Exemplo n.º 1
0
 /**
  *
  */
 public static function checkPermissions()
 {
     $request = Core_Request::getInstance();
     // permissions structure
     $data = array('module' => $request->getRoute('module'), 'controller' => $request->getRoute('controller'), 'action' => $request->getRoute('action'));
     $model = Admin_PermissionsModel::getInstance();
     $flag = $model->getFlag($data);
     // $flag = 0 - is a free acces of the page
     if ($flag === 0) {
         return true;
     }
     if (!$flag) {
         // we need to check that method exist
         $model->add($data);
     } else {
         if (!s()->user->id) {
             // @todo
             Core_View::getInstance()->addFlashMessage(__('Please Login'), 'danger');
             Core_Response::getInstance()->setStatus(1)->redirect('admin')->toJson();
         }
         if (!Core_Bit::check(s()->user->access['permissions'], $flag)) {
             // well an owner has ALL access
             $role_rs = Admin_RolesModel::get(array('id' => s()->user->role_id));
             if ($role_rs->is_owner === 1 || s()->user->is_developer === 1) {
                 return true;
             }
             Core_View::getInstance()->addFlashMessage(__('You Don\'t have permission to access this page'), 'danger');
             Core_Response::getInstance()->setStatus(1)->redirect('admin')->toJson();
         }
     }
 }
Exemplo n.º 2
0
 public function hasPermissions($for_where)
 {
     if (strstr($for_where, '/')) {
         list($controller, $action) = explode('/', $for_where);
     } else {
         $controller = $for_where;
         $action = 'index';
     }
     $data = array('module' => $this->getRequest()->getRoute('module'), 'controller' => $controller, 'action' => $action);
     // flag must not be 0
     return Core_Bit::check(s()->user->access['permissions'], Admin_PermissionsModel::getFlag($data));
 }
Exemplo n.º 3
0
 public function permissionsAction()
 {
     $id = $this->getRequest()->getParam('id');
     if (!$id) {
         $this->getResponse()->setStatus(0)->setBody(__('role does not exist'))->toJson();
     }
     $role_rs = Admin_RolesModel::get(array('id' => $id));
     if (!$role_rs) {
         $this->getResponse()->setStatus(0)->setBody(__('role does not exist'))->toJson();
     }
     $return = array();
     $permissions_rs = Admin_PermissionsModel::getAll();
     foreach ($permissions_rs as $permission_row) {
         if (Core_Bit::check($role_rs->permissions, $permission_row->bit_flag) || $role_rs->is_owner) {
             $return[$permission_row['name']] = true;
         }
     }
     $this->getResponse()->setStatus(1)->setData(Core_Tools::JsonEncode($return))->toJson();
 }