public function run() { list($name, $id) = $this->resolveNameID(); if (isset($this->htmlOptions['id'])) { $id = $this->htmlOptions['id']; } else { $this->htmlOptions['id'] = $id; } if (isset($this->htmlOptions['name'])) { $name = $this->htmlOptions['name']; } else { $this->htmlOptions['name'] = $name; } // Сохранение информации осуществляется через behavior if ($this->hasModel()) { $this->objects = array(get_class($this->model), 'id', $this->model->id); } $controls = array(); if (is_array($this->objects) && !empty($this->objects)) { $operations = ClassHelper::getBehaviorPropertyByClassName($this->objects[0], 'AccessCBehavior', 'operations'); if (!empty($operations)) { if ($this->operation) { $controls[] = array('label' => $operations[$this->operation], 'content' => $this->rightsForOperation($this->operation)); } else { foreach ($operations as $operationName => $operationTitle) { $controls[] = array('label' => $operations[$operationName], 'content' => $this->rightsForOperation($operationName)); } } } } if (!empty($controls)) { $this->render('AccessRights', array('controls' => $controls, 'instantSave' => $this->instantSave)); } }
public static function getAttributesByClassName($className) { $ret = ClassHelper::getBehaviorPropertyByClassName($className, 'AccessRBehavior', 'attributes'); if (empty($ret)) { $ret = array(); } return $ret; }
public function allowed($action = 'read', $force = false) { // Не позволяем запускать условие два раза в одном запросе if (($force || !isset($this->getOwner()->getDbCriteria()->params['aco_class']) || !isset($this->getOwner()->getDbCriteria()->params['aro_class'])) && ClassHelper::getBehaviorPropertyByClassName(get_class($this->getOwner()), 'AccessCBehavior', 'class')) { $user = Yii::app()->user->data; if (ClassHelper::getBehaviorPropertyByClassName(get_class($user), 'AccessRBehavior', 'class') && !$user->checkFullAccess()) { $params = array('aco_class' => get_class($this->getOwner()), 'action' => $action); $acoWhere = array('(a.`aco_key` = "" AND a.`aco_value` = "")', '(a.`aco_key` = "id" AND a.`aco_value` = t.`id`)'); $cAttributes = AccessCBehavior::getAttributesByClassName($params['aco_class']); foreach ($cAttributes as $attrName) { $acoWhere[] = '(a.`aco_key` = "' . $attrName . '" AND a.`aco_value` = t.`' . $attrName . '`)'; } $acoWhereStatement = implode(' OR ', $acoWhere); $aroWhereStatement = AccessRBehavior::generateAroWhereStatement($user, $params, 'a.'); $this->getOwner()->getDbCriteria()->mergeWith(array('join' => 'INNER JOIN `' . AccessItem::tableName() . '` a ON a.action = :action AND a.aco_class = :aco_class AND a.aro_class = :aro_class AND (' . $acoWhereStatement . ') AND (' . $aroWhereStatement . ')', 'params' => $params)); } } return $this->getOwner(); }