Exemplo n.º 1
0
 /**
  * Save the Permission for an action
  *
  * @return array
  */
 public function saveActionPermissionsAction()
 {
     $ruleModel = new Admin_Model_DbTable_Acl_Rule();
     $roleModel = new Admin_Model_DbTable_Acl_Role();
     $actionModel = new Admin_Model_DbTable_Acl_Action();
     $data = Zend_Json::decode($this->request->getParam('permissions', array()));
     $return = array();
     if (!is_array($data) || !empty($data['aId'])) {
         // if we have no array or the controller id is directly in the array
         // we nest the array in an array to get the foreach to work
         // extjs is sending object if only 1 row has changed and an array of object
         // if multiple changes occure
         $data = array($data);
     }
     foreach ($data as $el) {
         $role = $roleModel->find($el['roleId']);
         $action = $actionModel->find($el['aId']);
         // not an action provided or multiple controller found
         if ($action->count() !== 1) {
             continue;
         }
         // not a roleId provided or multiple roles found
         if ($role->count() !== 1) {
             continue;
         }
         $action = new Admin_Model_DbRow_Action($action->current());
         $role = new Admin_Model_DbRow_Role($role->current());
         if ($el['rule'] == Admin_Model_DbTable_Acl_Rule::RULE_DENY) {
             $rule = Admin_Model_DbTable_Acl_Rule::RULE_DB_DENY;
         } elseif ($el['rule'] == Admin_Model_DbTable_Acl_Rule::RULE_ALLOW) {
             $rule = Admin_Model_DbTable_Acl_Rule::RULE_DB_ALLOW;
         } else {
             $rule = NULL;
         }
         $ruleModel->deleteWithActionRole($action->get('id'), $role->get('id'));
         if ($rule !== NULL) {
             $permission = new Admin_Model_DbRow_Rule(array('mcId' => $action->get('mcId'), 'aId' => $action->get('id'), 'roleId' => $role->get('id'), 'rule' => $rule));
             $ruleModel->insert($permission->toDbArray());
         }
         $return[] = array('ident' => join("_", array($role->get('id'), $action->get('mcId'), $action->get('id'))), 'mcId' => $action->get('mcId'), 'aId' => $action->get('id'), 'roleName' => $role->get('name'), 'roleId' => $role->get('id'), 'rule' => $rule);
     }
     return $this->responseSuccess(array('permissions' => $return));
 }
 /**
  * Delete an Controller from the database, which does not exists
  * as an controller file anymore.
  * Delete also from all releveant tables like
  *  - actions
  *  - rules
  *
  * @view views/scripts/controller/delete.phtml
  * @access public
  */
 public function deleteAction()
 {
     $ctrlRow = new Admin_Model_DbRow_Controller($this->dbCtrl->find($this->checkControllerIdParam()));
     $form = new Admin_Form_Controller_Delete($ctrlRow);
     $form->setAction('/noc/admin/controller/delete');
     if ($ctrlRow->get('id')) {
         if ($this->getRequest()->isPost()) {
             if ($form->isValid($this->getRequest()->getParams()) === TRUE && $form->getElement('chkdelete')->isChecked() === TRUE) {
                 // delete the model controller
                 $this->dbCtrl->deleteById($ctrlRow->get('id'));
                 // delete all actions for this module / controller
                 $actionDbModel = new Admin_Model_DbTable_Acl_Action();
                 $actionDbModel->deleteByControllerId($ctrlRow->get('id'));
                 // delete all rules which are bound to this module / controller
                 $rulesDbModel = new Admin_Model_DbTable_Acl_Rule();
                 $rulesDbModel->deleteByControllerId($ctrlRow->get('id'));
                 $this->_redirect('admin/controller/scan');
             } else {
                 $form->addErrors(array('Delete not successfull. Did you checked the checkbox?'));
             }
         }
     } else {
         $form->addErrors(array('Invalid Controller Id, cannot proceed'));
     }
     $this->view->form = $form;
 }
 /**
  * change to permission for this action
  *
  * @view views/scripts/action/permission.phtml
  * @access public
  */
 public function permissionAction()
 {
     $actionRow = new Admin_Model_DbRow_Action($this->dbAction->find($this->checkActionIdParam()));
     $ctrlRow = new Admin_Model_DbRow_Controller($this->dbController->find($actionRow->get('mcId')));
     $dbRoles = new Admin_Model_DbTable_Acl_Role();
     $dbRules = new Admin_Model_DbTable_Acl_Rule();
     $roles = array();
     $rules = array();
     $allowRules = array();
     $denyRules = array();
     foreach ($dbRoles->fetchActiveRoles() as $row) {
         $roles[] = new Admin_Model_DbRow_Role($row);
     }
     foreach ($dbRules->fetchRulesForAction($actionRow->get('id')) as $row) {
         $rules[] = new Admin_Model_DbRow_Rule($row);
     }
     foreach ($rules as $rule) {
         if ($rule->get('rule') === Admin_Model_DbTable_Acl_Rule::RULE_DB_ALLOW) {
             $allowRules[] = $rule->get('roleId');
         } elseif ($rule->get('rule') === Admin_Model_DbTable_Acl_Rule::RULE_DB_DENY) {
             $denyRules[] = $rule->get('roleId');
         }
     }
     $form = new Admin_Form_Action_Permission($ctrlRow, $actionRow, $roles, $allowRules, $denyRules);
     $form->setAction('/noc/admin/action/permission');
     if ($this->getRequest()->isPost()) {
         if ($form->isValid($this->getRequest()->getParams()) && $form->hasPermissionCollision($this->getRequest()) === FALSE) {
             $dbRules->deleteByActionId($actionRow->get('id'));
             $allow = (array) $form->getElement('rolesallow')->getValue();
             $deny = (array) $form->getElement('rolesdeny')->getValue();
             foreach ($allow as $roleId) {
                 $dbRules->addRule($ctrlRow->get('id'), $actionRow->get('id'), $roleId, Admin_Model_DbTable_Acl_Rule::RULE_DB_ALLOW);
             }
             foreach ($deny as $roleId) {
                 $dbRules->addRule($ctrlRow->get('id'), $actionRow->get('id'), $roleId, Admin_Model_DbTable_Acl_Rule::RULE_DB_DENY);
             }
             $this->_redirect(sprintf('admin/action/index/control/%d/id/%d', $ctrlRow->get('id'), $actionRow->get('id')));
         } else {
             $form->addError('Mindestens eine Rolle wurde der Zugriff erlaubt und verweigert.');
         }
     }
     $this->view->form = $form;
     $this->view->controller = $ctrlRow;
 }