public function onlyOneRole($id, $roleId)
{
$this->query('UPDATE user_role_access SET deleted_time = "' . date('Y-m-d H:i:s') . '" WHERE user_id = "' . $id . '"');
$this->query('UPDATE user_role_access SET deleted_time = NULL WHERE user_id = "' . $id . '" AND role_id = "' . $roleId . '"');
$userRoleAccess = new UserRoleAccess();
$userAccess = $userRoleAccess->find('first', array('conditions' => array('UserRoleAccess.role_id' => $roleId, 'UserRoleAccess.user_id' => $id)));
if (empty($userAccess)) {
$userRoleAccess->save(array('role_id' => $roleId, 'user_id' => $id));
}
}
public function showRoles()
{
if (!$this->hasPermission(self::PERMISSION_ROLES)) {
throw new Exception('You dont have permission to access this view.');
}
$this->addMenu();
$user = User::getUser();
$backendModules = Curry_Backend::getBackendList();
$disable = array();
$backend = array("*" => "All");
if (!$user->hasAccess('*')) {
$disable[] = '*';
}
foreach ($backendModules as $backendClass => $backendName) {
$backend[$backendClass] = $backendName;
$permissions = method_exists($backendClass, 'getPermissions') ? call_user_func(array($backendClass, 'getPermissions')) : array();
foreach ($permissions as $permission) {
$backend[$backendClass . "/" . $permission] = Curry_Core::SELECT_TREE_PREFIX . $permission;
if (!$user->hasAccess($backendClass . "/" . $permission)) {
$disable[] = $backendClass . "/" . $permission;
}
}
if (!$user->hasAccess($backendClass)) {
$disable[] = $backendClass;
}
}
$content = array();
$contentAccess = array("*" => "All") + Curry_Module::getModuleList();
$allContentAccess = $user->hasAccess('Curry_Backend_Content/*');
foreach ($contentAccess as $k => $v) {
$content['Curry_Backend_Content/' . $k] = $v;
if (!$allContentAccess && !$user->hasAccess('Curry_Backend_Content/' . $k)) {
$disable[] = 'Curry_Backend_Content/' . $k;
}
}
$form = new Curry_ModelView_Form('UserRole', array('elements' => array('backend' => array('multiselect', array('label' => 'Backend access', 'multiOptions' => $backend, 'size' => 10, 'order' => 1, 'disable' => $disable, 'validators' => array(array('InArray', true, array(array_diff(array_keys($backend), $disable)))))), 'content' => array('multiselect', array('label' => 'Content access', 'multiOptions' => $content, 'size' => 10, 'order' => 2, 'disable' => $disable, 'validators' => array(array('InArray', true, array(array_diff(array_keys($content), $disable))))))), 'onFillForm' => function (UserRole $role, $form) {
$access = UserRoleAccessQuery::create()->filterByUserRole($role)->select('Module')->find()->getArrayCopy();
$form->backend->setValue($access);
$form->content->setValue($access);
}, 'onFillModel' => function (UserRole $role, $form, $values) {
$access = array_merge((array) $values['backend'], (array) $values['content']);
$collection = new PropelObjectCollection();
$collection->setModel('UserRoleAccess');
foreach ($access as $a) {
$ura = new UserRoleAccess();
$ura->setModule($a);
$collection->append($ura);
}
$role->setUserRoleAccesss($collection);
}));
$q = UserRoleQuery::create();
$list = new Curry_ModelView_List($q, array('modelForm' => $form));
$list->addAction('file_permissions', array('action' => $this->getFileAccessList(), 'class' => 'inline', 'single' => true));
$list->show($this);
}
protected static function createRole($name, array $access = array())
{
$role = UserRoleQuery::create()->filterByName($name)->findOneOrCreate();
if ($role->isNew()) {
foreach ($access as $module) {
$roleAccess = new UserRoleAccess();
$roleAccess->setUserRole($role);
$roleAccess->setModule($module);
}
}
return $role;
}
