/** * deleteAction * Delete a record previously selected by the cmspages * @return unknown_type */ public function deleteAction() { $id = intval($this->getRequest()->getParam('id')); $identity = Zend_Auth::getInstance()->getIdentity(); $adminCount = count(AdminUser::getUserbyRoleID(1)); if (is_numeric($id)) { /* Security checks * - administrators cannod be deleted by unprivileged users * - you can't delete the latest administrator * - you can't delete yourself */ //* you can't delete yourself if ($id == $identity['user_id']) { $this->_helper->redirector('list', 'profile', 'admin', array('mex' => $this->translator->translate('You cannot delete yourself.'), 'status' => 'danger')); die; } //* administrators cannod be deleted by unprivileged users if (AdminRoles::isAdministrator($id)) { if ((int) $identity['role_id'] != 1) { $this->_helper->redirector('list', 'profile', 'admin', array('mex' => $this->translator->translate('The administrator profile can only be deleted by an administrator.'), 'status' => 'danger')); die; } } //* you can't delete the latest administrator if (AdminRoles::isAdministrator($id) && $adminCount <= 1) { $this->_helper->redirector('list', 'profile', 'admin', array('mex' => $this->translator->translate('You cannot delete the latest administrator'), 'status' => 'danger')); die; } //* all good, delete AdminUser::deleteUser($id); } return $this->_helper->redirector('index', 'profile'); }
/** * editAction * Get a record and populate the application form * @return unknown_type */ public function editAction() { $auth = Zend_Auth::getInstance(); // Get the common resources of ShineISP from the ACL file $aclConfig = new Zend_Config_Xml(APPLICATION_PATH . '/configs/acl.xml', 'acl'); $form = $this->getForm('/admin/roles/process'); $id = $this->getRequest()->getParam('id'); // Create the buttons in the edit form $this->view->buttons = array(array("url" => "#", "label" => $this->translator->translate('Save'), "params" => array('css' => null, 'id' => 'submit')), array("url" => "/admin/roles/list", "label" => $this->translator->translate('List'), "params" => array('css' => null)), array("url" => "/admin/roles/new/", "label" => $this->translator->translate('New'), "params" => array('css' => null))); if (!empty($id) && is_numeric($id)) { $rs = AdminRoles::find($id, null, true); if (!empty($rs[0])) { // Load the users connected to this role $users = AdminUser::getUserbyRoleID($id); // Load the roles of each resource $roles = AdminPermissions::getPermissionByRoleID($id); // Load the resources $this->view->resources = json_encode(AdminResources::createResourcesTree($aclConfig->modules, $roles)); // Join the roles and the users $rs[0]['users'] = $users; $form->populate($rs[0]); $this->view->buttons[] = array("url" => "/admin/roles/confirm/id/{$id}", "label" => $this->translator->translate('Delete'), "params" => array('css' => null)); } } $this->view->mex = $this->getRequest()->getParam('mex'); $this->view->mexstatus = $this->getRequest()->getParam('status'); $this->view->title = $this->translator->translate("Role edit"); $this->view->description = $this->translator->translate("Here you can edit the role permissions."); $this->view->form = $form; $this->render('applicantform'); }