/**
* Edit a role and assign users and groups to this role
*
* @view /views/scripts/role/edit.phtml
* @access public
*/
public function editAction()
{
$roleRow = new Admin_Model_DbRow_Role($this->dbRole->find($this->checkRoleIdParam()));
$groups = array();
$users = array();
$inhterits = array();
foreach ($this->dbGroup->fetchAll() as $row) {
$groups[] = new Admin_Model_DbRow_Group($row);
}
foreach ($this->dbUser->fetchAll() as $row) {
$users[] = new Admin_Model_DbRow_User($row);
}
foreach ($this->dbRole->fetchAll() as $row) {
$inherit = new Admin_Model_DbRow_Role($row);
if ($inherit->get('id') !== $roleRow->get('id')) {
$inhterits[] = $inherit;
}
}
$form = new Admin_Form_Role_Edit($roleRow, $groups, $users, $inhterits);
if ($this->getRequest()->isPost()) {
if ($form->isValid($this->getRequest()->getParams())) {
$selectedGroups = $form->getValue('groups');
$selectedUsers = $form->getValue('users');
$roleInheritance = $form->getValue('inherit');
$this->dbRole->update($roleRow->toDbArray(array('name', 'description')), $roleRow->get('id'));
// delete current settings
$this->dbRoleInherit->deleteWithRoleId($roleRow->get('id'));
$this->dbRoleMember->deleteWithRoleId($roleRow->get('id'));
// add the new setting
foreach ($roleInheritance as $inherit) {
// dont insert "no inheritance" in the database or self as inheritance
if ($inherit == 0 || $inherit == $roleRow->get('id')) {
continue;
}
$this->dbRoleInherit->insert($roleRow->get('id'), $inherit);
}
foreach ($selectedGroups as $group) {
$this->dbRoleMember->insert($roleRow->get('id'), $group, Admin_Model_DbTable_Acl_RoleMember::MEMBER_TYPE_GROUP);
}
foreach ($selectedUsers as $user) {
$this->dbRoleMember->insert($roleRow->get('id'), $user, Admin_Model_DbTable_Acl_RoleMember::MEMBER_TYPE_USER);
}
$this->_redirect('admin/role/index');
}
}
$form->getElement('groups')->setValue($this->dbRoleMember->getRoleBindingToId($roleRow->get('id'), Admin_Model_DbTable_Acl_RoleMember::MEMBER_TYPE_GROUP));
$form->getElement('users')->setValue($this->dbRoleMember->getRoleBindingToId($roleRow->get('id'), Admin_Model_DbTable_Acl_RoleMember::MEMBER_TYPE_USER));
$form->getElement('inherit')->setValue($this->dbRoleInherit->getInheritedRoles($roleRow->get('id')));
$this->view->form = $form;
}
/**
* Delete a role
*
* @return array
*/
public function saveDeleteRoleAction()
{
$roleModel = new Admin_Model_DbTable_Acl_Role();
$roleMembers = new Admin_Model_DbTable_Acl_RoleMember();
$roleInherits = new Admin_Model_DbTable_Acl_RoleInherit();
$ruleModel = new Admin_Model_DbTable_Acl_Rule();
$roleRow = $roleModel->find($this->request->getParam('id', 0));
if ($roleRow->count() !== 1) {
return $this->responseFailure('Failed saving informations', 'Invalid call. No valid role id provided');
} else {
$row = $roleRow->current();
$roleRow = new Admin_Model_DbRow_Role($roleRow->current());
$row->delete();
// delete the entries from other tables that refer to this role
// members, inherited roles, ACL Rules!
$roleMembers->deleteWithRoleId($roleRow->get('id'));
$roleInherits->deleteWithRoleId($roleRow->get('id'));
$ruleModel->deleteWithRoleId($roleRow->get('id'));
return $this->responseSuccess();
}
}
