protected function controllerRules($controller, $module = null)
{
$accessArray = array();
$controller_model = Controllers::model()->find("controller_name like '{$controller}' and module_name like '{$module}'");
//var_dump($controller_model);
if (!$controller_model) {
echo 'denied';
return array(array('deny'));
}
//user roles
// $actions_user = ActionsUsers::model()->findAll(array('condition' => "controller_id = $controller_model->id and can_access like 'allow'",
// 'order' => 'controller_id desc'));
// ANH DUNG CLOSE JAN 29, 2015
// ANH DUNG ADD JAN 29, 2015
$criteria = new CDbCriteria();
$criteria->compare("t.controller_id", $controller_model->id);
$criteria->compare("t.user_id", Yii::app()->user->id);
$criteria->compare("t.can_access", "allow", true);
$criteria->order = "t.controller_id desc";
$actions_user = ActionsUsers::model()->findAll($criteria);
// ANH DUNG ADD JAN 29, 2015
// if($actions_user)
// {
foreach ($actions_user as $key => $user_action) {
if ($user_action->user) {
$array_action = array_map('trim', explode(",", trim($user_action->actions)));
$accessArray[] = array($user_action->can_access, 'actions' => $array_action, 'users' => array($user_action->user->username));
} else {
$user_action->delete();
}
// delete data not valid
}
// }
//menu roles ANH DUNG FIX Oct 07, 2014
$criteria = new CDbCriteria();
$criteria->compare('controller_id', $controller_model->id);
$criteria->compare('can_access', 'allow');
$criteria->compare('roles_id', Yii::app()->user->role_id);
$actions_role = ActionsRoles::model()->findAll($criteria);
// $actions_role = ActionsRoles::model()->findAll(array('condition' => "controller_id = $controller_model->id and can_access LIKE 'allow'",
// 'order' => 'controller_id desc'));
// //menu roles ANH DUNG FIX Oct 07, 2014
if ($actions_role) {
foreach ($actions_role as $key => $action_role) {
$array_action = array_map('trim', explode(",", trim($action_role->actions)));
$accessArray[] = array('allow', 'actions' => $array_action, 'users' => array('@'));
}
}
// $accessArray[] = array('deny'); // ANH DUNG CLOSE JAN 29, 2015
$accessArray[] = array('deny', 'users' => array('*'));
// ANH DUNG ADD JAN 29, 2015
return $accessArray;
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer the ID of the model to be loaded
*/
public function loadModel($id)
{
$model = ActionsRoles::model()->findByPk($id);
if ($model === null) {
Yii::log("The requested page does not exist.");
throw new CHttpException(404, 'The requested page does not exist.');
}
return $model;
}
public static function canAccess($action, $controller_id, $class)
{
try {
$roles = Yii::app()->session['roles'];
$obj = new $class();
if ($class == 'ActionsRoles') {
$actions = ActionsRoles::model()->findAll('controller_id = ' . $controller_id . ' and roles_id = ' . $roles);
} else {
$user_id = Users::model()->find("username like '{$roles}'")->id;
$actions = ActionsUsers::model()->findAll('controller_id = ' . $controller_id . ' and user_id = ' . $user_id);
}
foreach ($actions as $key => $model) {
$array_action = array_map('trim', explode(",", trim($model->actions)));
foreach ($array_action as $key2 => $value) {
if (strtolower($value) == strtolower($action)) {
return $model->can_access;
}
}
}
return 'allow';
} catch (Exception $e) {
Yii::log("Exception " . print_r($e, true), 'error');
throw new CHttpException("Exception " . print_r($e, true));
}
}
