item, 'item_child' => $item_child)); }
/** * * @desc */ public function actionEdit() { $this->checkAccess('RbacViewer', true); $model = new AuthItem(); if (empty($_POST)) { if (isset($_GET['item'])) { if (in_array($_GET['item'], $this->protectedItems)) { $this->messageErrors[] = "Warning! Item is protected by Controller"; } $model->attributes = $_GET; if ($model->validate()) { $name = urldecode($_GET['item']); if ($item = $model->findByAttributes(array('name' => $name))) { // display edit Item box $this->editItem = $item; $this->actionIndex(); } else { $this->messageErrors[] = "The Item you want to edit does not exist"; } } else { $this->messageErrors[] = "Unsecure Data detected. Please mail the Siteadmin if this Problem returns."; } } else { //ignore missing item and display index $this->actionIndex(); } } else { $this->checkAccess('RbacEditor', true); // filter names $_POST['editItem']['name'] = $this->filterString($_POST['editItem']['name'], $this->filterNames); $model->attributes = $_POST['editItem']; $oldName = $_POST['oldName']; if (in_array($oldName, $this->protectedItems) || in_array($_POST['editItem']['name'], $this->protectedItems)) { $this->messageErrors[] = "Sorry, Item is protected by Controller"; $this->actionIndex(); } if ($model->validate()) { if (isset($_POST['updateItem'])) { $this->_updateItem($_POST['editItem'], $oldName); } elseif (isset($_POST['createItem'])) { if (!AuthItem::model()->findByAttributes(array('name' => $_POST['editItem']['name']))) { $model->setIsNewRecord(true); $model->save(); $this->messageSuccess[] = "Item {$_POST['editItem']['name']} successfull created."; } else { $this->messageErrors[] = "Create Error: New Item <i>{$_POST['editItem']['name']}</i> already exists"; $this->editItem = $model; $this->actionIndex(); } } elseif (isset($_POST['deleteItem'])) { AuthItem::model()->deleteAllByAttributes(array('name' => $oldName)); AuthItemChild::model()->deleteAllByAttributes(array('parent' => $oldName)); AuthItemChild::model()->deleteAllByAttributes(array('child' => $oldName)); AuthAssignment::model()->deleteAllByAttributes(array('itemname' => $oldName)); $this->messageSuccess[] = "Item {$oldName} successfull deleted."; } else { // ignore not existing submit option and render page } $this->actionIndex(); } else { //use Yii error system $model->setIsNewRecord(true); $this->editItem = $model; $this->actionIndex(); } } }