/** * CRUD controller: UPDATE */ public function action_update() { $id_role = $this->request->param('id'); //we do not allow modify the admin if ($id_role == Model_Role::ROLE_ADMIN) { Alert::set(Alert::WARNING, __('Admin Role can not be modified!')); $this->redirect(Route::url('oc-panel', array('controller' => 'role'))); } $this->template->title = __('Update') . ' ' . __($this->_orm_model) . ' ' . $id_role; $role = new Model_Role($id_role); if ($this->request->post() and $role->loaded()) { //delete all the access DB::delete('access')->where('id_role', '=', $role->id_role)->execute(); //set all the access where post = on foreach ($_POST as $key => $value) { if ($value == 'on') { DB::insert('access', array('id_role', 'access'))->values(array($role->id_role, str_replace('|', '.', $key)))->execute(); } } //saving the role params $role->name = core::post('name'); $role->description = core::post('description'); $role->save(); Alert::set(Alert::SUCCESS, __('Item updated')); $this->redirect(Route::get($this->_route_name)->uri(array('controller' => Request::current()->controller()))); } //getting controllers actions $controllers = Model_Access::list_controllers(); //get all the access this user has $query = DB::select('access')->from('access')->where('id_role', '=', $id_role)->execute(); $access_in_use = array_keys($query->as_array('access')); // d(in_array('access_index',$access_in_use)); //d($access_in_use); return $this->render('oc-panel/pages/role/update', array('role' => $role, 'controllers' => $controllers, 'access_in_use' => $access_in_use)); }
/** * Add a role to user. * * @param integer|string $role_id * @return boolean */ public function add_role($role_id) { // Do not try to insert duplicate role if (!$this->has_role($role_id)) { try { $role = new Model_Role($role_id); if ($role->loaded()) { // Empty roles from current user to force reload $this->_roles = array(); return (bool) DB::insert('roles_users')->columns(array('role_id', 'user_id'))->values(array($role->id, $this->id))->execute($this->_db); } } catch (Exception $e) { } } return false; }
/** * Returns the access and information tied to a role. * @param Model_Role $role * @return stdClass stdClass of all properties for this role. * @throws Exception If Role object is not valid. */ public function _return_role_element($role) { $return_object = new stdClass(); if (!$role->loaded() or get_class($role) != "Model_Role") { throw new Exception("Invalid Role."); } $return_object->id = $role->id; $return_object->name = $role->name; $return_object->code = $role->code; $return_object->description = $role->description; $return_object->auth_expiration_length = $role->auth_expiration_length; $return_object->customer_read = $role->customer_read ? TRUE : FALSE; $return_object->customer_write = $role->customer_write ? TRUE : FALSE; $return_object->customer_sale_read = $role->customer_sale_read ? TRUE : FALSE; $return_object->customer_sale_write = $role->customer_sale_write ? TRUE : FALSE; $return_object->customer_payment_read = $role->customer_payment_read ? TRUE : FALSE; $return_object->customer_payment_write = $role->customer_payment_write ? TRUE : FALSE; $return_object->vendor_read = $role->vendor_read ? TRUE : FALSE; $return_object->vendor_write = $role->vendor_write ? TRUE : FALSE; $return_object->vendor_expense_read = $role->vendor_expense_read ? TRUE : FALSE; $return_object->vendor_expense_write = $role->vendor_expense_write ? TRUE : FALSE; $return_object->vendor_purchase_read = $role->vendor_purchase_read ? TRUE : FALSE; $return_object->vendor_purchase_write = $role->vendor_purchase_write ? TRUE : FALSE; $return_object->vendor_payment_read = $role->vendor_payment_read ? TRUE : FALSE; $return_object->vendor_payment_write = $role->vendor_payment_write ? TRUE : FALSE; $return_object->account_read = $role->account_read ? TRUE : FALSE; $return_object->account_write = $role->account_write ? TRUE : FALSE; $return_object->account_transaction_read = $role->account_transaction_read ? TRUE : FALSE; $return_object->account_transaction_write = $role->account_transaction_write ? TRUE : FALSE; $return_object->account_reconcile = $role->account_reconcile ? TRUE : FALSE; $return_object->books = $role->books ? TRUE : FALSE; $return_object->reports = $role->reports ? TRUE : FALSE; $return_object->setup = $role->setup ? TRUE : FALSE; return $return_object; }