예제 #1
0
 /**
  * @service role add
  * @return Gpf_Rpc_Form
  */
 public function add(Gpf_Rpc_Params $params)
 {
     $form = new Gpf_Rpc_Form($params);
     $origRole = new Gpf_Db_Role();
     $origRole->setId($form->getFieldValue('roleid'));
     $origRole->load();
     $newRole = new Gpf_Db_Role();
     $newRole->setName($form->getFieldValue('name'));
     $newRole->setAccountId(Gpf_Session::getInstance()->getAuthUser()->getAccountId());
     $newRole->setRoleType($origRole->getRoleType());
     $newRole->insert();
     if (strlen($origRole->getAccountId())) {
         //it is custom role, copy privileges from db
         $select = new Gpf_SqlBuilder_SelectBuilder();
         $select->select->addConstant($newRole->getId(), 'roleid');
         $select->select->add(Gpf_Db_Table_RolePrivileges::OBJECT, Gpf_Db_Table_RolePrivileges::OBJECT);
         $select->select->add(Gpf_Db_Table_RolePrivileges::PRIVILEGE, Gpf_Db_Table_RolePrivileges::PRIVILEGE);
         $select->from->add(Gpf_Db_Table_RolePrivileges::getName());
         $select->where->add(Gpf_Db_Table_Roles::ID, '=', $origRole->getId());
         $insert = new Gpf_SqlBuilder_InsertBuilder();
         $insert->setTable(Gpf_Db_Table_RolePrivileges::getInstance());
         $insert->fromSelect($select);
         $insert->execute();
     } else {
         //it is default role, copy privileges from php settings
         $privileges = Gpf_Application::getInstance()->getRoleDefaultPrivileges($origRole->getId());
         foreach ($privileges as $objectName => $privilegeList) {
             foreach ($privilegeList as $right) {
                 $privilege = new Gpf_Db_RolePrivilege();
                 $privilege->setRoleId($newRole->getId());
                 $privilege->setObject($objectName);
                 $privilege->setPrivilege($right);
                 $privilege->insert();
             }
         }
     }
     return $form;
 }
 /**
  * Save role privileges
  *
  * @service role write
  * @param Gpf_Rpc_Params $params
  * @return Gpf_Rpc_Form
  */
 public function saveRolePrivileges(Gpf_Rpc_Params $params)
 {
     $form = new Gpf_Rpc_Form($params);
     $role = new Gpf_Db_Role();
     $role->setId($form->getFieldValue('roleid'));
     $role->load();
     if (!strlen($role->getAccountId())) {
         $form->setErrorMessage($this->_('It is not possible to changes privileges for default role %s', $role->getName()));
         return $form;
     }
     //delete all privileges for selected role
     Gpf_Db_Table_RolePrivileges::getInstance()->deleteAllPrivileges($role->getId());
     //insert all privileges again to database
     $objects = new Gpf_Data_RecordSet();
     $objects->loadFromArray($form->getFieldValue('objects'));
     foreach ($objects as $record) {
         $rights = explode(',', $record->get('privileges'));
         foreach ($rights as $right) {
             $privilege = new Gpf_Db_RolePrivilege();
             $privilege->setObject($record->get('object'));
             $privilege->setRoleId($role->getId());
             $privilege->setPrivilege($right);
             $privilege->insert();
         }
     }
     $form->setInfoMessage($this->_('Changes saved'));
     return $form;
 }
예제 #3
0
 protected function importPrivileges($roleId, $privilegeList)
 {
     foreach ($privilegeList as $object => $privileges) {
         foreach ($privileges as $privilege) {
             $rolePrivilege = new Gpf_Db_RolePrivilege();
             $rolePrivilege->setRoleId($roleId);
             $rolePrivilege->setObject($object);
             $rolePrivilege->setPrivilege($privilege);
             $rolePrivilege->insert();
         }
     }
 }