/** * Constrcuts the form * * @param Admin_Model_DbRow_Role $role * @param array $groups * @param array $users * @param array $inherits */ public function __construct(Admin_Model_DbRow_Role $role, array $groups, array $users, array $inherits) { // create the dynamic multi options $selectGroups = new Zend_Form_Element_Multiselect('groups', array('label' => 'Groups:')); $selectUsers = new Zend_Form_Element_Multiselect('users', array('label' => 'Users:')); $inheritRole = new Zend_Form_Element_Multiselect('inherit', array('label' => 'Roles:', 'multiOptions' => array(0 => 'none'))); foreach ($groups as $group) { $selectGroups->addMultiOption($group->get('id'), $group->get('name')); } foreach ($users as $user) { $selectUsers->addMultiOption($user->get('id'), $user->get('name')); } foreach ($inherits as $inRole) { $inheritRole->addMultiOption($inRole->get('id'), $inRole->get('name')); } $this->addElements(array(new Zend_Form_Element_Text('name', array('required' => true, 'label' => 'Name of the role:', 'attribs' => array('class' => 'text span-5'), 'filters' => array('StripTags', 'StringTrim'), 'validators' => array('notEmpty'), 'value' => $role->get('name', ''), 'order' => 1)), new Zend_Form_Element_Textarea('description', array('label' => 'Description:', 'filters' => array('StripTags'), 'value' => $role->get('description'), 'order' => 2)), $selectGroups, $selectUsers, $inheritRole, new Zend_Form_Element_Submit('saveBtn', array('label' => 'Save', 'order' => 10)))); $this->addDisplayGroups(array(array(array('name', 'description'), 'metadata', array('legend' => 'General Informations')), array(array('groups', 'users'), 'roleassignments', array('legend' => 'Apply groups and users to this role')), array(array('inherit'), 'roleinherit', array('legend' => 'Inherit the rights from the following roles')))); parent::__construct(); }
/** * Save the Permission for an action * * @return array */ public function saveActionPermissionsAction() { $ruleModel = new Admin_Model_DbTable_Acl_Rule(); $roleModel = new Admin_Model_DbTable_Acl_Role(); $actionModel = new Admin_Model_DbTable_Acl_Action(); $data = Zend_Json::decode($this->request->getParam('permissions', array())); $return = array(); if (!is_array($data) || !empty($data['aId'])) { // if we have no array or the controller id is directly in the array // we nest the array in an array to get the foreach to work // extjs is sending object if only 1 row has changed and an array of object // if multiple changes occure $data = array($data); } foreach ($data as $el) { $role = $roleModel->find($el['roleId']); $action = $actionModel->find($el['aId']); // not an action provided or multiple controller found if ($action->count() !== 1) { continue; } // not a roleId provided or multiple roles found if ($role->count() !== 1) { continue; } $action = new Admin_Model_DbRow_Action($action->current()); $role = new Admin_Model_DbRow_Role($role->current()); if ($el['rule'] == Admin_Model_DbTable_Acl_Rule::RULE_DENY) { $rule = Admin_Model_DbTable_Acl_Rule::RULE_DB_DENY; } elseif ($el['rule'] == Admin_Model_DbTable_Acl_Rule::RULE_ALLOW) { $rule = Admin_Model_DbTable_Acl_Rule::RULE_DB_ALLOW; } else { $rule = NULL; } $ruleModel->deleteWithActionRole($action->get('id'), $role->get('id')); if ($rule !== NULL) { $permission = new Admin_Model_DbRow_Rule(array('mcId' => $action->get('mcId'), 'aId' => $action->get('id'), 'roleId' => $role->get('id'), 'rule' => $rule)); $ruleModel->insert($permission->toDbArray()); } $return[] = array('ident' => join("_", array($role->get('id'), $action->get('mcId'), $action->get('id'))), 'mcId' => $action->get('mcId'), 'aId' => $action->get('id'), 'roleName' => $role->get('name'), 'roleId' => $role->get('id'), 'rule' => $rule); } return $this->responseSuccess(array('permissions' => $return)); }
/** * info card for this role * * @view /views/scripts/role/info.phtml * @access public * @todo show permissions to ressources */ public function infoAction() { $roleRow = new Admin_Model_DbRow_Role($this->dbRole->find($this->checkRoleIdParam())); $groups = array(); $users = array(); $inherits = array(); foreach ($this->dbRoleMember->getRoleBindingTo($roleRow->get('id'), 'group') as $row) { $groups[] = new Admin_Model_DbRow_Group($row); } foreach ($this->dbRoleMember->getRoleBindingTo($roleRow->get('id'), 'user') as $row) { $users[] = new Admin_Model_DbRow_User($row); } foreach ($this->dbRoleInherit->getRoleInheritance($roleRow->get('id')) as $row) { $inherits[] = new Admin_Model_DbRow_Role($row); } $this->view->role = $roleRow; $this->view->groups = $groups; $this->view->users = $users; $this->view->inherits = $inherits; }