private function getMashup()
{
$request = $this->getRequest()->getQuery();
$key = @$request[ApiController::KEY_PARAM];
// disable templating etc
$this->_helper->viewRenderer->setNoRender();
$this->_helper->layout->disableLayout();
// check if a access right exists
$access = new Model_Access();
$access->findByKey($key) or $this->sendError("Failed to find a accessible Mashup for key {$key}");
$m = $this->getLA()->loadMashup($access->getMashup()) or $this->sendError("Failed to load mashup " . $access->getMashup());
return $m;
}
function init()
{
parent::init();
$this->addCondition('type', 'admin');
$this->hasOne('dokku_alt/Host', null, null, 'Host');
$this->addHook('beforeSave,beforeDelete', $this);
}
/**
* CRUD controller: UPDATE
*/
public function action_update()
{
$id_role = $this->request->param('id');
//we do not allow modify the admin
if ($id_role == Model_Role::ROLE_ADMIN) {
Alert::set(Alert::WARNING, __('Admin Role can not be modified!'));
$this->redirect(Route::url('oc-panel', array('controller' => 'role')));
}
$this->template->title = __('Update') . ' ' . __($this->_orm_model) . ' ' . $id_role;
$role = new Model_Role($id_role);
if ($this->request->post() and $role->loaded()) {
//delete all the access
DB::delete('access')->where('id_role', '=', $role->id_role)->execute();
//set all the access where post = on
foreach ($_POST as $key => $value) {
if ($value == 'on') {
DB::insert('access', array('id_role', 'access'))->values(array($role->id_role, str_replace('|', '.', $key)))->execute();
}
}
//saving the role params
$role->name = core::post('name');
$role->description = core::post('description');
$role->save();
Alert::set(Alert::SUCCESS, __('Item updated'));
$this->redirect(Route::get($this->_route_name)->uri(array('controller' => Request::current()->controller())));
}
//getting controllers actions
$controllers = Model_Access::list_controllers();
//get all the access this user has
$query = DB::select('access')->from('access')->where('id_role', '=', $id_role)->execute();
$access_in_use = array_keys($query->as_array('access'));
// d(in_array('access_index',$access_in_use));
//d($access_in_use);
return $this->render('oc-panel/pages/role/update', array('role' => $role, 'controllers' => $controllers, 'access_in_use' => $access_in_use));
}
function init()
{
parent::init();
$this->addCondition('type', 'deploy');
$this->hasOne('dokku_alt/App', null, null, 'App');
$this->addHook('beforeSave', $this);
}
public function externaldeleteAction()
{
$muri = $this->getRequest()->getParam(HomeController::MASHUP_PARAM);
if (!Zend_Uri::check($muri)) {
$this->getLog()->err("Access granting failed: " . $muri . " malformed");
return $this->_helper->redirector('account');
}
// check if mashup exists & belongs to current user
$m = $this->getLA()->loadMashup($muri) or die('Mashup not found: ' . $muri);
if ($m->getCreatorId() != $this->getUserId() && $this->getUser()->isAdmin()) {
$this->getLog()->err("User " . $this->getUserId() . " has no rights on " . $muri);
return $this->_helper->redirector('account');
}
// delete from auth table
$access = new Model_Access();
if (!$access->findByMashup($muri) || !$access->delete()) {
$this->getLog()->err("Failed to remove access key: " . $access->ErrorMsg());
return $this->_helper->redirector('account');
}
$this->getLog()->info("Removed access key to " . $muri);
return $this->_helper->redirector('account');
}
<?php
defined('SYSPATH') or die('No direct script access.');
?>
<div class="page-header" id="crud-<?php
echo __($name);
?>
">
<h1><?php
echo __('Update');
?>
<?php
echo ucfirst(__($name));
?>
</h1>
<?$controllers = Model_Access::list_controllers()?>
<a target="_blank" href="<?php
echo Route::url('oc-panel', array('controller' => 'order', 'action' => 'index'));
?>
?email=<?php
echo $form->object->email;
?>
">
<?php
echo __('Orders');
?>
</a>
<?if (array_key_exists('ticket', $controllers)) :?>
- <a target="_blank" href="<?php
echo Route::url('oc-panel', array('controller' => 'support', 'action' => 'index', 'id' => 'admin'));
?>
