Exemplo n.º 1
0
 protected function controllerRules($controller, $module = null)
 {
     $accessArray = array();
     $controller_model = Controllers::model()->find("controller_name like '{$controller}' and module_name like '{$module}'");
     //var_dump($controller_model);
     if (!$controller_model) {
         echo 'denied';
         return array(array('deny'));
     }
     //user roles
     //        $actions_user = ActionsUsers::model()->findAll(array('condition' => "controller_id = $controller_model->id  and can_access like 'allow'",
     //                                                     'order' => 'controller_id desc'));
     // ANH DUNG CLOSE JAN 29, 2015
     // ANH DUNG ADD JAN 29, 2015
     $criteria = new CDbCriteria();
     $criteria->compare("t.controller_id", $controller_model->id);
     $criteria->compare("t.user_id", Yii::app()->user->id);
     $criteria->compare("t.can_access", "allow", true);
     $criteria->order = "t.controller_id desc";
     $actions_user = ActionsUsers::model()->findAll($criteria);
     // ANH DUNG ADD JAN 29, 2015
     //        if($actions_user)
     //        {
     foreach ($actions_user as $key => $user_action) {
         if ($user_action->user) {
             $array_action = array_map('trim', explode(",", trim($user_action->actions)));
             $accessArray[] = array($user_action->can_access, 'actions' => $array_action, 'users' => array($user_action->user->username));
         } else {
             $user_action->delete();
         }
         // delete data not valid
     }
     //        }
     //menu roles ANH DUNG FIX Oct 07, 2014
     $criteria = new CDbCriteria();
     $criteria->compare('controller_id', $controller_model->id);
     $criteria->compare('can_access', 'allow');
     $criteria->compare('roles_id', Yii::app()->user->role_id);
     $actions_role = ActionsRoles::model()->findAll($criteria);
     //        $actions_role = ActionsRoles::model()->findAll(array('condition' => "controller_id = $controller_model->id  and can_access LIKE 'allow'",
     //                                                                                                                'order' => 'controller_id desc'));
     //      //menu roles ANH DUNG FIX Oct 07, 2014
     if ($actions_role) {
         foreach ($actions_role as $key => $action_role) {
             $array_action = array_map('trim', explode(",", trim($action_role->actions)));
             $accessArray[] = array('allow', 'actions' => $array_action, 'users' => array('@'));
         }
     }
     //        $accessArray[] = array('deny'); // ANH DUNG CLOSE JAN 29, 2015
     $accessArray[] = array('deny', 'users' => array('*'));
     // ANH DUNG ADD JAN 29, 2015
     return $accessArray;
 }
Exemplo n.º 2
0
 /**
  * Returns the data model based on the primary key given in the GET variable.
  * If the data model is not found, an HTTP exception will be raised.
  * @param integer the ID of the model to be loaded
  */
 public function loadModel($id)
 {
     $model = ActionsRoles::model()->findByPk($id);
     if ($model === null) {
         Yii::log("The requested page does not exist.");
         throw new CHttpException(404, 'The requested page does not exist.');
     }
     return $model;
 }
Exemplo n.º 3
0
 public static function canAccess($action, $controller_id, $class)
 {
     try {
         $roles = Yii::app()->session['roles'];
         $obj = new $class();
         if ($class == 'ActionsRoles') {
             $actions = ActionsRoles::model()->findAll('controller_id = ' . $controller_id . ' and roles_id = ' . $roles);
         } else {
             $user_id = Users::model()->find("username like '{$roles}'")->id;
             $actions = ActionsUsers::model()->findAll('controller_id = ' . $controller_id . ' and user_id = ' . $user_id);
         }
         foreach ($actions as $key => $model) {
             $array_action = array_map('trim', explode(",", trim($model->actions)));
             foreach ($array_action as $key2 => $value) {
                 if (strtolower($value) == strtolower($action)) {
                     return $model->can_access;
                 }
             }
         }
         return 'allow';
     } catch (Exception $e) {
         Yii::log("Exception " . print_r($e, true), 'error');
         throw new CHttpException("Exception " . print_r($e, true));
     }
 }