/**
* Constrcuts the form
*
* @param Admin_Model_DbRow_Role $role
* @param array $groups
* @param array $users
* @param array $inherits
*/
public function __construct(Admin_Model_DbRow_Role $role, array $groups, array $users, array $inherits)
{
// create the dynamic multi options
$selectGroups = new Zend_Form_Element_Multiselect('groups', array('label' => 'Groups:'));
$selectUsers = new Zend_Form_Element_Multiselect('users', array('label' => 'Users:'));
$inheritRole = new Zend_Form_Element_Multiselect('inherit', array('label' => 'Roles:', 'multiOptions' => array(0 => 'none')));
foreach ($groups as $group) {
$selectGroups->addMultiOption($group->get('id'), $group->get('name'));
}
foreach ($users as $user) {
$selectUsers->addMultiOption($user->get('id'), $user->get('name'));
}
foreach ($inherits as $inRole) {
$inheritRole->addMultiOption($inRole->get('id'), $inRole->get('name'));
}
$this->addElements(array(new Zend_Form_Element_Text('name', array('required' => true, 'label' => 'Name of the role:', 'attribs' => array('class' => 'text span-5'), 'filters' => array('StripTags', 'StringTrim'), 'validators' => array('notEmpty'), 'value' => $role->get('name', ''), 'order' => 1)), new Zend_Form_Element_Textarea('description', array('label' => 'Description:', 'filters' => array('StripTags'), 'value' => $role->get('description'), 'order' => 2)), $selectGroups, $selectUsers, $inheritRole, new Zend_Form_Element_Submit('saveBtn', array('label' => 'Save', 'order' => 10))));
$this->addDisplayGroups(array(array(array('name', 'description'), 'metadata', array('legend' => 'General Informations')), array(array('groups', 'users'), 'roleassignments', array('legend' => 'Apply groups and users to this role')), array(array('inherit'), 'roleinherit', array('legend' => 'Inherit the rights from the following roles'))));
parent::__construct();
}
/**
* Save the Permission for an action
*
* @return array
*/
public function saveActionPermissionsAction()
{
$ruleModel = new Admin_Model_DbTable_Acl_Rule();
$roleModel = new Admin_Model_DbTable_Acl_Role();
$actionModel = new Admin_Model_DbTable_Acl_Action();
$data = Zend_Json::decode($this->request->getParam('permissions', array()));
$return = array();
if (!is_array($data) || !empty($data['aId'])) {
// if we have no array or the controller id is directly in the array
// we nest the array in an array to get the foreach to work
// extjs is sending object if only 1 row has changed and an array of object
// if multiple changes occure
$data = array($data);
}
foreach ($data as $el) {
$role = $roleModel->find($el['roleId']);
$action = $actionModel->find($el['aId']);
// not an action provided or multiple controller found
if ($action->count() !== 1) {
continue;
}
// not a roleId provided or multiple roles found
if ($role->count() !== 1) {
continue;
}
$action = new Admin_Model_DbRow_Action($action->current());
$role = new Admin_Model_DbRow_Role($role->current());
if ($el['rule'] == Admin_Model_DbTable_Acl_Rule::RULE_DENY) {
$rule = Admin_Model_DbTable_Acl_Rule::RULE_DB_DENY;
} elseif ($el['rule'] == Admin_Model_DbTable_Acl_Rule::RULE_ALLOW) {
$rule = Admin_Model_DbTable_Acl_Rule::RULE_DB_ALLOW;
} else {
$rule = NULL;
}
$ruleModel->deleteWithActionRole($action->get('id'), $role->get('id'));
if ($rule !== NULL) {
$permission = new Admin_Model_DbRow_Rule(array('mcId' => $action->get('mcId'), 'aId' => $action->get('id'), 'roleId' => $role->get('id'), 'rule' => $rule));
$ruleModel->insert($permission->toDbArray());
}
$return[] = array('ident' => join("_", array($role->get('id'), $action->get('mcId'), $action->get('id'))), 'mcId' => $action->get('mcId'), 'aId' => $action->get('id'), 'roleName' => $role->get('name'), 'roleId' => $role->get('id'), 'rule' => $rule);
}
return $this->responseSuccess(array('permissions' => $return));
}
/**
* info card for this role
*
* @view /views/scripts/role/info.phtml
* @access public
* @todo show permissions to ressources
*/
public function infoAction()
{
$roleRow = new Admin_Model_DbRow_Role($this->dbRole->find($this->checkRoleIdParam()));
$groups = array();
$users = array();
$inherits = array();
foreach ($this->dbRoleMember->getRoleBindingTo($roleRow->get('id'), 'group') as $row) {
$groups[] = new Admin_Model_DbRow_Group($row);
}
foreach ($this->dbRoleMember->getRoleBindingTo($roleRow->get('id'), 'user') as $row) {
$users[] = new Admin_Model_DbRow_User($row);
}
foreach ($this->dbRoleInherit->getRoleInheritance($roleRow->get('id')) as $row) {
$inherits[] = new Admin_Model_DbRow_Role($row);
}
$this->view->role = $roleRow;
$this->view->groups = $groups;
$this->view->users = $users;
$this->view->inherits = $inherits;
}
