/** * updates the row * if you supply an array of role ids, it will update them correctly in the account_roles table */ public function update(array $data, $where) { $rolesToAdd = array(); if (isset($data['role']) && count($data['role']) > 0) { $rolesToAdd = (array) $data['role']; unset($data['role']); } $updateCount = parent::update($data, $where); if (count($rolesToAdd) < 1) { return $updateCount; } $accountRoles = new Ot_Model_DbTable_AccountRoles(); $accountRolesDba = $accountRoles->getAdapter(); $accountId = $data['accountId']; if (isset($rolesToAdd) && count($rolesToAdd) > 0 && $accountId) { try { $where = $accountRolesDba->quoteInto('accountId = ?', $accountId); $accountRoles->delete($where); foreach ($rolesToAdd as $roleId) { $d = array('accountId' => $accountId, 'roleId' => $roleId); $accountRoles->insert($d); } } catch (Exception $e) { throw $e; } } return $updateCount; }
/** * Deletes a role from the ACL * */ public function deleteAction() { $roleId = $this->_getParam('roleId', null); if (is_null($roleId)) { throw new Ot_Exception_Input('msg-error-roleIdNotSet'); } $role = new Ot_Model_DbTable_Role(); $thisRole = $role->find($roleId); if (is_null($thisRole)) { throw new Ot_Exception_Data('msg-error-noRole'); } if ($thisRole->editable != 1) { throw new Ot_Exception_Access('msg-error-unallowedRoleEdit'); } $availableRoles = $this->_acl->getAvailableRoles(); if (!isset($availableRoles[$roleId])) { throw new Ot_Exception_Data('msg-error-noRole'); } $account = new Ot_Model_DbTable_Account(); $affectedAccounts = $account->getAccountsForRole($get->roleId); $defaultRole = $this->_helper->configVar('defaultRole'); if (!isset($availableRoles[$defaultRole])) { throw new Ot_Exception_Data('msg-error-noDefaultRole'); } if ($defaultRole == $roleId) { throw new Ot_Exception_Data('msg-error-deleteDefaultRole'); } $inheritedRoles = array(); $inheritedRoles = $this->_acl->getChildrenOfRole($roleId); if (count($inheritedRoles) > 0) { throw new Ot_Exception_Data($this->view->translate('msg-error-dependedRoleCannotDelete', $roleList)); } if ($this->_request->isPost()) { $role = new Ot_Model_DbTable_Role(); $accountRoles = new Ot_Model_DbTable_AccountRoles(); $dba = $role->getAdapter(); $dba->beginTransaction(); try { $role->deleteRole($roleId); } catch (Exception $e) { $dba->rollback(); throw $e; } // aList is an array of all the affected accountIds $aList = array(); if (count($affectedAccounts) > 0) { foreach ($affectedAccounts as $a) { $aList[] = $a->accountId; } if (count($aList) > 0) { // get a list of all the accounts that still have a role after removing one so we can diff() // it to find the accounts that no longer have a role $accountRolesDba = $accountRoles->getAdapter(); $where = $accountRolesDba->quoteInto('accountId IN(?)', $aList); $affectedAccountsStillWithRoles = $accountRoles->fetchAll($where); $affectedAccountsStillWithRolesIds = array(); foreach ($affectedAccountsStillWithRoles as $a) { $affectedAccountsStillWithRolesIds[] = $a->accountId; } // here's the list of accounts that don't have a role, so we have to add $defaultRole to them. $affectedAccountsWithNoRoles = array_diff($aList, $affectedAccountsStillWithRolesIds); try { foreach ($affectedAccountsWithNoRoles as $a) { $accountRoles->insert(array('accountId' => $a, 'roleId' => $defaultRole)); } } catch (Exception $e) { $dba->rollback(); throw $e; } } } $dba->commit(); $logOptions = array('attributeName' => 'accessRole', 'attributeId' => $roleId); $this->_helper->log(Zend_Log::INFO, 'Role ' . $thisRole['name'] . ' was deleted', $logOptions); $this->_helper->messenger->addWarning('Role was deleted successfully'); $this->_helper->redirector->gotoRoute(array('controller' => 'acl'), 'ot', true); } else { throw new Ot_Exception_Access('You can not access this method directly'); } }