/** * Edit access. * * @param int $id Identity. * * @return ResponseInterface|mixed|void * * @Route("/edit/{id:[a-zA-Z_-]+}", methods={"GET", "POST"}, name="admin-access-edit") */ public function editAction($id) { // Normalize id. $urlId = $id; $id = str_replace('_', '\\', $id); // Check current role change request. $changeRole = $this->request->get('role'); if ($changeRole !== null) { $this->session->set('admin-current-role', $changeRole); return $this->response->redirect(['for' => 'admin-access-edit', 'id' => $urlId]); } $resources = $this->core->acl()->getResources(); $resourceFound = false; foreach ($resources as $resource) { if ($resource->getName() == $id) { $resourceFound = true; break; } } if (!$resourceFound) { return $this->response->redirect(['for' => 'admin-access']); } // get all roles and current $roles = Role::find(); $currentRole = $this->session->get('admin-current-role'); $currentRole = Role::findFirst($currentRole); if (!$currentRole) { $currentRole = Role::getRoleByType(Acl::DEFAULT_ROLE_ADMIN); } $objectAcl = $this->core->acl()->getObject($id); $form = $this->_getForm($objectAcl, $currentRole); $this->view->currentObject = $id; $this->view->form = $form; $this->view->roles = $roles; $this->view->currentRole = $currentRole; if (!$this->request->isPost() || !$form->isValid()) { return; } $data = $form->getValues(); // save actions foreach ($objectAcl->actions as $action) { $result = Access::findFirst(["conditions" => "object = ?1 AND action = ?2 AND role_id = ?3", "bind" => [1 => $id, 2 => $action, 3 => $currentRole->id]]); if (!$result) { $result = new Access(); $result->object = $id; $result->action = $action; $result->role_id = $currentRole->id; } if (empty($data[$action])) { $result->value = 'deny'; } else { $result->value = 'allow'; } $result->save(); } //save options foreach ($objectAcl->options as $options) { $result = Access::findFirst(["conditions" => "object = ?1 AND action = ?2 AND role_id = ?3", "bind" => [1 => $id, 2 => $options, 3 => $currentRole->id]]); if (!$result) { $result = new Access(); $result->object = $id; $result->action = $options; $result->role_id = $currentRole->id; } if (empty($data[$options])) { $data[$options] = null; } $result->value = $data[$options]; $result->save(); } $this->core->acl()->clearAcl(); $this->flash->success('Settings saved!'); }
/** * Get default guest role. * * @return Role */ public static function getDefaultRole() { $role = Role::findFirst(["is_default = 1", 'cache' => ['key' => self::CACHE_KEY_ROLE_DEFAULT]]); if (!$role) { $role = new Role(); $role->name = "User"; $role->description = 'Default user role.'; $role->type = 'user'; $role->undeletable = 1; $role->save(); } return $role; }
/** * Delete role. * * @param int $id Role identity. * * @return mixed * * @Get("/roles-delete/{id:[0-9]+}", name="admin-roles-delete") */ public function rolesDeleteAction($id) { $item = Role::findFirst($id); if ($item) { if ($item->is_default) { $anotherRole = Role::findFirst(); if ($anotherRole) { $anotherRole->is_default = 1; $anotherRole->save(); } } if ($item->delete()) { $this->flashSession->notice('Object deleted!'); } else { $this->flashSession->error($item->getMessages()); } } return $this->response->redirect(['for' => 'admin-users-roles']); }