/**
* @service role add
* @return Gpf_Rpc_Form
*/
public function add(Gpf_Rpc_Params $params)
{
$form = new Gpf_Rpc_Form($params);
$origRole = new Gpf_Db_Role();
$origRole->setId($form->getFieldValue('roleid'));
$origRole->load();
$newRole = new Gpf_Db_Role();
$newRole->setName($form->getFieldValue('name'));
$newRole->setAccountId(Gpf_Session::getInstance()->getAuthUser()->getAccountId());
$newRole->setRoleType($origRole->getRoleType());
$newRole->insert();
if (strlen($origRole->getAccountId())) {
//it is custom role, copy privileges from db
$select = new Gpf_SqlBuilder_SelectBuilder();
$select->select->addConstant($newRole->getId(), 'roleid');
$select->select->add(Gpf_Db_Table_RolePrivileges::OBJECT, Gpf_Db_Table_RolePrivileges::OBJECT);
$select->select->add(Gpf_Db_Table_RolePrivileges::PRIVILEGE, Gpf_Db_Table_RolePrivileges::PRIVILEGE);
$select->from->add(Gpf_Db_Table_RolePrivileges::getName());
$select->where->add(Gpf_Db_Table_Roles::ID, '=', $origRole->getId());
$insert = new Gpf_SqlBuilder_InsertBuilder();
$insert->setTable(Gpf_Db_Table_RolePrivileges::getInstance());
$insert->fromSelect($select);
$insert->execute();
} else {
//it is default role, copy privileges from php settings
$privileges = Gpf_Application::getInstance()->getRoleDefaultPrivileges($origRole->getId());
foreach ($privileges as $objectName => $privilegeList) {
foreach ($privilegeList as $right) {
$privilege = new Gpf_Db_RolePrivilege();
$privilege->setRoleId($newRole->getId());
$privilege->setObject($objectName);
$privilege->setPrivilege($right);
$privilege->insert();
}
}
}
return $form;
}
/**
* Save role privileges
*
* @service role write
* @param Gpf_Rpc_Params $params
* @return Gpf_Rpc_Form
*/
public function saveRolePrivileges(Gpf_Rpc_Params $params)
{
$form = new Gpf_Rpc_Form($params);
$role = new Gpf_Db_Role();
$role->setId($form->getFieldValue('roleid'));
$role->load();
if (!strlen($role->getAccountId())) {
$form->setErrorMessage($this->_('It is not possible to changes privileges for default role %s', $role->getName()));
return $form;
}
//delete all privileges for selected role
Gpf_Db_Table_RolePrivileges::getInstance()->deleteAllPrivileges($role->getId());
//insert all privileges again to database
$objects = new Gpf_Data_RecordSet();
$objects->loadFromArray($form->getFieldValue('objects'));
foreach ($objects as $record) {
$rights = explode(',', $record->get('privileges'));
foreach ($rights as $right) {
$privilege = new Gpf_Db_RolePrivilege();
$privilege->setObject($record->get('object'));
$privilege->setRoleId($role->getId());
$privilege->setPrivilege($right);
$privilege->insert();
}
}
$form->setInfoMessage($this->_('Changes saved'));
return $form;
}
protected function importPrivileges($roleId, $privilegeList)
{
foreach ($privilegeList as $object => $privileges) {
foreach ($privileges as $privilege) {
$rolePrivilege = new Gpf_Db_RolePrivilege();
$rolePrivilege->setRoleId($roleId);
$rolePrivilege->setObject($object);
$rolePrivilege->setPrivilege($privilege);
$rolePrivilege->insert();
}
}
}