/** * View the permissions for a profile level, and change them if we have a POST. */ public function indexAction() { $this->view->setTemplateBefore('private'); if ($this->request->isPost()) { // Validate the profile $profile = Profiles::findFirstById($this->request->getPost('profileId')); if ($profile) { if ($this->request->hasPost('permissions')) { // Deletes the current permissions $profile->getPermissions()->delete(); // Save the new permissions foreach ($this->request->getPost('permissions') as $permission) { $parts = explode('.', $permission); $permission = new Permissions(); $permission->profilesId = $profile->id; $permission->resource = $parts[0]; $permission->action = $parts[1]; $permission->save(); } $this->flash->success('Permissions were updated with success'); } // Rebuild the ACL with $this->acl->rebuild(); // Pass the current permissions to the view $this->view->permissions = $this->acl->getPermissions($profile); } $this->view->profile = $profile; } // Pass all the active profiles $this->view->profiles = Profiles::find('active = "Y"'); }
public function initialize($entity = null, $options = null) { // In edition the id is hidden if (isset($options['edit']) && $options['edit']) { $id = new Hidden('id'); } else { $id = new Text('id'); } $this->add($id); $username = new Text('username', array('placeholder' => 'Username')); $username->addValidators(array(new PresenceOf(array('message' => 'Username is required')))); $this->add($username); $first_name = new Text('first_name', array('placeholder' => 'First name')); $first_name->addValidators(array(new PresenceOf(array('message' => 'First name is required')))); $this->add($first_name); $last_name = new Text('last_name', array('placeholder' => 'Last name')); $last_name->addValidators(array(new PresenceOf(array('message' => 'Last name is required')))); $this->add($last_name); $email = new Text('email', array('placeholder' => 'Email')); $email->addValidators(array(new PresenceOf(array('message' => 'The e-mail is required')), new Email(array('message' => 'The e-mail is not valid')))); $this->add($email); $this->add(new Select('profilesId', Profiles::find(array(array('active' => 'Y'))), array('using' => array('id', 'name'), 'useEmpty' => true, 'emptyText' => '...', 'emptyValue' => ''))); $this->add(new Select('banned', array('Y' => 'Yes', 'N' => 'No'))); $this->add(new Select('suspended', array('Y' => 'Yes', 'N' => 'No'))); $this->add(new Select('active', array('Y' => 'Yes', 'N' => 'No'))); }
/** * Rebuilds the access list into a file * * @return \Phalcon\Acl\Adapter\Memory */ public function rebuild() { $options = array('dbhost' => $this->config->mongo->host, 'dbname' => $this->config->mongo->dbname, 'roles' => 'acl.roles', 'resources' => 'acl.resources', 'resourcesAccesses' => 'acl.resourcesAccesses', 'accessList' => 'acl.accessList'); $acl = new \Dsc\Admin\Lib\Acl\Adapter\Mongo($options); //$acl = new \Phalcon\Acl\Adapter\Memory(); $acl->setDefaultAction(\Phalcon\Acl::DENY); // Register roles $profiles = Profiles::find(array(array('active' => 'Y'))); // give super profile access to everything $acl->addRole(new \Phalcon\Acl\Role('super')); $acl->allow('super', '*', '*'); $acl->allow('*', 'Dsc\\Admin\\Controllers\\DashboardController', 'index'); foreach ($profiles as $profile) { $acl->addRole(new \Phalcon\Acl\Role($profile->name)); } foreach ($this->privateResources as $resource => $actions) { $acl->addResource(new \Phalcon\Acl\Resource($resource), $actions); } // Grant acess to private area to role Users foreach ($profiles as $profile) { // Grant permissions in "permissions" model foreach ($profile->getPermissions() as $permission) { $acl->allow($profile->name, $permission->resource, $permission->action); } // Always grant these permissions $acl->allow($profile->name, 'users', 'changePassword'); } return $acl; }
/** * Deletes a Profile * * @param int $id */ public function deleteAction($id) { $profile = Profiles::findFirstById($id); if (!$profile) { $this->flash->error("Profile was not found"); return $this->dispatcher->forward(array('action' => 'index')); } if (!$profile->delete()) { $this->flash->error($profile->getMessages()); } else { $this->flash->success("Profile was deleted"); } return $this->dispatcher->forward(array('action' => 'index')); }