/** * Hook that loads the form data from $_POST or the model * * Or from whatever other source you specify here. */ protected function loadFormData() { if (!$this->formData) { parent::loadFormData(); $model = $this->getModel(); $roles = $model->get('ggp_role', 'multiOptions'); $userRoles = $this->currentUser->getAllowedRoles(); // \MUtil_Echo::track($userRoles, $roles); // Make sure we get the roles as they are labeled foreach ($roles as $role => $label) { if (!isset($userRoles[$role])) { unset($roles[$role]); } } if ($this->formData['ggp_role'] && !isset($roles[$this->formData['ggp_role']])) { if ($this->createData) { $this->formData['ggp_role'] = reset($roles); } else { $this->addMessage($this->_('You do not have sufficient privilege to edit this group.')); $this->afterSaveRouteUrl = array($this->request->getActionKey() => 'show'); $this->resetRoute = false; return; } } $model->set('ggp_role', 'multiOptions', $roles); $this->menu->getParameterSource()->offsetSet('ggp_role', $this->formData['ggp_role']); } }
/** * The place to check if the data set in the snippet is valid * to generate the snippet. * * When invalid data should result in an error, you can throw it * here but you can also perform the check in the * checkRegistryRequestsAnswers() function from the * {@see \MUtil_Registry_TargetInterface}. * * @return boolean */ public function hasHtmlOutput() { $model = $this->getModel(); $data = $model->loadFirst(); $roles = $this->currentUser->getAllowedRoles(); //\MUtil_Echo::track($data); // Perform access check here, before anything has happened!!! if (isset($data['ggp_role']) && !isset($roles[$data['ggp_role']])) { $this->addMessage($this->_('You do not have sufficient privilege to edit this group.')); $this->afterSaveRouteUrl = array($this->request->getActionKey() => 'show'); $this->resetRoute = false; return false; } $this->menu->getParameterSource()->offsetSet('ggp_role', $data['ggp_role']); return parent::hasHtmlOutput(); }
/** * Add a roles browse edit page to the menu, * * @param string $label * @param array $other * @return \Gems_Menu_SubMenuItem */ public function addGroupsPage($label, array $other = array()) { $page = $this->addBrowsePage($label, 'pr.group', 'group', $other); $roles = array(); if ($this->user instanceof \Gems_User_User) { if ($this->user->hasPrivilege('pr.group')) { $roles = $this->user->getAllowedRoles(); } } // \MUtil_Echo::track($roles); // Now limit changes to allowed roles foreach ($page->getChildren() as $showpage) { if ($showpage instanceof \Gems_Menu_SubMenuItem) { if ('show' === $showpage->get('action')) { foreach ($showpage->getChildren() as $subpage) { $subpage->addParameterFilter('ggp_role', $roles); } break; } } } return $page; }