/**
*
*/
public static function checkPermissions()
{
$request = Core_Request::getInstance();
// permissions structure
$data = array('module' => $request->getRoute('module'), 'controller' => $request->getRoute('controller'), 'action' => $request->getRoute('action'));
$model = Admin_PermissionsModel::getInstance();
$flag = $model->getFlag($data);
// $flag = 0 - is a free acces of the page
if ($flag === 0) {
return true;
}
if (!$flag) {
// we need to check that method exist
$model->add($data);
} else {
if (!s()->user->id) {
// @todo
Core_View::getInstance()->addFlashMessage(__('Please Login'), 'danger');
Core_Response::getInstance()->setStatus(1)->redirect('admin')->toJson();
}
if (!Core_Bit::check(s()->user->access['permissions'], $flag)) {
// well an owner has ALL access
$role_rs = Admin_RolesModel::get(array('id' => s()->user->role_id));
if ($role_rs->is_owner === 1 || s()->user->is_developer === 1) {
return true;
}
Core_View::getInstance()->addFlashMessage(__('You Don\'t have permission to access this page'), 'danger');
Core_Response::getInstance()->setStatus(1)->redirect('admin')->toJson();
}
}
}
public function permissionsAction()
{
$id = $this->getRequest()->getParam('id');
if (!$id) {
$this->getResponse()->setStatus(0)->setBody(__('role does not exist'))->toJson();
}
$role_rs = Admin_RolesModel::get(array('id' => $id));
if (!$role_rs) {
$this->getResponse()->setStatus(0)->setBody(__('role does not exist'))->toJson();
}
$return = array();
$permissions_rs = Admin_PermissionsModel::getAll();
foreach ($permissions_rs as $permission_row) {
if (Core_Bit::check($role_rs->permissions, $permission_row->bit_flag) || $role_rs->is_owner) {
$return[$permission_row['name']] = true;
}
}
$this->getResponse()->setStatus(1)->setData(Core_Tools::JsonEncode($return))->toJson();
}
public function createAction()
{
$email = strtolower($this->getRequest()->getPost('email'));
if (!Core_Check::email($email)) {
$this->getResponse()->setStatus(0)->setBody(__('invalid email'))->toJson();
}
$pass = $this->getRequest()->getPost('pass');
if (!Core_Check::password($pass)) {
$this->getResponse()->setStatus(0)->setBody(__('password must be at least %1$s characters long', cfg()->min_pass_lenght))->toJson();
}
$user = $this->getRequest()->getPost('user');
if (!Core_Check::user($user)) {
$this->getResponse()->setStatus(0)->setBody(__('invalid user'))->toJson();
}
$all_roles = Admin_RolesModel::getAll(array());
$role_id = $this->getRequest()->getPost('role');
$valid_role = false;
foreach ($all_roles as $role_row) {
if ($role_id == $role_row->id) {
$valid_role = true;
}
}
if (!$valid_role) {
$this->getResponse()->setStatus(0)->setBody(__('invalid role'))->toJson();
}
$insert_data = array('user' => strip_tags(strtolower($this->getRequest()->getPost('user'))), 'email' => strip_tags(strtolower($this->getRequest()->getPost('email'))), 'role_id' => $this->getRequest()->getPost('role'), 'password' => Core_Security::generate($this->getRequest()->getPost('pass')), 'company' => $this->getRequest()->getPost('company'));
if ($insert_data['user'] == '' || $insert_data['email'] == '' || $insert_data['role_id'] == '') {
$this->getResponse()->setStatus(0)->setBody(__('invalid data submited. Username, Email and Role are mandatory'))->toJson();
}
if (!Admin_UsersModel::tryAdd($insert_data)) {
$this->getResponse()->setStatus(0)->setBody(__('duplicate user or email'))->toJson();
}
$this->getResponse()->setStatus(1)->setBody(__('user added'))->toJson();
}
