function editAction() { $request = new Bolts_Request($this->getRequest()); $roles_table = new Roles(); $role = null; if ($request->has('id')) { if (!is_null($request->id)) { $role = $roles_table->fetchRow($roles_table->select()->where("id = ?", $request->id)); if (!is_null($role)) { // we do not edit the guest role if ($role->shortname == "guest") { $this->_redirect("/bolts/role"); } $this->view->role = $role->toArray(); $this->view->role_tree = $roles_table->getRoleTree(null, $role->id); $this->view->inherited_ids = $roles_table->getInheritedRoles($role->id); } } } if (is_null($role)) { $this->view->role_tree = $roles_table->getRoleTree(); } if ($this->getRequest()->isPost()) { $errors = array(); if ($request->has('inherit_role')) { $parents = array(); foreach ($request->inherit_role as $inherit_role) { $parents = array_merge($parents, $roles_table->getAllAncestors($inherit_role)); } $inherit_ids = array(); foreach ($request->inherit_role as $inherit_role) { if (!in_array($inherit_role, $parents)) { $inherit_ids[] = $inherit_role; } } } if ($request->has('shortname')) { $shortname = $request->shortname; if (!Bolts_Validate::checkLength($request->shortname, 1, 255)) { $errors[] = $this->_T("Shortname must be between 1 and 255 chars."); } } else { $errors[] = $this->_T("Shortname is a requried field."); } $description = $request->description; $isadmin = (int) $request->checkbox('isadmin'); if (count($errors) == 0) { $data = array('shortname' => $shortname, 'description' => $description, 'isadmin' => $isadmin); //If we have an id, this is an update. $id = (int) $this->_request->getPost('id'); if ($id != 0) { $where = 'id = ' . $id; $roles_table->update($data, $where); } else { //We don't, this is an insert. $id = $roles_table->insert($data); } $roles_table->removeInheritedRole($id); foreach ($inherit_ids as $in_id) { $roles_table->setInheritedRole($id, $in_id); } $this->_redirect("/bolts/role"); } else { $this->view->errors = $errors; } } if ($request->has('id')) { // this is an edit $id = $request->id; if ($id > 0) { $this->view->role = $roles_table->fetchRow('id = ' . $id)->toArray(); } $this->view->inherited_ids = $roles_table->getInheritedRoles($id); } else { foreach ($roles_table->fetchAll()->toArray() as $role) { $role_choices[$role['id']] = $role['shortname']; } $this->view->role_choices = $role_choices; } }
function editAction() { $request = new RivetyCore_Request($this->getRequest()); $modules_table = new Modules('modules'); $modules_table_core = new Modules('core'); $roles_resources_table = new RolesResources(); $roles_res_extra_table = new RolesResourcesExtra(); if ($request->has("id")) { $role_id = $request->id; $roles_table = new Roles(); $role = $roles_table->fetchRow("id = " . $role_id); if (!is_null($role)) { $this->view->role = $role->toArray(); $this->view->roleshortname = $role->shortname; } else { $this->_redirect("/role"); } } else { $this->_redirect("/role"); } if ($request->has("modid")) { if ($modules_table->exists($request->modid)) { $module_id = $request->modid; } else { $module_id = "default"; } } else { $module_id = "default"; } if ($this->getRequest()->isPost()) { $resources = $this->getRequest()->getPost('resource'); // Hose everything for this role and module $where = $roles_resources_table->getAdapter()->quoteInto("role_id = ? and ", $role_id); $where .= $roles_resources_table->getAdapter()->quoteInto("module = ? ", $module_id); $roles_resources_table->delete($where); foreach ($resources as $resource) { $resource_array = explode("-", $resource); $resource_module = $resource_array[0]; $resource_controller = $resource_array[1]; $resource_action = $resource_array[2]; $data = array( 'role_id' => $role_id, 'module' => $resource_module, 'controller' => $resource_controller, 'action' => $resource_action, ); $roles_resources_table->insert($data); } $where = $roles_res_extra_table->getAdapter()->quoteInto("role_id = ? and ", $role_id); $where .= $roles_res_extra_table->getAdapter()->quoteInto("module = ? ", $module_id); $roles_res_extra_table->delete($where); if ($request->has("extra_resource")) { foreach ($request->extra_resource as $extra_resource_item) { $data = array( 'role_id' => $role_id, 'module' => $module_id, 'resource'=> $extra_resource_item, ); $roles_res_extra_table->insert($data); } } $this->view->success = $this->_T("Resources updated."); } $db_roles_resources = $roles_resources_table->fetchAll('role_id = ' . $role_id ); $resources = array(); foreach ($db_roles_resources as $resource) { if (!array_key_exists($resource->module, $resources)) { $resources[$resource->module] = array(); } if (!array_key_exists($resource->controller, $resources[$resource->module])) { $resources[$resource->module][$resource->controller] = array(); } $resources[$resource->module][$resource->controller][] = $resource->action; } /* * This is a poor man's introspector. The reflection API needs the classes actually available, * which creates naming conflicts between modules. What I do instead is read the physical files, * line by line, find the lines with "function fooAction" and determine that the action name is * "foo". It's a hack, but it works. */ $all_actions = array(); $modules = array(); $controllerdirs = array(); $enabled_modules = $modules_table->getEnabledModules(); foreach ($enabled_modules as $enabled_module) { $module_dir = 'modules'; if ($enabled_module == 'default') $module_dir = 'core'; $controllerdirs[$enabled_module] = Zend_Registry::get("basepath") . DIRECTORY_SEPARATOR . $module_dir . DIRECTORY_SEPARATOR . $enabled_module . DIRECTORY_SEPARATOR . "controllers"; } $controllerdir = $controllerdirs[$module_id]; $d = dir($controllerdir); $modules[] = $module_id; while (($entry = $d->read()) !== false) { if ($entry != '.' and $entry != '..' and $entry != '.svn') { $controller_name = substr($entry, 0, stripos($entry, 'Controller.php')); if ($module_id != "default" && substr($controller_name, 0, 1) == "_") { $controller_name = substr($controller_name, stripos($controller_name, '_') + 1); } $lines = file($controllerdir . DIRECTORY_SEPARATOR . $entry); foreach ($lines as $line) { if (preg_match('/function.*Action.*\(.*\).*\{?/', $line)) { $action_name = trim(preg_replace('/Action.*/', '', preg_replace('/^.*function/', '', $line))); $allowed = false; if (array_key_exists($module_id, $resources)) { if (array_key_exists($controller_name, $resources[$module_id])) { if (in_array($action_name, $resources[$module_id][$controller_name])) { $allowed = true; } } } $inherited = false; if (count($roles_table->getInheritedRoles($role_id)) > 0) { $inherited = $this->isResourceInherited($module_id, $controller_name, $action_name, $role_id); } $all_actions[$module_id][$controller_name][$action_name] = array( 'allowed' => $allowed, 'inherited' => $inherited, ); } } } } $d->close(); $this->view->modid = $module_id; if ($module_id == 'default') $mod_cfg = $modules_table_core->parseIni($module_id); else $mod_cfg = $modules_table->parseIni($module_id); $this->view->module_title = $mod_cfg['general']['name']; $this->view->actions = $all_actions; $this->view->modules = $enabled_modules; // get "extra" resources $extra_resources = array(); if (array_key_exists('resources', $mod_cfg)) { foreach ($mod_cfg['resources'] as $resource_name => $nicename) { $extra_resources[$resource_name]['nicename'] = $nicename; $extra_resources[$resource_name]['inherited'] = $this->isExtraResourceInherited($module_id, $resource_name, $role_id); $extra_resources[$resource_name]['allowed'] = $roles_res_extra_table->isAllowed($role_id, $module_id, $resource_name); } } $this->view->extra_resources = $extra_resources; $this->view->breadcrumbs = array( 'Roles' => '/default/role/index', $role['shortname'] => '/default/role/edit/id/' . $role['id'], 'Resources' => null, ); }