コード例 #1
0
 public function postPages($role_id)
 {
     if (config('coaster::admin.advanced_permissions')) {
         $page_actions = AdminAction::where('controller_id', '=', 2)->where('inherit', '=', 0)->where('edit_based', '=', 0)->get();
         $actionIds = [];
         foreach ($page_actions as $action) {
             $actionIds[$action->action] = $action->id;
         }
         if (!config('coaster::admin.publishing')) {
             unset($actionIds['version-publish']);
         }
         $pages_permissions = Request::input('page');
         $this->_role_permissions = UserRole::find($role_id);
         // defaults
         $defaults = [];
         foreach ($actionIds as $action => $id) {
             $defaults[$id] = false;
         }
         foreach ($this->_role_permissions->actions as $action) {
             if (array_key_exists($action->id, $defaults)) {
                 $defaults[$action->id] = 1;
             }
         }
         // existing
         $existing = [];
         foreach ($this->_role_permissions->page_actions as $page_permission) {
             if (!isset($existing[$page_permission->pivot->page_id])) {
                 $existing[$page_permission->pivot->page_id] = [];
             }
             $existing[$page_permission->pivot->page_id][$page_permission->pivot->action_id] = $page_permission->pivot->access;
         }
         // save updates
         $pages = Page::where('parent', '>=', '0')->get();
         foreach ($pages as $page) {
             foreach ($actionIds as $action => $action_id) {
                 // get value entered
                 if (isset($pages_permissions[$page->id][$action])) {
                     $value = 'allow';
                 } else {
                     $value = 'deny';
                 }
                 // check if update is required
                 if (isset($existing[$page->id][$action_id])) {
                     if ($defaults[$action_id] && $value == 'allow' || !$defaults[$action_id] && $value == 'deny') {
                         // remove existing
                         $this->_role_permissions->page_actions()->newPivotStatementForId($page->id)->whereActionId($action_id)->delete();
                         if ($page->group_container > 0) {
                             $group = PageGroup::find($page->group_container);
                             foreach ($group->pages as $group_page) {
                                 $this->_role_permissions->page_actions()->newPivotStatementForId($group_page->id)->whereActionId($action_id)->delete();
                             }
                         }
                     } elseif ($existing[$page->id][$action_id] != $value) {
                         // update existing
                         $this->_role_permissions->page_actions()->newPivotStatementForId($page->id)->whereActionId($action_id)->update(['access' => $value]);
                         if ($page->group_container > 0) {
                             $group = PageGroup::find($page->group_container);
                             foreach ($group->pages as $group_page) {
                                 $this->_role_permissions->page_actions()->newPivotStatementForId($group_page->id)->whereActionId($action_id)->update(['access' => $value]);
                             }
                         }
                     }
                 } elseif (!$defaults[$action_id] && $value == 'allow' || $defaults[$action_id] && $value == 'deny') {
                     // add new page action
                     $this->_role_permissions->page_actions()->attach($page->id, ['action_id' => $action_id, 'access' => $value]);
                     if ($page->group_container > 0) {
                         $group = PageGroup::find($page->group_container);
                         foreach ($group->pages as $group_page) {
                             $this->_role_permissions->page_actions()->attach($group_page->id, ['action_id' => $action_id, 'access' => $value]);
                         }
                     }
                 }
             }
         }
         $this->addAlert('success', 'Page Permissions Updated');
     }
     $this->getPages($role_id);
 }
コード例 #2
0
 public function postAdd()
 {
     $authUser = Auth::user();
     $v = Validator::make(Request::all(), array('email' => 'required|email', 'role' => 'required|integer'));
     $perm_issue = true;
     $role = UserRole::find(Request::input('role'));
     if (!empty($role) && $role->admin <= $authUser->role->admin) {
         $perm_issue = false;
     }
     if ($v->passes() && !$perm_issue) {
         $password = str_random(8);
         $new_user = new User();
         $new_user->email = Request::input('email');
         $new_user->role_id = Request::input('role');
         $new_user->password = Hash::make($password);
         $new_user->save();
         AdminLog::new_log('User \'' . $new_user->email . '\' added');
         Mail::send('coaster::emails.new_account', array('email' => $new_user->email, 'password' => $password), function ($message) use($new_user) {
             $message->from(config('coaster::site.email'));
             $message->to($new_user->email);
             $message->subject(config('coaster::site.name') . ': New Account Details');
         });
         $failures = Mail::failures();
         if (empty($failures)) {
             $email_message = 'An email has been sent to the new user with their login details.';
             $email_status = 'success';
         } else {
             $email_message = 'There was an error sending the login details to the new user.';
             $email_status = 'warning';
         }
         $this->layoutData['content'] = View::make('coaster::pages.users.add', array('success' => true, 'password' => $password, 'email_message' => $email_message, 'email_status' => $email_status));
     } else {
         FormMessage::set($v->messages());
         if ($perm_issue) {
             FormMessage::add('role', 'Don\'t have permission to create user with this role, or doesn\'t exist');
         }
         $this->getAdd();
     }
 }