/**
* Deletes a role from the db
*
* @param array $data
* @param string $where
* @return unknown
*/
public function deleteRole($roleId)
{
$dba = $this->getAdapter();
$inTransaction = false;
try {
$dba->beginTransaction();
} catch (Exception $e) {
$inTransaction = true;
}
$where = $dba->quoteInto('roleId = ?', $roleId);
try {
$this->delete($where);
} catch (Exception $e) {
if (!$inTransaction) {
$dba->rollBack();
}
throw $e;
}
$roleRule = new Ot_Model_DbTable_RoleRule();
try {
$roleRule->delete($where);
} catch (Exception $e) {
if (!$inTransaction) {
$dba->rollback();
}
}
$accountRoles = new Ot_Model_DbTable_AccountRoles();
try {
$accountRoles->delete($where);
} catch (Exception $e) {
if (!$inTransaction) {
$dba->rollback();
}
}
if (!$inTransaction) {
$dba->commit();
}
$this->_clearCache();
}
public function getAccountsForRole($roleId, $order = null, $count = null, $offset = null)
{
$rolesDb = new Ot_Model_DbTable_AccountRoles();
$where = $rolesDb->getAdapter()->quoteInto('roleId = ?', $roleId);
$roles = $rolesDb->fetchAll($where)->toArray();
$accountIds = array();
foreach ($roles as $role) {
$accountIds[] = $role['accountId'];
}
if (count($accountIds) > 0) {
$where = $this->getAdapter()->quoteInto('accountId IN (?)', $accountIds);
return $this->fetchAll($where, $order, $count, $offset);
}
return null;
}
/**
* Display a list of all users in the system.
*
*/
public function allAction()
{
$this->view->acl = array('add' => $this->_helper->hasAccess('add'), 'edit' => $this->_helper->hasAccess('edit'), 'delete' => $this->_helper->hasAccess('delete'));
$filterUsername = $this->_getParam('username');
$filterFirstName = $this->_getParam('firstName');
$filterLastName = $this->_getParam('lastName');
$filterRole = $this->_getParam('role', 'any');
$filterSort = $this->_getParam('sort', 'username');
$filterDirection = $this->_getParam('direction', 'asc');
$form = new Ot_Form_UserSearch();
$form->populate($this->getAllParams());
$account = new Ot_Model_DbTable_Account();
$accountTbl = $account->info('name');
$select = new Zend_Db_Table_Select($account);
$select->from($accountTbl);
if ($filterUsername != '') {
$select->where($accountTbl . '.username LIKE ?', '%' . $filterUsername . '%');
}
if ($filterFirstName != '') {
$select->where($accountTbl . '.firstName LIKE ?', '%' . $filterFirstName . '%');
}
if ($filterLastName != '') {
$select->where($accountTbl . '.lastName LIKE ?', '%' . $filterLastName . '%');
}
if ($filterRole != '' && $filterRole != 'any') {
$otRole = new Ot_Model_DbTable_AccountRoles();
$roleTbl = $otRole->info('name');
$select->join($roleTbl, $accountTbl . '.accountId = ' . $roleTbl . '.accountId', array());
$select->where($roleTbl . '.roleId = ?', $filterRole);
$select->distinct();
}
if ($filterSort == 'name') {
$select->order('firstName ' . $filterDirection);
$select->order('lastName ' . $filterDirection);
} else {
$select->order($filterSort . ' ' . $filterDirection);
}
$filterOptions = array('username' => $filterUsername, 'lastname' => $filterLastName, 'firstname' => $filterFirstName, 'direction' => $filterDirection, 'role' => $filterRole, 'sort' => $filterSort);
foreach ($filterOptions as $key => $value) {
if (!$value) {
unset($filterOptions[$key]);
}
}
$adapter = new Zend_Paginator_Adapter_DbSelect($select);
$paginator = new Zend_Paginator($adapter);
$paginator->setCurrentPageNumber($this->_getParam('page', 1));
$aa = new Ot_Model_DbTable_AuthAdapter();
$adapters = $aa->fetchAll();
$adapterMap = array();
foreach ($adapters as $a) {
$adapterMap[$a->adapterKey] = $a;
}
$this->_helper->pageTitle('ot-account-all:title');
$this->view->assign(array('paginator' => $paginator, 'form' => $form, 'interface' => true, 'sort' => $filterSort, 'direction' => $filterDirection, 'adapters' => $adapterMap, 'filterOptions' => array('urlParams' => $filterOptions)));
}
/**
* Deletes a role from the ACL
*
*/
public function deleteAction()
{
$roleId = $this->_getParam('roleId', null);
if (is_null($roleId)) {
throw new Ot_Exception_Input('msg-error-roleIdNotSet');
}
$role = new Ot_Model_DbTable_Role();
$thisRole = $role->find($roleId);
if (is_null($thisRole)) {
throw new Ot_Exception_Data('msg-error-noRole');
}
if ($thisRole->editable != 1) {
throw new Ot_Exception_Access('msg-error-unallowedRoleEdit');
}
$availableRoles = $this->_acl->getAvailableRoles();
if (!isset($availableRoles[$roleId])) {
throw new Ot_Exception_Data('msg-error-noRole');
}
$account = new Ot_Model_DbTable_Account();
$affectedAccounts = $account->getAccountsForRole($get->roleId);
$defaultRole = $this->_helper->configVar('defaultRole');
if (!isset($availableRoles[$defaultRole])) {
throw new Ot_Exception_Data('msg-error-noDefaultRole');
}
if ($defaultRole == $roleId) {
throw new Ot_Exception_Data('msg-error-deleteDefaultRole');
}
$inheritedRoles = array();
$inheritedRoles = $this->_acl->getChildrenOfRole($roleId);
if (count($inheritedRoles) > 0) {
throw new Ot_Exception_Data($this->view->translate('msg-error-dependedRoleCannotDelete', $roleList));
}
if ($this->_request->isPost()) {
$role = new Ot_Model_DbTable_Role();
$accountRoles = new Ot_Model_DbTable_AccountRoles();
$dba = $role->getAdapter();
$dba->beginTransaction();
try {
$role->deleteRole($roleId);
} catch (Exception $e) {
$dba->rollback();
throw $e;
}
// aList is an array of all the affected accountIds
$aList = array();
if (count($affectedAccounts) > 0) {
foreach ($affectedAccounts as $a) {
$aList[] = $a->accountId;
}
if (count($aList) > 0) {
// get a list of all the accounts that still have a role after removing one so we can diff()
// it to find the accounts that no longer have a role
$accountRolesDba = $accountRoles->getAdapter();
$where = $accountRolesDba->quoteInto('accountId IN(?)', $aList);
$affectedAccountsStillWithRoles = $accountRoles->fetchAll($where);
$affectedAccountsStillWithRolesIds = array();
foreach ($affectedAccountsStillWithRoles as $a) {
$affectedAccountsStillWithRolesIds[] = $a->accountId;
}
// here's the list of accounts that don't have a role, so we have to add $defaultRole to them.
$affectedAccountsWithNoRoles = array_diff($aList, $affectedAccountsStillWithRolesIds);
try {
foreach ($affectedAccountsWithNoRoles as $a) {
$accountRoles->insert(array('accountId' => $a, 'roleId' => $defaultRole));
}
} catch (Exception $e) {
$dba->rollback();
throw $e;
}
}
}
$dba->commit();
$logOptions = array('attributeName' => 'accessRole', 'attributeId' => $roleId);
$this->_helper->log(Zend_Log::INFO, 'Role ' . $thisRole['name'] . ' was deleted', $logOptions);
$this->_helper->messenger->addWarning('Role was deleted successfully');
$this->_helper->redirector->gotoRoute(array('controller' => 'acl'), 'ot', true);
} else {
throw new Ot_Exception_Access('You can not access this method directly');
}
}