public function onlyOneRole($id, $roleId) { $this->query('UPDATE user_role_access SET deleted_time = "' . date('Y-m-d H:i:s') . '" WHERE user_id = "' . $id . '"'); $this->query('UPDATE user_role_access SET deleted_time = NULL WHERE user_id = "' . $id . '" AND role_id = "' . $roleId . '"'); $userRoleAccess = new UserRoleAccess(); $userAccess = $userRoleAccess->find('first', array('conditions' => array('UserRoleAccess.role_id' => $roleId, 'UserRoleAccess.user_id' => $id))); if (empty($userAccess)) { $userRoleAccess->save(array('role_id' => $roleId, 'user_id' => $id)); } }
public function showRoles() { if (!$this->hasPermission(self::PERMISSION_ROLES)) { throw new Exception('You dont have permission to access this view.'); } $this->addMenu(); $user = User::getUser(); $backendModules = Curry_Backend::getBackendList(); $disable = array(); $backend = array("*" => "All"); if (!$user->hasAccess('*')) { $disable[] = '*'; } foreach ($backendModules as $backendClass => $backendName) { $backend[$backendClass] = $backendName; $permissions = method_exists($backendClass, 'getPermissions') ? call_user_func(array($backendClass, 'getPermissions')) : array(); foreach ($permissions as $permission) { $backend[$backendClass . "/" . $permission] = Curry_Core::SELECT_TREE_PREFIX . $permission; if (!$user->hasAccess($backendClass . "/" . $permission)) { $disable[] = $backendClass . "/" . $permission; } } if (!$user->hasAccess($backendClass)) { $disable[] = $backendClass; } } $content = array(); $contentAccess = array("*" => "All") + Curry_Module::getModuleList(); $allContentAccess = $user->hasAccess('Curry_Backend_Content/*'); foreach ($contentAccess as $k => $v) { $content['Curry_Backend_Content/' . $k] = $v; if (!$allContentAccess && !$user->hasAccess('Curry_Backend_Content/' . $k)) { $disable[] = 'Curry_Backend_Content/' . $k; } } $form = new Curry_ModelView_Form('UserRole', array('elements' => array('backend' => array('multiselect', array('label' => 'Backend access', 'multiOptions' => $backend, 'size' => 10, 'order' => 1, 'disable' => $disable, 'validators' => array(array('InArray', true, array(array_diff(array_keys($backend), $disable)))))), 'content' => array('multiselect', array('label' => 'Content access', 'multiOptions' => $content, 'size' => 10, 'order' => 2, 'disable' => $disable, 'validators' => array(array('InArray', true, array(array_diff(array_keys($content), $disable))))))), 'onFillForm' => function (UserRole $role, $form) { $access = UserRoleAccessQuery::create()->filterByUserRole($role)->select('Module')->find()->getArrayCopy(); $form->backend->setValue($access); $form->content->setValue($access); }, 'onFillModel' => function (UserRole $role, $form, $values) { $access = array_merge((array) $values['backend'], (array) $values['content']); $collection = new PropelObjectCollection(); $collection->setModel('UserRoleAccess'); foreach ($access as $a) { $ura = new UserRoleAccess(); $ura->setModule($a); $collection->append($ura); } $role->setUserRoleAccesss($collection); })); $q = UserRoleQuery::create(); $list = new Curry_ModelView_List($q, array('modelForm' => $form)); $list->addAction('file_permissions', array('action' => $this->getFileAccessList(), 'class' => 'inline', 'single' => true)); $list->show($this); }
protected static function createRole($name, array $access = array()) { $role = UserRoleQuery::create()->filterByName($name)->findOneOrCreate(); if ($role->isNew()) { foreach ($access as $module) { $roleAccess = new UserRoleAccess(); $roleAccess->setUserRole($role); $roleAccess->setModule($module); } } return $role; }