/** * Scan for new or vanished actions in a controller * * Controller Id must be given via request paramenter "control" * * @view views/scripts/action/scan.phtml * @access public */ public function scanAction() { $ctrl = $this->dbController->find($this->checkControllerIdParam()); $vCtrl = new Admin_Model_DbRow_Controller(); $all = array(); $vVanish = array(); $vNew = array(); if ($ctrl->count() === 1) { $ctrlRow = $vCtrl->fromArray($ctrl->current()); foreach ($this->dbAction->findActionByControllerId($ctrlRow->get('id')) as $row) { $all[] = new Admin_Model_DbRow_Action($row); } $scanned = $this->ctrlActionModel->getActions($ctrlRow->get('moduleName'), $ctrlRow->get('controllerName'), $ctrlRow->get('virtual')); $vNew = $this->dbAction->filterExistingActions($ctrlRow->get('id'), $scanned); $vVanish = $this->ctrlActionModel->filterVanishedActions($all, $scanned); } $this->view->controller = $vCtrl; $this->view->vanished = $vVanish; $this->view->new = $vNew; }
/** * Save the permissions for all actions of the given module/controller id * * @return array * @todo need some error handling and returning the error to grid * there are threads open in the extjs forums, that no error handling on .sync() is really working */ public function saveControllerPermissionsAction() { $contrModel = new Admin_Model_DbTable_Acl_ModuleController(); $ruleModel = new Admin_Model_DbTable_Acl_Rule(); $roleModel = new Admin_Model_DbTable_Acl_Role(); $actionModel = new Admin_Model_DbTable_Acl_Action(); $data = Zend_Json::decode($this->request->getParam('permissions', array())); $return = array(); if (!is_array($data) || !empty($data['mcId'])) { // if we have no array or the controller id is directly in the array // we nest the array in an array to get the foreach to work // extjs is sending object if only 1 row has changed and an array of object // if multiple changes occure $data = array($data); } foreach ($data as $el) { $role = $roleModel->find($el['roleId']); $controller = $contrModel->find($el['mcId']); // not a controller provided or multiple controller found if ($controller->count() !== 1) { continue; } // not a roleId provided or multiple roles found if ($role->count() !== 1) { continue; } $controller = new Admin_Model_DbRow_Controller($controller->current()); $role = new Admin_Model_DbRow_Role($role->current()); if ($el['rule'] == Admin_Model_DbTable_Acl_Rule::RULE_DENY) { $rule = Admin_Model_DbTable_Acl_Rule::RULE_DB_DENY; } elseif ($el['rule'] == Admin_Model_DbTable_Acl_Rule::RULE_ALLOW) { $rule = Admin_Model_DbTable_Acl_Rule::RULE_DB_ALLOW; } else { $rule = NULL; } $ruleModel->deleteWithControllerRole($controller->get('id'), $role->get('id')); if ($rule !== NULL) { // select all actions from this controller, and set the rule foreach ($actionModel->findActionByControllerId($controller->get('id')) as $actionRow) { $action = new Admin_Model_DbRow_Action($actionRow); $ruleModel->addRule($controller->get('id'), $action->get('id'), $role->get('id'), $rule); } } $return[] = array('ident' => join("_", array($role->get('id'), $controller->get('id'), $controller->get('controllerName'))), 'mcId' => $controller->get('id'), 'roleName' => $role->get('name'), 'roleId' => $role->get('id'), 'rule' => $el['rule']); } return array('success' => TRUE, 'message' => 'Successfully changed permissions', 'permissions' => $return); }