public static function Verification($permission_name, $crud = __CanRead__) { session_start(); $account_name = $_SESSION['login']; if (!is_null($account_name)) { $account = AccountService::GetByName($account_name, true); if (!is_null($account)) { $roles = UserRoleService::GetByUserId($account->account_id); $permission = PermissionService::GetByName($permission_name); $res = false; for ($i = 0; $i < count($roles); $i++) { $rps = RolePermissionService::GetByRoleIdPermissionId($roles[$i]->role_id, $permission->permission_id); foreach ($rps as $value) { $rr = PermissionHelper::setPermissionFlag(__CanCreate__, $value->cancreate) | PermissionHelper::setPermissionFlag(__CanRead__, $value->canread) | PermissionHelper::setPermissionFlag(__CanUpdate__, $value->canupdate) | PermissionHelper::setPermissionFlag(__CanRemove__, $value->canremove); if (($rr & $crud) == $crud) { $res = true; } } } } } else { header('Location: /account/permission'); } if (!$res) { header('Location: /account/permission'); } }
public function action_new() { PermissionHelper::Verification('Editor'); $roleName = $_POST['roleName']; $userName = $_POST['userName']; $model = new UserRole(); $model->user_id = UserService::GetByName($userName)->user_id; $model->role_id = RoleService::GetByName($roleName)->role_id; UserRoleService::Create($model); header('Location: /Role/item'); }