/** * Create a workflow based exception for a role. * * This method is called by a form on the {@link AdminController::manageRoles} * page to allow for the creation of workflow based exceptions for a role. * Workflow exceptions modify which fields are visible or editable based on * what stage of a workflow a contact is in. */ public function actionRoleException() { $model = new Roles(); $temp = Workflow::model()->findAll(); $workflows = array(); foreach ($temp as $workflow) { $workflows[$workflow->id] = $workflow->name; } $roleInput = filter_input(INPUT_POST, 'Roles', FILTER_DEFAULT, FILTER_REQUIRE_ARRAY); if (!empty($roleInput)) { $workflowId = filter_input(INPUT_POST, 'workflow', FILTER_SANITIZE_NUMBER_INT); if (!empty($workflowId)) { $workflowName = Workflow::model()->findByPk($workflowId)->name; } else { $this->redirect('manageRoles'); } $stage = $_POST['workflowStages']; if (isset($stage) && !empty($stage)) { $stageName = X2Model::model('WorkflowStage')->findByAttributes(array('workflowId' => $workflow, 'stageNumber' => $stage))->name; } else { $this->redirect('manageRoles'); } if (!isset($_POST['viewPermissions'])) { $viewPermissions = array(); } else { $viewPermissions = $_POST['viewPermissions']; } if (!isset($_POST['editPermissions'])) { $editPermissions = array(); } else { $editPermissions = $_POST['editPermissions']; } $model->attributes = $_POST['Roles']; $model->timeout *= 60; $oldRole = Roles::model()->findByAttributes(array('name' => $model->name)); $model->users = ""; $model->name .= " - {$workflowName}: {$stageName}"; if ($model->save()) { $replacement = new RoleToWorkflow(); $replacement->workflowId = $workflow; $replacement->stageId = $stage; $replacement->roleId = $oldRole->id; $replacement->replacementId = $model->id; $replacement->save(); $fields = Fields::model()->findAll(); $temp = array(); foreach ($fields as $field) { $temp[] = $field->id; } $both = array_intersect($viewPermissions, $editPermissions); $view = array_diff($viewPermissions, $editPermissions); $neither = array_diff($temp, $viewPermissions); foreach ($both as $field) { $rolePerm = new RoleToPermission(); $rolePerm->roleId = $model->id; $rolePerm->fieldId = $field; $rolePerm->permission = 2; $rolePerm->save(); } foreach ($view as $field) { $rolePerm = new RoleToPermission(); $rolePerm->roleId = $model->id; $rolePerm->fieldId = $field; $rolePerm->permission = 1; $rolePerm->save(); } foreach ($neither as $field) { $rolePerm = new RoleToPermission(); $rolePerm->roleId = $model->id; $rolePerm->fieldId = $field; $rolePerm->permission = 0; $rolePerm->save(); } } $this->redirect('manageRoles'); } }
/** * A catch all page for roles. * * This action renders a page with forms for the creation, editing, and deletion * of roles. It also displays a grid with all user created roles (default * roles are not included and cannot be edited this way). */ public function actionManageRoles() { $dataProvider = new CActiveDataProvider('Roles'); $roles = $dataProvider->getData(); $arr = array(); foreach ($roles as $role) { $arr[$role->name] = $role->name; } $temp = Workflow::model()->findAll(); $workflows = array(); foreach ($temp as $workflow) { $workflows[$workflow->id] = $workflow->name; } $model = new Roles(); $model->timeout = 60; if (isset($_POST['Roles'])) { $model->attributes = $_POST['Roles']; if (!isset($_POST['viewPermissions'])) { $viewPermissions = array(); } else { $viewPermissions = $_POST['viewPermissions']; } if (!isset($_POST['editPermissions'])) { $editPermissions = array(); } else { $editPermissions = $_POST['editPermissions']; } if (isset($_POST['Roles']['users'])) { $users = $model->users; } else { $users = array(); } $model->users = ""; $model->timeout *= 60; if ($model->save()) { foreach ($users as $user) { $role = new RoleToUser(); $role->roleId = $model->id; if (!is_numeric($user)) { $userRecord = User::model()->findByAttributes(array('username' => $user)); $role->userId = $userRecord->id; $role->type = 'user'; } else { $role->userId = $user; $role->type = 'group'; } /* end x2temp */ $role->save(); } $fields = Fields::model()->findAll(); $temp = array(); foreach ($fields as $field) { $temp[] = $field->id; } $both = array_intersect($viewPermissions, $editPermissions); $view = array_diff($viewPermissions, $editPermissions); $neither = array_diff($temp, $viewPermissions); foreach ($both as $field) { $rolePerm = new RoleToPermission(); $rolePerm->roleId = $model->id; $rolePerm->fieldId = $field; $rolePerm->permission = 2; $rolePerm->save(); } foreach ($view as $field) { $rolePerm = new RoleToPermission(); $rolePerm->roleId = $model->id; $rolePerm->fieldId = $field; $rolePerm->permission = 1; $rolePerm->save(); } foreach ($neither as $field) { $rolePerm = new RoleToPermission(); $rolePerm->roleId = $model->id; $rolePerm->fieldId = $field; $rolePerm->permission = 0; $rolePerm->save(); } } else { foreach ($model->getErrors() as $err) { $errors = $err; } $errors = implode(',', $errors); Yii::app()->user->setFlash('error', Yii::t('admin', "Unable to save role: {errors}", array('{errors}' => $errors))); } $this->redirect('manageRoles'); } $this->render('manageRoles', array('dataProvider' => $dataProvider, 'model' => $model, 'roles' => $arr, 'workflows' => $workflows)); }
/** * Perform the creation of a new database column. * * The extra work in this method is skipped over in the "newModule" scenario * because the database schema altering commands to set up columns are * performed separately in that case. * * @return type */ public function afterSave() { // Does the column already exist? $table = Yii::app()->db->schema->tables[$this->myTableName]; $existing = array_key_exists($this->fieldName, $table->columns) && $table->columns[$this->fieldName] instanceof CDbColumnSchema; if (!$existing) { // Going to create the column. $this->createColumn(); } if ($this->keyType != 'PRI' && $this->keyType != 'FIX') { // The key for this column is not primary/hard-coded (managed by // X2Engine developers, and cannot be user-modified), so it can // be allowed to change. if ($this->keyType != null) { $this->dropIndex(); $this->createIndex($this->keyType === 'UNI'); } else { $this->dropIndex(); } } if ($this->isNewRecord) { // A new fields permissions default to read/write for all roles $dataProvider = new CActiveDataProvider('Roles'); foreach ($dataProvider->getData() as $role) { $permission = new RoleToPermission(); $permission->roleId = $role->id; $permission->fieldId = $this->id; $permission->permission = 2; $permission->save(); } } return parent::afterSave(); }
public function actionRoleException() { $model = new Roles(); $temp = Workflow::model()->findAll(); $workflows = array(); foreach ($temp as $workflow) { $workflows[$workflow->id] = $workflow->name; } if (isset($_POST['Roles'])) { $workflow = $_POST['workflow']; $workflowName = Workflow::model()->findByPk($workflow)->name; $stage = $_POST['workflowStages']; $stageName = WorkflowStage::model()->findByPk($stage)->name; $viewPermissions = $_POST['viewPermissions']; $editPermissions = $_POST['editPermissions']; $users = $_POST['users']; $model->attributes = $_POST['Roles']; $oldRole = Roles::model()->findByAttributes(array('name' => $model->name)); $model->users = ""; $model->name .= " - {$workflowName}: {$stageName}"; if ($model->save()) { $replacement = new RoleToWorkflow(); $replacement->workflowId = $workflow; $replacement->stageId = $stage; $replacement->roleId = $oldRole->id; $replacement->replacementId = $model->id; $replacement->save(); $fields = Fields::model()->findAll(); $temp = array(); foreach ($fields as $field) { $temp[] = $field->id; } $both = array_intersect($viewPermissions, $editPermissions); $view = array_diff($viewPermissions, $editPermissions); $neither = array_diff($temp, $viewPermissions); foreach ($both as $field) { $rolePerm = new RoleToPermission(); $rolePerm->roleId = $model->id; $rolePerm->fieldId = $field; $rolePerm->permission = 2; $rolePerm->save(); } foreach ($view as $field) { $rolePerm = new RoleToPermission(); $rolePerm->roleId = $model->id; $rolePerm->fieldId = $field; $rolePerm->permission = 1; $rolePerm->save(); } foreach ($neither as $field) { $rolePerm = new RoleToPermission(); $rolePerm->roleId = $model->id; $rolePerm->fieldId = $field; $rolePerm->permission = 0; $rolePerm->save(); } } $this->redirect('manageRoles'); } $this->render('roleException', array('model' => $model, 'workflows' => $workflows)); }