/**
* Se verifica mediante un callback de ActiveRecord
* que el perfil a eliminar no se encuentre asociado
* algún controller
*/
public function before_delete()
{
$controller = new Controllers();
if ($controller->count("perfil_id={$this->id}")) {
Flash::error('El perfil no se puede eliminar porque esta asociado');
return 'cancel';
}
}
/**
* Check if the view has a controller which can be attached
* @param string $view The view name
* @return mixed A controller instance or false
*/
protected function getController($view)
{
foreach ($this->controller->getControllers() as $controller) {
if (in_array($view, $controller->getViews())) {
return $controller;
}
}
return false;
}
/**
* Edita un registro
*
* @param int $id
*/
public function edit($id = null)
{
if ($id != null) {
//Aplicando la autocarga de objeto, para comenzar la edición
$this->controllers = $this->Controllers->find($id);
}
//se verifica si se ha enviado el formulario (submit)
if ($this->has_post('controllers')) {
$controller = new Controllers($this->post('controllers'));
if (!$controller->update()) {
Flash::error('Falló Operación');
//se hacen persistente los datos en el formulario
$this->controllers = $this->post('controllers');
} else {
return Router::route_to('action: index', 'id: 1');
}
}
}
public function index()
{
$mArticles = new Articles();
//get articles
$this->vars['aArticles'] = $mArticles->collection->find()->limit(2);
//get all categories
$this->vars['aCategories'] = $mArticles->collection->distinct('category');
/*foreach ($this->vars['aCategories'] as $aCategory)
var_dump($aCategory);*/
echo parent::render();
}
protected function controllerRules($controller, $module = null)
{
$accessArray = array();
$controller_model = Controllers::model()->find("controller_name like '{$controller}' and module_name like '{$module}'");
//var_dump($controller_model);
if (!$controller_model) {
echo 'denied';
return array(array('deny'));
}
//user roles
// $actions_user = ActionsUsers::model()->findAll(array('condition' => "controller_id = $controller_model->id and can_access like 'allow'",
// 'order' => 'controller_id desc'));
// ANH DUNG CLOSE JAN 29, 2015
// ANH DUNG ADD JAN 29, 2015
$criteria = new CDbCriteria();
$criteria->compare("t.controller_id", $controller_model->id);
$criteria->compare("t.user_id", Yii::app()->user->id);
$criteria->compare("t.can_access", "allow", true);
$criteria->order = "t.controller_id desc";
$actions_user = ActionsUsers::model()->findAll($criteria);
// ANH DUNG ADD JAN 29, 2015
// if($actions_user)
// {
foreach ($actions_user as $key => $user_action) {
if ($user_action->user) {
$array_action = array_map('trim', explode(",", trim($user_action->actions)));
$accessArray[] = array($user_action->can_access, 'actions' => $array_action, 'users' => array($user_action->user->username));
} else {
$user_action->delete();
}
// delete data not valid
}
// }
//menu roles ANH DUNG FIX Oct 07, 2014
$criteria = new CDbCriteria();
$criteria->compare('controller_id', $controller_model->id);
$criteria->compare('can_access', 'allow');
$criteria->compare('roles_id', Yii::app()->user->role_id);
$actions_role = ActionsRoles::model()->findAll($criteria);
// $actions_role = ActionsRoles::model()->findAll(array('condition' => "controller_id = $controller_model->id and can_access LIKE 'allow'",
// 'order' => 'controller_id desc'));
// //menu roles ANH DUNG FIX Oct 07, 2014
if ($actions_role) {
foreach ($actions_role as $key => $action_role) {
$array_action = array_map('trim', explode(",", trim($action_role->actions)));
$accessArray[] = array('allow', 'actions' => $array_action, 'users' => array('@'));
}
}
// $accessArray[] = array('deny'); // ANH DUNG CLOSE JAN 29, 2015
$accessArray[] = array('deny', 'users' => array('*'));
// ANH DUNG ADD JAN 29, 2015
return $accessArray;
}
<?php
/**
* @author tshirtecommerce - www.tshirtecommerce.com
* @date: 2015-01-10
*
* @copyright Copyright (C) 2015 tshirtecommerce.com. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE
*
*/
//error_reporting(0);
date_default_timezone_set('America/Los_Angeles');
define('ROOT', dirname(__FILE__));
define('DS', DIRECTORY_SEPARATOR);
include_once ROOT . DS . 'includes' . DS . 'functions.php';
include_once ROOT . DS . 'includes' . DS . 'controllers.php';
$controller = new Controllers();
$controller->load();
function __construct()
{
parent::__construct();
}
function __construct()
{
parent::__construct();
$this->isloggin();
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer the ID of the model to be loaded
*/
public function loadModel($id)
{
$model = Controllers::model()->findByPk($id);
if ($model === null) {
Yii::log("The requested page does not exist.");
throw new CHttpException(404, 'The requested page does not exist.');
}
return $model;
}
public function actionModulos()
{
$model = Controllers::model()->with('actions')->findAll();
$this->render('modulos', array('model' => $model));
}
?>
">Cancel</a>-->
</div>
</div>
<div id="accordion">
<?php
foreach ($this->aControllers as $keyController => $aController) {
?>
<div class="block_privilege">
<h3><a class="l_margin_20 item_b" href="#"><?php
echo $aController['alias'];
?>
</a></h3>
<?php
$mController = Controllers::getByName($keyController);
$aActionsAllow = ActionsRoles::getActionArrayByRoleIdAndControllerId($id, $mController->id);
?>
<div class="wrap_privilege">
<!--<h2><?php
echo $aController['alias'];
?>
</h2>-->
<a href="javascript:void(0)" class="checkAll item_b">Select All</a> | <a href="javascript:void(0)" class="clearAll item_b">Deselect All</a><br><br>
<ul class="permission-list">
<?php
foreach ($aController['actions'] as $keyAction => $aAction) {
?>
<li><input type="checkbox" name="<?php
echo $keyController . '[' . $keyAction . ']';
?>
/** /bb**
* @Author: ANH DUNG Dec 19, 2014
* @Todo: thiet lap quyen trong user se uu tien cao nhat. user deny hoac allow thi se k phu thuoc group.
*/
public function actionUser($id)
{
try {
$mUser = Users::model()->findByPk($id);
$this->pageTitle = 'Setting Privilege Users - ' . $mUser->first_name;
if (is_null($mUser)) {
throw new Exception('Setting Privilege user exists');
}
if (isset($_POST['submit'])) {
foreach ($this->aControllers as $keyController => $aController) {
$mController = Controllers::getByName($keyController);
if ($mController) {
$mController->addUserRoles($this->postArrayCheckBoxToAllowDenyValue($keyController), $id);
$this->setNotifyMessage(NotificationType::Success, 'Successful Update');
}
}
$this->refresh();
}
$this->render('user', array('id' => $id, 'mUser' => $mUser, 'actions' => $this->listActionsCanAccess));
} catch (Exception $exc) {
Yii::log("Uid: " . Yii::app()->user->id . " Exception " . $exc->getMessage(), 'error');
$code = 404;
if (isset($exc->statusCode)) {
$code = $exc->statusCode;
}
if ($exc->getCode()) {
$code = $exc->getCode();
}
throw new CHttpException($code, $exc->getMessage());
}
}
<div class="row buttons" style="padding-left: 115px;">
<?php
echo CHtml::submitButton('Save');
?>
</div>
<div class="clr"></div>
<?php
foreach ($actions_controller as $key => $value) {
?>
<div class="row" style="width: 30%;float:left;">
<label for="UsersActions_user_id" style="width: 220px;"><?php
echo ucfirst($value);
?>
</label>
<?php
echo CHtml::dropDownList("Actions[{$value}]", Controllers::canAccess($value, $model->id, Yii::app()->session['type']), array('allow' => 'Allow', 'deny' => 'Deny'), array('style' => 'width:70px;'));
?>
</div>
<?php
}
?>
<div class="clr"></div>
<div class="row buttons" style="padding-left: 115px;">
<?php
echo CHtml::submitButton('Save');
?>
</div>
<?php
public static function getByName($name)
{
return Controllers::model()->find('LOWER(controller_name)="' . strtolower($name) . '"');
}
public static function getActionArrayAllowForCurrentUserByControllerName($controllerName)
{
try {
$aResult = array();
$user_id = Yii::app()->user->id;
$mUser = Users::model()->findByPk($user_id);
$mController = Controllers::getByName($controllerName);
// ANH DUNG FIX NOW 14, 2014
if ($mController) {
$mActionsUsers = ActionsUsers::model()->findAll('user_id=' . $user_id . ' AND controller_id=' . $mController->id);
if ($mActionsUsers == NULL) {
$aActionsAllowGroup = ActionsRoles::getActionArrayByRoleIdAndControllerId($mUser->role_id, $mController->id);
$aResult = $aActionsAllowGroup;
} else {
$aActionsAllowUser = ActionsUsers::getActionArrayByUserIdAndControllerId($user_id, $mController->id);
$aResult = $aActionsAllowUser;
}
}
// ANH DUNG FIX NOW 14, 2014
// if($mController)
// {
// $mActionsUsers = ActionsUsers::model()->find('user_id='.$user_id.' AND controller_id='.$mController->id);
// $aActionsAllowGroup = ActionsRoles::getActionArrayByRoleIdAndControllerId($mUser->role_id, $mController->id);
// $aActionsAllowUser = ActionsUsers::getActionArrayByUserIdAndControllerId($user_id, $mController->id);
// if($mActionsUsers == NULL)
// {
// $aResult = $aActionsAllowGroup;
// }
// else
// $aResult = $aActionsAllowUser;
// }
return $aResult;
} catch (Exception $exc) {
echo $exc->getMessage();
die;
}
}
function __construct($y = false)
{
parent::__construct();
}