/** * Write link permissions method * */ protected function _writeLinkPermissions() { $acos = array(); $privileges = $this->find('all', array('conditions' => array('Privilege._create' => 1, 'Privilege._read' => 1, 'Privilege._update' => 1, 'Privilege._delete' => 1))); foreach ($privileges as $privilege) { if (!empty($acos[$privilege['Privilege']['aco_id']])) { $acos[$privilege['Privilege']['aco_id']] = $acos[$privilege['Privilege']['aco_id']] . ',' . $privilege['Privilege']['aro_id']; } else { $acos[$privilege['Privilege']['aco_id']] = $privilege['Privilege']['aro_id']; } } $settings = ''; foreach ($acos as $aco => $aros) { $path = $this->Section->getPath($aco); // all of the acos parents if ($path === null) { // if path is null we need to delete the aros_acos that use that aco because it doesn't exist $this->deleteAll(array('Privilege.aco_id' => $aco)); } else { $url = str_replace('controllers', '', Inflector::singularize(Inflector::tableize(ZuhaInflector::flatten(Set::extract('/Section/alias', $path), array('separator' => '/'))))); $settings .= $url . ' = ' . $aros . PHP_EOL; } } App::uses('Setting', 'Model'); $Setting = new Setting(); $data['Setting']['type'] = 'APP'; $data['Setting']['name'] = 'LINK_PERMISSIONS'; $data['Setting']['value'] = trim($settings); $Setting->add($data); }
/** * Procreate method * * @param uuid $userRoleId */ public function procreate($userRoleId = null) { if ($this->request->is('post')) { $this->User->autoLogin = false; if ($this->User->procreate($this->request->data)) { $this->Session->setFlash(__('User created.')); $this->redirect(array('action' => 'dashboard')); } else { $this->Session->setFlash(__('Error, user save failed ' . ZuhaInflector::flatten($this->User->invalidFields()))); } } $userRoles = $this->User->UserRole->find('list', array('conditions' => array('UserRole.id !=' => 1, 'UserRole.name !=' => 'guests'))); // remove the administrators group by default - too insecure $userRoleId = count($userRoles) == 1 && empty($userRoleId) ? key($userRoles) : $userRoleId; $userRoleId = defined('__APP_DEFAULT_USER_REGISTRATION_ROLE_ID') && empty($userRoleId) ? __APP_DEFAULT_USER_REGISTRATION_ROLE_ID : $userRoleId; $this->set(compact('userRoleId', 'userRoles')); $title = !empty($userRoles[$userRoleId]) ? Inflector::humanize($userRoles[$userRoleId]) . ' Registration' : 'User Registration'; $this->set('title_for_layout', $title . ' | ' . __SYSTEM_SITE_NAME); $this->set('page_title_for_layout', $title); }
/** * Import * * Note: To avoid having to tweak the contents of $csvData, * you should use your db field names as the heading names. * eg: User.id, User.title, User.description * * @param array $data * @return type * @todo Make sure fopen can't be hacked, it's the main point of entry for the base64 attack. */ function importFromCsv($data = array(), $options = array()) { $options = array_merge(array($this->alias => array('notify' => true)), $options); $this->caller = 'import'; if ($data['Import']['csv']['error'] !== UPLOAD_ERR_OK) { return array('errors' => 'We did not receive your file. Please try again.'); } // open the file $handle = fopen($data['Import']['csv']['tmp_name'], "r"); // read the 1st row as headings $header = fgetcsv($handle); // create a message container $return = array('messages' => array(), 'errors' => array()); // read each data row in the file while (($row = fgetcsv($handle)) !== FALSE) { $i++; $csvData['User'] = $data['User']; // for each header field foreach ($header as $k => $head) { // get the data field from Model.field if (strpos($head, '.') !== false) { $h = explode('.', $head); $csvData[$h[0]][$h[1]] = isset($row[$k]) ? $row[$k] : ''; } else { $csvData[$this->alias][$head] = isset($row[$k]) ? $row[$k] : ''; } } // see if we have an id $id = isset($csvData[$this->alias]['id']) ? $csvData[$this->alias]['id'] : 0; // we have an id, so we update if ($id) { // there is 2 options here, // option 1: // load the current row, and merge it with the new data //$this->recursive = -1; //$event = $this->read(null,$id); //$csvData['Event'] = array_merge($event['Event'],$csvData['Event']); // option 2: // set the model id $this->id = $id; } else { // or create a new record $this->create(); } // save the row if ($this->procreate($csvData)) { // success message! $return['messages'][] = __('User for Row %d was saved.', $i); } else { $return['errors'][] = ZuhaInflector::flatten($this->validationErrors); $return['messages'][] = __('User for Row %d failed to save.', $i); } } // close the file fclose($handle); // return the messages return $return; }
/** * Protected add method * * If a gallery id is given, check the defaults, attach the upload behavior, and perform the upload. * If no gallery id is given, create a gallery first using site settings, and make the submitted image the th * The gallery add() function calls back to this function to perform the upload. * * This protected version of the add function was pushed down so that it could be called multiple times. * * @access protected * @param array * @param string * @return bool */ protected function _add($data, $uploadFieldName) { $data = $this->checkForGallery($data); if (!empty($data['GalleryImage']['gallery_id'])) { if ($data['GalleryImage']['mimetype'] == 'video') { // special "video" keyword case where we just save the image data because its a video return $this->save($data); } else { if (!empty($data['GalleryImage'][$uploadFieldName])) { // existing gallery and image submitted $uploadOptions[$uploadFieldName] = $this->_getImageOptions($data); $this->Behaviors->attach('Galleries.MeioUpload', $uploadOptions); $this->create(); if ($this->save($data)) { return true; } else { throw new Exception(__('ERROR : %s', ZuhaInflector::flatten($this->invalidFields()))); } } else { // just saving an existing gallery if ($this->Gallery->save($data)) { return true; } else { throw new Exception(__d('galleries', 'ERROR : Gallery save failed.', true)); } } } } else { // new gallery if ($this->Gallery->add($data, $uploadFieldName)) { return true; } else { throw new Exception(__d('galleries', 'ERROR : Gallery add failed.', true)); } } }