public function buildPermissions()
{
$options = [];
$options['clearSelect'] = true;
$options['select'][] = \Rebond\Core\Permission\Data::getList(['id', 'title']);
$options['where'][] = 'permission.status IN (0,1)';
$options['order'][] = 'permission.title';
$items = \Rebond\Core\Permission\Data::loadAll($options);
$options['clearSelect'] = true;
$options['select'][] = \Rebond\Core\RolePermission\Data::getList(['permission_id']);
$permissions = \Rebond\Core\RolePermission\Data::loadAllByRoleId($this->getModel()->getId());
$selectedValues = [];
if (isset($permissions)) {
foreach ($permissions as $permission) {
$selectedValues[] = $permission->getPermissionId();
}
}
return Util\Form::buildCheckboxList('permission' . $this->unique, $items, 'id', 'title', $selectedValues);
}
public function role_permission()
{
// auth
Auth::isAdminAuthorized($this->signedUser, 'admin.user.role', true, '/user/role');
// check
$id = Converter::int('id');
$permissionIds = Converter::arr('permission', 'post');
$role = \Rebond\Core\Role\Data::loadById($id);
if (!isset($role)) {
Session::adminError('itemNotFound', [$id], '/user/role');
}
$form = new \Rebond\Core\Role\Form($role);
// action
if (isset($_POST['save'])) {
Auth::isAdminAuthorized($this->signedUser, 'admin.user.role.edit', true, '/user/role-permission?id=' . $id);
\Rebond\Core\RolePermission\Data::deleteByRoleId($id);
$newPermissions = [];
if (isset($permissionIds)) {
foreach ($permissionIds as $permissionId) {
$rolePermission = new \Rebond\Core\RolePermission\Model();
$rolePermission->setRoleId($role->getId());
$rolePermission->setPermissionId($permissionId);
$newPermissions[] = $rolePermission;
}
}
\Rebond\Core\RolePermission\Data::saveAll($newPermissions);
Session::adminSuccess('saved', '/user/role');
}
// view
$this->setTpl();
// main
$tplMain = new Template(Template::MODULE, ['core', 'role']);
$tplMain->set('item', $form);
// layout
if (Auth::isAdminAuthorized($this->signedUser, 'admin.user.role.edit', false)) {
$this->tplLayout->set('column1', $tplMain->render('editor-permission'));
} else {
// @todo create viewer-permission template
$this->tplLayout->set('column1', $tplMain->render('editor-permission'));
}
// master
$this->tplMaster->set('layout', $this->tplLayout->render('layout-1-col'));
return $this->tplMaster->render('tpl-default');
}
public function updateStatus()
{
if (!$this->hasPrivilege(null)) {
return $this->noPrivilege('admin');
}
$json = [];
$json['result'] = ResultType::ERROR;
// check
$package = Converter::string('package', 'post');
$entity = Converter::string('entity', 'post');
$id = Converter::int('id', 'post');
$id2 = Converter::int('id2', 'post');
$status = Converter::int('status', 'post');
if (!isset($package) || !isset($entity) || !isset($id) || !isset($status)) {
$json['message'] = Lang::lang('errorInvalidParameters');
return json_encode($json);
}
$update = 'saved';
// check item
$genericData = '\\Rebond\\' . $package . '\\' . $entity . '\\Data';
$newStatus = StatusType::INACTIVE;
// active
if ($status == StatusType::INACTIVE) {
$newStatus = StatusType::ACTIVE;
// inactive
} else {
if ($status == StatusType::ACTIVE) {
$newStatus = StatusType::INACTIVE;
// undelete
} else {
if ($status == StatusType::DELETED) {
$newStatus = StatusType::INACTIVE;
// delete
} else {
if ($status === 3) {
$newStatus = StatusType::DELETED;
}
}
}
}
// update status
// single id table
if ($id2 == 0) {
// update
if ($newStatus == StatusType::INACTIVE || $newStatus == StatusType::ACTIVE) {
if (!$this->hasPrivilege('admin.status')) {
return $this->noPrivilege('admin.status');
}
$genericData::updateStatus($id, $newStatus);
} else {
if ($newStatus == StatusType::DELETED) {
$update = 'deleted';
switch ($entity) {
case 'Component':
if (!$this->hasPrivilege('admin.cms.component.edit')) {
return $this->noPrivilege('admin.cms.component.edit');
}
\Rebond\Cms\Gadget\Data::deleteByComponentId($id);
$genericData::updateStatus($id, $newStatus);
break;
case 'Feedback':
if (!$this->hasPrivilege('admin.dev')) {
return $this->noPrivilege('admin.dev');
}
$genericData::deleteById($id);
break;
case 'Filter':
if (!$this->hasPrivilege('admin.cms.filter.edit')) {
return $this->noPrivilege('admin.cms.filter.edit');
}
\Rebond\Cms\Content\Data::clearFilter($id);
$genericData::deleteById($id);
break;
case 'Gadget':
if (!$this->hasPrivilege('admin.page.gadget.edit')) {
return $this->noPrivilege('admin.page.gadget.edit');
}
$genericData::deleteById($id);
break;
case 'Layout':
if (!$this->hasPrivilege('admin.cms.layout.edit')) {
return $this->noPrivilege('admin.cms.layout.edit');
}
$options = [];
$options['clearSelect'] = true;
$options['select'][] = \Rebond\Cms\Page\Data::getList(['id']);
$options['join'][] = 'cms_layout layout ON layout.id = page.layout_id';
$options['where'][] = ['layout.id = ?', $id];
$pages = \Rebond\Cms\Page\Data::loadAll($options);
if (isset($pages) && count($pages) > 0) {
$json['result'] = ResultType::ERROR;
$json['message'] = 'The layout could not be deleted because ' . count($pages) . ' pages still use it';
return json_encode($json);
}
$genericData::deleteById($id);
break;
case 'Log':
if (!$this->hasPrivilege('admin.tools.log.edit')) {
return $this->noPrivilege('admin.tools.log.edit');
}
$genericData::deleteById($id);
break;
case 'Module':
if (!$this->hasPrivilege('admin.cms.module.edit')) {
return $this->noPrivilege('admin.cms.module.edit');
}
$options = [];
$options['clearSelect'] = true;
$options['select'][] = \Rebond\Cms\Component\Data::getList(['id']);
$options['where'][] = ['component.module_id = ?', $id];
$components = \Rebond\Cms\Component\Data::loadAll($options);
if (count($components) > 0) {
foreach ($components as $component) {
\Rebond\Cms\Component\Data::updateStatus($component->getComponentId(), $newStatus);
\Rebond\Cms\Gadget\Data::deleteByComponentId($component->getComponentId());
}
}
$genericData::updateStatus($id, $newStatus);
break;
case 'ModuleMedia':
if (!$this->hasPrivilege('admin.cms.media-link.edit')) {
return $this->noPrivilege('admin.cms.media-link.edit');
}
$genericData::deleteById($id);
break;
case 'Permission':
if (!$this->hasPrivilege('admin.user.permission.edit')) {
return $this->noPrivilege('admin.user.permission.edit');
}
\Rebond\Core\RolePermission\Data::deleteByPermissionId($id);
$genericData::deleteById($id);
break;
case 'Role':
if (!$this->hasPrivilege('admin.user.role.edit')) {
return $this->noPrivilege('admin.user.role.edit');
}
$userRoles = \Rebond\Core\UserRole\Data::loadAllByRoleId($id);
if (isset($userRoles) && count($userRoles) > 0) {
$json['result'] = ResultType::ERROR;
$json['message'] = 'The role could not be deleted because ' . count($userRoles) . ' users still use it';
return json_encode($json);
}
\Rebond\Core\UserRole\Data::deleteByRoleId($id);
\Rebond\Core\RolePermission\Data::deleteByRoleId($id);
$genericData::deleteById($id);
break;
case 'Template':
if (!$this->hasPrivilege('admin.cms.template.edit')) {
return $this->noPrivilege('admin.cms.template.edit');
}
$options = [];
$options['clearSelect'] = true;
$options['select'][] = \Rebond\Cms\Page\Data::getList(['id']);
$options['join'][] = 'cms_template template ON template.id = page.template_id';
$options['where'][] = ['template.id = ?', $id];
$pages = \Rebond\Cms\Page\Data::loadAll($options);
if (isset($pages) && count($pages) > 0) {
$json['result'] = ResultType::ERROR;
$json['message'] = 'The template could not be deleted because ' . count($pages) . ' pages still use it';
return json_encode($json);
}
$genericData::deleteById($id);
break;
case 'User':
if (!$this->hasPrivilege('admin.user.edit')) {
return $this->noPrivilege('admin.user.edit');
}
$genericData::updateStatus($id, $newStatus);
break;
default:
Log::log(Error::ITEM_NOT_FOUND, 'entity: ' . $entity, __FILE__, __LINE__);
if (!$this->hasPrivilege('admin.status')) {
return $this->noPrivilege('admin.status');
}
$genericData::deleteById($id);
break;
}
}
}
// double id table
} else {
if ($newStatus == StatusType::DELETED) {
if (!$this->hasPrivilege('admin.status.relation')) {
return $this->noPrivilege('admin.status.relation');
}
$genericData::deleteByIds($id, $id2);
$update = 'deleted';
} else {
if (!$this->hasPrivilege('admin.status')) {
return $this->noPrivilege('admin.status');
}
$genericData::updateStatus($id, $id2, $newStatus);
}
}
// result
$json['result'] = ResultType::SUCCESS;
$json['message'] = Lang::lang($update);
return json_encode($json);
}