Esempi in PHP per UserRole::setPermissionsFor

Esempio n. 1

File: UserController.php Progetto: ReekenX/wolfcms

 /**
  * @todo merge _add() and _edit() into one _store()
  *
  * @param <type> $id
  */
 private function _edit($id)
 {
     use_helper('Validate');
     $data = $_POST['user'];
     Flash::set('post_data', (object) $data);
     // Add pre-save checks here
     $errors = false;
     // CSRF checks
     if (isset($_POST['csrf_token'])) {
         $csrf_token = $_POST['csrf_token'];
         if (!SecureToken::validateToken($csrf_token, BASE_URL . 'user/edit')) {
             Flash::set('error', __('Invalid CSRF token found!'));
             redirect(get_url('user/edit/' . $id));
         }
     } else {
         Flash::set('error', __('No CSRF token found!'));
         redirect(get_url('user/edit/' . $id));
     }
     // check if user want to change the password
     if (strlen($data['password']) > 0) {
         // check if pass and confirm are egal and >= 5 chars
         if (strlen($data['password']) >= 5 && $data['password'] == $data['confirm']) {
             unset($data['confirm']);
         } else {
             Flash::set('error', __('Password and Confirm are not the same or too small!'));
             redirect(get_url('user/edit/' . $id));
         }
     } else {
         unset($data['password'], $data['confirm']);
     }
     // Check alphanumerical fields
     $fields = array('username');
     foreach ($fields as $field) {
         if (!empty($data[$field]) && !Validate::alphanum_space($data[$field])) {
             $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field));
         }
     }
     if (!empty($data['name']) && !Validate::alphanum_space($data['name'], true)) {
         $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'name'));
     }
     if (!empty($data['email']) && !Validate::email($data['email'])) {
         $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'email'));
     }
     if (!empty($data['language']) && !Validate::alpha($data['language'])) {
         $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'language'));
     }
     if ($errors !== false) {
         // Set the errors to be displayed.
         Flash::set('error', implode('<br/>', $errors));
         redirect(get_url('user/edit/' . $id));
     }
     $user = Record::findByIdFrom('User', $id);
     if (isset($data['password'])) {
         if (empty($user->salt)) {
             $user->salt = AuthUser::generateSalt();
         }
         $data['password'] = AuthUser::generateHashedPassword($data['password'], $user->salt);
     }
     $user->setFromData($data);
     if ($user->save()) {
         if (AuthUser::hasPermission('user_edit')) {
             // now we need to add permissions
             $data = isset($_POST['user_permission']) ? $_POST['user_permission'] : array();
             UserRole::setPermissionsFor($user->id, $data);
         }
         Flash::set('success', __('User has been saved!'));
         Observer::notify('user_after_edit', $user->name);
     } else {
         Flash::set('error', __('User has not been saved!'));
     }
     if (AuthUser::getId() == $id) {
         redirect(get_url('user/edit/' . $id));
     } else {
         redirect(get_url('user'));
     }
 }