/**
* Save role privileges
*
* @service role write
* @param Gpf_Rpc_Params $params
* @return Gpf_Rpc_Form
*/
public function saveRolePrivileges(Gpf_Rpc_Params $params)
{
$form = new Gpf_Rpc_Form($params);
$role = new Gpf_Db_Role();
$role->setId($form->getFieldValue('roleid'));
$role->load();
if (!strlen($role->getAccountId())) {
$form->setErrorMessage($this->_('It is not possible to changes privileges for default role %s', $role->getName()));
return $form;
}
//delete all privileges for selected role
Gpf_Db_Table_RolePrivileges::getInstance()->deleteAllPrivileges($role->getId());
//insert all privileges again to database
$objects = new Gpf_Data_RecordSet();
$objects->loadFromArray($form->getFieldValue('objects'));
foreach ($objects as $record) {
$rights = explode(',', $record->get('privileges'));
foreach ($rights as $right) {
$privilege = new Gpf_Db_RolePrivilege();
$privilege->setObject($record->get('object'));
$privilege->setRoleId($role->getId());
$privilege->setPrivilege($right);
$privilege->insert();
}
}
$form->setInfoMessage($this->_('Changes saved'));
return $form;
}
public static function getInstance()
{
if (self::$instance === null) {
self::$instance = new self();
}
return self::$instance;
}
/**
* Get array of role privileges
*
* @param string $roleId
* @return array
*/
public static function loadPrivileges($roleId)
{
try {
return self::loadPrivilegesFromDefault(Gpf_Application::getInstance()->getRoleDefaultPrivileges($roleId));
} catch (Gpf_Exception $e) {
$privilegesValues = array();
$privilegesTable = Gpf_Db_Table_RolePrivileges::getInstance();
$privileges = $privilegesTable->getAllPrivileges($roleId);
foreach ($privileges as $privilege) {
$privilegesValues[$privilege->get('object')][$privilege->get('privilege')] = true;
}
return $privilegesValues;
}
}
/**
* @service role add
* @return Gpf_Rpc_Form
*/
public function add(Gpf_Rpc_Params $params)
{
$form = new Gpf_Rpc_Form($params);
$origRole = new Gpf_Db_Role();
$origRole->setId($form->getFieldValue('roleid'));
$origRole->load();
$newRole = new Gpf_Db_Role();
$newRole->setName($form->getFieldValue('name'));
$newRole->setAccountId(Gpf_Session::getInstance()->getAuthUser()->getAccountId());
$newRole->setRoleType($origRole->getRoleType());
$newRole->insert();
if (strlen($origRole->getAccountId())) {
//it is custom role, copy privileges from db
$select = new Gpf_SqlBuilder_SelectBuilder();
$select->select->addConstant($newRole->getId(), 'roleid');
$select->select->add(Gpf_Db_Table_RolePrivileges::OBJECT, Gpf_Db_Table_RolePrivileges::OBJECT);
$select->select->add(Gpf_Db_Table_RolePrivileges::PRIVILEGE, Gpf_Db_Table_RolePrivileges::PRIVILEGE);
$select->from->add(Gpf_Db_Table_RolePrivileges::getName());
$select->where->add(Gpf_Db_Table_Roles::ID, '=', $origRole->getId());
$insert = new Gpf_SqlBuilder_InsertBuilder();
$insert->setTable(Gpf_Db_Table_RolePrivileges::getInstance());
$insert->fromSelect($select);
$insert->execute();
} else {
//it is default role, copy privileges from php settings
$privileges = Gpf_Application::getInstance()->getRoleDefaultPrivileges($origRole->getId());
foreach ($privileges as $objectName => $privilegeList) {
foreach ($privilegeList as $right) {
$privilege = new Gpf_Db_RolePrivilege();
$privilege->setRoleId($newRole->getId());
$privilege->setObject($objectName);
$privilege->setPrivilege($right);
$privilege->insert();
}
}
}
return $form;
}
function init()
{
$this->setTable(Gpf_Db_Table_RolePrivileges::getInstance());
parent::init();
}
