/** * Check permissions before dispatch process * * @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible * @param Zend_Controller_Request_Abstract $request * @return void */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $resource = $request->getControllerName(); $action = $request->getActionName(); if ($this->_auth->hasIdentity()) { $identity = $this->_auth->getStorage()->read(); $role = $identity->role; } else { $role = $this->_defaultRole; } if ($this->_acl->has($resource) && !$this->_acl->isAllowed($role, $resource, $action)) { $request->setControllerName('error')->setActionName('deny'); } }
public function editAction() { // action body $request = $this->getRequest(); $postid = (int) $request->getParam('id'); if (!Zend_Auth::getInstance()->hasIdentity()) { $this->_redirect('posts/view/id/' . $postid); } $identity = Zend_Auth::getInstance()->getIdentity(); $acl = new Model_Acl(); if ($acl->isAllowed($identity['Role'], 'posts', 'edit')) { $postForm = new Form_Post(); $postModel = new Model_DbTable_Posts(); if ($this->getRequest()->isPost()) { if ($postForm->isValid($request->getPost())) { $postModel->updatePost($postForm->getValues()); $this->_redirect('posts/view/id/' . $postid); } } else { $result = $postModel->getPost($postid); $postForm->populate($result); } $this->view->postForm = $postForm; } else { var_dump($identity['Role']); //$this->_redirect('posts/view/id/'.$postid); } }
public function editAction() { $userId = $this->_getParam('id'); $userRow = $this->userModel->getUserById($userId); if (!$userRow) { throw new Exception('Invalid user'); } $this->view->userId = $userId; $this->_helper->viewRenderer->setRender('edit'); $this->view->getAllPositions = $this->positionModel->getAll(); $this->view->getAllEducation = $this->educationModel->getAll(); $this->view->roles = $this->aclModel->getAllRoles(); $listAdmin = false; if ($this->roleRow->getIsSystemAdmin() == 1) { $this->view->getAllRegional = $this->regionalModel->getAll(); $listAdmin = true; } if ($this->aclModel->isAllowed($this->userAuth->getRole(), 'management:user', 'list-user-by-regional')) { if (!$listAdmin) { $userLocality = $this->userLocalityModel->getUserLocalityByUserId($this->userAuth->getUserId()); $this->view->getAllRegional = $this->dbTable_Regional->getAllRegionalByOneRegionalServiceArea(null, $userLocality->getRegionalId()); } } $userRowData['user'] = array('first_name' => $userRow->getFirstName(), 'surname' => $userRow->getSurname(), 'gender' => $userRow->getGender(), 'born_date' => $userRow->getBornDate(), 'position_id' => $userRow->getPositionId(), 'education_id' => $userRow->getEducationId(), 'email' => $userRow->getEmail(), 'cpf' => $userRow->getCpf(), 'login' => $userRow->getLogin(), 'status' => $userRow->getStatus(), 'password_hint' => $userRow->getPasswordHint()); $this->view->registerRowData = $userRowData; $userLocalityRow = $this->userLocalityModel->getUserLocalityByUserId($userRow->getId()); if ($userLocalityRow) { $this->view->registerRowData['userLocality']['regional_id'] = $userLocalityRow->getRegionalId(); } $userRoleRow = $this->userRoleModel->getUserRoleByUserId($userRow->getId()); $this->view->registerRowData['userRole']['role_id'] = $userRoleRow->getRoleId(); if (!$this->getRequest()->isPost()) { return; } $registerRowData = $this->_getAllParams(); $this->view->registerRowData = $registerRowData; $insert = $this->userModel->updateUserTransaction($registerRowData, $userRow); if (!$insert['status']) { $this->view->messageError = $insert['messageError']; return; } $this->view->itemSuccess = true; $this->view->loadUrlUser = $this->view->baseUrl('/management/user/success/itemUpdateSuccess/true/firstnameSuccess/' . urlencode($registerRowData['user']['first_name'])); }
public function __construct() { $acl = new Model_Acl(); $identity = Zend_Auth::getInstance()->getIdentity(); /* * Check whether they have access to it. */ if (Zend_Auth::getInstance()->hasIdentity() && $acl->isAllowed($identity['Role'], 'comments', 'add')) { parent::__construct($options); $this->setName('Comments'); $id = new Zend_Form_Element_Hidden('id'); $name = new Zend_Form_Element_Text('name'); $name->setLabel('Your Name')->setRequired(true)->addFilter('StripTags')->addFilter('StringTrim')->addValidator('NotEmpty'); $email = new Zend_Form_Element_Text('email'); $email->setLabel('Email')->setRequired(true)->addFilter('StripTags')->addFilter('StringTrim')->addValidator('NotEmpty'); $webpage = new Zend_Form_Element_Text('webpage'); $webpage->setLabel('Webpage')->setRequired(true)->addFilter('StripTags')->addFilter('StringTrim')->addValidator('NotEmpty'); $comment = new Zend_Form_Element_Textarea('comment'); $comment->setLabel('Comments')->setRequired(true)->setAttrib('rows', 7)->setAttrib('cols', 30)->addFilter('StripTags')->addFilter('StringTrim')->addValidator('NotEmpty'); $submit = new Zend_Form_Element_Submit('submit'); $submit->setAttrib('id', 'submitbutton'); $this->addElements(array($id, $name, $email, $webpage, $comment, $submit)); } }