public function getAccessListAction() { if ($this->request->isPost()) { if ($this->request->isAjax()) { if ($this->token->check('token')) { $records = AclAccessList::find()->toArray(); $data = array('data' => $records); return $this->sendAjax($data); } } } }
protected function _allowOrDeny($roleName, $resourceName, $access, $action) { if (!$this->isRole($roleName) && $roleName != '*') { throw new \Exception("Role '{$roleName}' does not exist in ACL"); } if (!$this->isResource($resourceName) && $resourceName != '*') { throw new \Exception("Resource '{$resourceName}' does not exist in ACL"); } if (!is_array($access)) { $access = array($access); } foreach ($access as $accessName) { if (!$this->isResourceAccess($resourceName, $accessName) && $accessName != '*') { throw new \Exception("Access '{$accessName}' does not exist in resource '{$resourceName}'"); } if ($accessList = $this->accessExists($roleName, $resourceName, $accessName)) { // UPDATE $accessList->allowed = (int) $action; $success = $accessList->update(); } else { // INSERT $accessList = new AclAccessList(); $accessList->roles_name = $roleName; $accessList->resources_name = $resourceName; $accessList->access_name = $accessName; $accessList->allowed = (int) $action; $success = $accessList->save(); } if ($accessName != '*' && !$this->accessExists($roleName, $resourceName, '*')) { $accessList = new AclAccessList(); $accessList->roles_name = $roleName; $accessList->resources_name = $resourceName; $accessList->access_name = '*'; $accessList->allowed = (int) $this->_defaultAccess; } } }