/**
* Define role privileges ( ACL role <-> module <-> route )
*
* @access public
* @return ViewModel
*/
public function privilegesAction()
{
$id = $this->params('id');
/* @var $query \Utilities\Service\Query\Query */
$query = $this->getServiceLocator()->get('wrapperQuery');
$em = $query->entityManager;
$roleObj = $query->find('Users\\Entity\\Role', $id);
$rolePrivileges = $query->findBy('Users\\Entity\\Acl', array('role' => $roleObj));
$request = $this->getRequest();
if ($request->isPost()) {
// delete old privileges
foreach ($rolePrivileges as $p) {
$query->remove($p);
}
// insert new privileges
$data = $request->getPost()->toArray();
if (isset($data['privileges'])) {
foreach ($data['privileges'] as $p) {
list($module, $route) = explode("-", $p);
$aclEntity = new AclEntity();
$aclEntity->setModule($module);
$aclEntity->setRoute($route);
$aclEntity->setRole($roleObj);
$em->persist($aclEntity);
}
}
$em->flush();
$url = $this->getEvent()->getRouter()->assemble(array('action' => 'index'), array('name' => 'roles'));
$this->redirect()->toUrl($url);
}
$manager = $this->getServiceLocator()->get('ModuleManager');
$loadedModules = $manager->getLoadedModules();
$excludedModules = $loadedModules['CertigateAcl']->getConfig()['roles_management']['excluded_modules'];
$filtereModules = [];
foreach ($loadedModules as $k => $v) {
if (!in_array($k, $excludedModules)) {
$filtereModules[$k] = $v;
}
}
$roleRoutes = [];
foreach ($rolePrivileges as $p) {
$roleRoutes[] = implode("-", [$p->getModule(), $p->getRoute()]);
}
foreach ($filtereModules as $module => $object) {
$routes = array_keys($object->getConfig()['router']['routes']);
$newRoutes = [];
foreach ($routes as $r) {
if (in_array(implode("-", [$module, $r]), $roleRoutes)) {
$newRoutes[] = ['name' => $r, 'checked' => true];
} else {
$newRoutes[] = ['name' => $r, 'checked' => false];
}
}
$modulesRoutes[] = ['module' => $module, 'routes' => $newRoutes];
}
return new ViewModel(['modulesRoutes' => $modulesRoutes, 'role' => $roleObj]);
}
