public function validate() { $return = true; if ($this->action == "") { $this->errors[] = "You must enter an action"; $return = false; } if ($this->aclgroup_id == "") { $this->errors[] = "You must enter an ACL Group"; $return = false; } if ($this->acl_id == "") { $this->errors[] = "You must enter an ACL"; $return = false; } if (!array_key_exists($this->action, $this->actions)) { $this->errors[] = "Invalid action"; $return = false; } if ($this->aclgroup_id && $this->acl_id) { $group_id = mysql_real_escape_string($this->aclgroup_id); $acl_id = mysql_real_escape_string($this->acl_id); $rule = ACLRule::find("aclgroups.id = '{$group_id}' AND acls.id = '{$acl_id}'"); if ($rule && (!$this->id || $rule->id != $this->id)) { $this->errors[] = 'That rule already exists'; } } if (count($this->errors) > 0) { $return = false; } return $return; }
public function getRule($controller = null, $action = null, $admin = false) { $id = mysql_real_escape_string($this->id); $controller = mysql_real_escape_string($controller); $action = mysql_real_escape_string($action); // find an ACL for this specific action $acl = ACLRule::find("aclgroups.id = '{$id}' AND acls.controller = '{$controller}' AND acls.action = '{$action}'"); if (!$acl) { $acl = ACLRule::find("aclgroups.id = '{$id}' AND acls.controller = '{$controller}' AND (acls.action IS NULL OR acls.action = '')"); } if (!$acl && $admin) { $acl = ACLRule::find("aclgroups.id = '{$id}' AND acls.controller = 'AdminController' AND (acls.action IS NULL OR acls.action = '')"); } if (!$acl) { $acl = ACLRule::find("aclgroups.id = '{$id}' AND (acls.controller IS NULL OR acls.controller = '') AND (acls.action IS NULL OR acls.action = '')"); } return $acl; }