/**
  * Store a newly created resource in storage.
  *
  * @return Response
  */
 public function store()
 {
     // Declare the rules for the form validation
     $rules = array('name' => 'required');
     $getPermissions = Input::get('permissions');
     // Validate the inputs
     $validator = Validator::make(Input::all(), $rules);
     // Check if the form validates with success
     if ($validator->passes()) {
         // Get the inputs, with some exceptions
         $inputs = Input::except('csrf_token');
         $this->role->name = $inputs['name'];
         $this->role->save();
         // Save permissions
         $perms = $this->permission->get();
         if (count($perms)) {
             if (isset($getPermissions)) {
                 $this->role->perms()->sync($this->permission->preparePermissionsForSave($getPermissions));
             }
         }
         // Was the role created?
         if ($this->role->id) {
             // Redirect to the new role page
             return Redirect::to('admin/roles/' . $this->role->id . '/edit')->with('success', Lang::get('admin/roles/messages.create.success'));
         }
         // Redirect to the new role page
         return Redirect::to('admin/roles/create')->with('error', Lang::get('admin/roles/messages.create.error'));
         // Redirect to the role create page
         return Redirect::to('admin/roles/create')->withInput()->with('error', Lang::get('admin/roles/messages.' . $error));
     }
     // Form validation failed
     return Redirect::to('admin/roles/create')->withInput()->withErrors($validator);
 }
 /**
  * Add permissions from config.permissions if they don't exist. If they do exist will not update.
  */
 public function requireDefaultRecords()
 {
     foreach (self::config()->permissions as $code => $fields) {
         $permission = Permission::get()->filter(['Code' => $code])->first();
         if (!$permission) {
             $permission = Permission::create(array_merge($fields, ['Code' => $code]));
             $permission->write();
             DB::alteration_message("Added permission '{$code}'", 'changed');
         } else {
             DB::alteration_message("Unchanged permission '{$code}'", 'unchanged');
         }
     }
 }
 /**
  * Checks for permission-code CMS_ACCESS_AdminHelpAdmin.
  * If the group has ADMIN permissions, it requires the user to have ADMIN permissions as well.
  *
  * @param $member Member
  * @return boolean
  */
 public function canEdit($member = null)
 {
     if (!$member || !is_a($member, 'Member') || is_numeric($member)) {
         $member = Member::currentUser();
     }
     // extended access checks
     $results = $this->extend('canEdit', $member);
     if ($results && is_array($results)) {
         if (!min($results)) {
             return false;
         }
     }
     if ((bool) Permission::checkMember($member, "ADMIN") || Permission::checkMember($member, "CMS_ACCESS_AdminHelpAdmin") && !Permission::get()->filter(array('GroupID' => $this->ID, 'Code' => 'ADMIN'))->exists()) {
         return true;
     }
     return false;
 }
 public function crearRol()
 {
     $rol = Input::all();
     $reglas = array("rol" => "required|alpha");
     $mensajes = array("rol.required" => "Ingrese un Rol", "rol.alpha" => "Solo se permiten letras");
     $validar = Validator::make($rol, $reglas, $mensajes);
     if ($validar->passes()) {
         $role = new Role();
         $role->name = Input::get("rol");
         $role->save();
         $permisos = Permission::get();
         foreach ($permisos as $permiso) {
             $rol = new PermissionRole();
             $rol->role_id = $role->id;
             $rol->state = 0;
             $rol->permission_id = $permiso['id'];
             $rol->save();
         }
         $html = (string) View::make("dashboard.roles.rolesTablaRoles")->with(array("roles" => Role::all()));
         return Response::json(array("estado" => 1, "html" => $html));
     } else {
         return Response::json(array("estado" => 2, "error" => $validar->getMessageBag()->toArray()));
     }
 }
Exemplo n.º 5
0
 private function PermissionCheck(array $permission_2_check)
 {
     //check groups
     $current_user_id = intval(Member::currentUserID());
     $admins_groups_for_user = $this->getManyManyComponents("Administrators", "MemberID={$current_user_id}", "ID");
     if ($admins_groups_for_user) {
         //current user has some admin level
         foreach ($admins_groups_for_user as $admin_group) {
             $group_id = intval($admin_group->GroupID);
             $permissions = Permission::get()->filter('GroupID', $group_id);
             foreach ($permissions as $p) {
                 if (in_array($p->Code, $permission_2_check)) {
                     return true;
                 }
             }
         }
     }
     return false;
 }
Exemplo n.º 6
0
 function showPermission($id)
 {
     if ($userData = Sentry::findUserById($id)) {
         if ($userData->isSuperUser()) {
             return Redirect::to($this->moduleURL . 'show-list');
         }
     } else {
         return Redirect::to($this->moduleURL . 'show-list');
     }
     $this->data['status'] = Session::has("status") ? Session::get("status") : FALSE;
     $this->data['message'] = Session::has("message") ? Session::get("message") : "";
     $this->data['id'] = $id;
     // GET ALL PERMISSION
     $permissions = Permission::get()->toArray();
     $permissionMap = array();
     // GET ALL MODULE
     $moduleData = Modules::get()->toArray();
     if (!empty($permissions)) {
         foreach ($permissions as $permission) {
             $permissionMap[$permission['module_id']][] = $permission;
         }
     }
     if (!empty($moduleData)) {
         $moduleData = array_column($moduleData, 'name', 'id');
     }
     // GET USER PERMISSION
     $userPermissions = Sentry::findUserById($id)->getPermissions();
     $this->data['permissionMap'] = $permissionMap;
     $this->data['moduleData'] = $moduleData;
     $this->data['userPermissions'] = $userPermissions;
     if (Request::isMethod('post')) {
         $this->postPermission($id, $userData, $this->data);
         if ($this->data['status'] === TRUE) {
             return Redirect::to($this->moduleURL . 'permission/' . $this->data['id']);
         }
     }
     $this->layout->content = View::make('showPermission', $this->data);
 }
Exemplo n.º 7
0
 /**
  * List Permissions
  * Will get all permissions from the database
  * 
  * @param mixed $count
  * @param mixed $offset
  * 
  */
 public function list_permissions($count = 10000, $offset = 0)
 {
     $p = new Permission();
     return $p->get($count, $offset);
 }
Exemplo n.º 8
0
 /**
  * Add default records to database
  *
  * This function is called whenever the database is built, after the
  * database tables have all been created.
  */
 public function requireDefaultRecords()
 {
     parent::requireDefaultRecords();
     $code = "ACCESS_FORUM";
     if (!($forumGroup = Group::get()->filter('Code', 'forum-members')->first())) {
         $group = new Group();
         $group->Code = 'forum-members';
         $group->Title = "Forum Members";
         $group->write();
         Permission::grant($group->ID, $code);
         DB::alteration_message(_t('Forum.GROUPCREATED', 'Forum Members group created'), 'created');
     } else {
         if (!Permission::get()->filter(array('GroupID' => $forumGroup->ID, 'Code' => $code))->exists()) {
             Permission::grant($forumGroup->ID, $code);
         }
     }
     if (!($category = ForumCategory::get()->first())) {
         $category = new ForumCategory();
         $category->Title = _t('Forum.DEFAULTCATEGORY', 'General');
         $category->write();
     }
     if (!ForumHolder::get()->exists()) {
         $forumholder = new ForumHolder();
         $forumholder->Title = "Forums";
         $forumholder->URLSegment = "forums";
         $forumholder->Content = "<p>" . _t('Forum.WELCOMEFORUMHOLDER', 'Welcome to SilverStripe Forum Module! This is the default ForumHolder page. You can now add forums.') . "</p>";
         $forumholder->Status = "Published";
         $forumholder->write();
         $forumholder->publish("Stage", "Live");
         DB::alteration_message(_t('Forum.FORUMHOLDERCREATED', 'ForumHolder page created'), "created");
         $forum = new Forum();
         $forum->Title = _t('Forum.TITLE', 'General Discussion');
         $forum->URLSegment = "general-discussion";
         $forum->ParentID = $forumholder->ID;
         $forum->Content = "<p>" . _t('Forum.WELCOMEFORUM', 'Welcome to SilverStripe Forum Module! This is the default Forum page. You can now add topics.') . "</p>";
         $forum->Status = "Published";
         $forum->CategoryID = $category->ID;
         $forum->write();
         $forum->publish("Stage", "Live");
         DB::alteration_message(_t('Forum.FORUMCREATED', 'Forum page created'), "created");
     }
 }
Exemplo n.º 9
0
 /**
  * Set the permissions of the role
  *
  * @todo   Consolidate this with Bans
  * @param  Permission[] $perms The permissions to set
  * @return self
  */
 public function setPerms($perms)
 {
     foreach ($perms as &$perm) {
         $perm = $perm->getId();
     }
     unset($perm);
     $oldPerms = $this->getPermIDs();
     $newPerms = array_diff($perms, $oldPerms);
     $removedPerms = array_diff($oldPerms, $perms);
     foreach ($newPerms as $perm) {
         $this->addPerm(Permission::get($perm));
     }
     foreach ($removedPerms as $perm) {
         $this->removePerm(Permission::get($perm));
     }
     return $this;
 }