public function run()
{
list($name, $id) = $this->resolveNameID();
if (isset($this->htmlOptions['id'])) {
$id = $this->htmlOptions['id'];
} else {
$this->htmlOptions['id'] = $id;
}
if (isset($this->htmlOptions['name'])) {
$name = $this->htmlOptions['name'];
} else {
$this->htmlOptions['name'] = $name;
}
// Сохранение информации осуществляется через behavior
if ($this->hasModel()) {
$this->objects = array(get_class($this->model), 'id', $this->model->id);
}
$controls = array();
if (is_array($this->objects) && !empty($this->objects)) {
$operations = ClassHelper::getBehaviorPropertyByClassName($this->objects[0], 'AccessCBehavior', 'operations');
if (!empty($operations)) {
if ($this->operation) {
$controls[] = array('label' => $operations[$this->operation], 'content' => $this->rightsForOperation($this->operation));
} else {
foreach ($operations as $operationName => $operationTitle) {
$controls[] = array('label' => $operations[$operationName], 'content' => $this->rightsForOperation($operationName));
}
}
}
}
if (!empty($controls)) {
$this->render('AccessRights', array('controls' => $controls, 'instantSave' => $this->instantSave));
}
}
public static function getAttributesByClassName($className)
{
$ret = ClassHelper::getBehaviorPropertyByClassName($className, 'AccessRBehavior', 'attributes');
if (empty($ret)) {
$ret = array();
}
return $ret;
}
public function allowed($action = 'read', $force = false)
{
// Не позволяем запускать условие два раза в одном запросе
if (($force || !isset($this->getOwner()->getDbCriteria()->params['aco_class']) || !isset($this->getOwner()->getDbCriteria()->params['aro_class'])) && ClassHelper::getBehaviorPropertyByClassName(get_class($this->getOwner()), 'AccessCBehavior', 'class')) {
$user = Yii::app()->user->data;
if (ClassHelper::getBehaviorPropertyByClassName(get_class($user), 'AccessRBehavior', 'class') && !$user->checkFullAccess()) {
$params = array('aco_class' => get_class($this->getOwner()), 'action' => $action);
$acoWhere = array('(a.`aco_key` = "" AND a.`aco_value` = "")', '(a.`aco_key` = "id" AND a.`aco_value` = t.`id`)');
$cAttributes = AccessCBehavior::getAttributesByClassName($params['aco_class']);
foreach ($cAttributes as $attrName) {
$acoWhere[] = '(a.`aco_key` = "' . $attrName . '" AND a.`aco_value` = t.`' . $attrName . '`)';
}
$acoWhereStatement = implode(' OR ', $acoWhere);
$aroWhereStatement = AccessRBehavior::generateAroWhereStatement($user, $params, 'a.');
$this->getOwner()->getDbCriteria()->mergeWith(array('join' => 'INNER JOIN `' . AccessItem::tableName() . '` a
ON a.action = :action
AND a.aco_class = :aco_class
AND a.aro_class = :aro_class
AND (' . $acoWhereStatement . ')
AND (' . $aroWhereStatement . ')', 'params' => $params));
}
}
return $this->getOwner();
}
