public function postPages($role_id)
{
if (config('coaster::admin.advanced_permissions')) {
$page_actions = AdminAction::where('controller_id', '=', 2)->where('inherit', '=', 0)->where('edit_based', '=', 0)->get();
$actionIds = [];
foreach ($page_actions as $action) {
$actionIds[$action->action] = $action->id;
}
if (!config('coaster::admin.publishing')) {
unset($actionIds['version-publish']);
}
$pages_permissions = Request::input('page');
$this->_role_permissions = UserRole::find($role_id);
// defaults
$defaults = [];
foreach ($actionIds as $action => $id) {
$defaults[$id] = false;
}
foreach ($this->_role_permissions->actions as $action) {
if (array_key_exists($action->id, $defaults)) {
$defaults[$action->id] = 1;
}
}
// existing
$existing = [];
foreach ($this->_role_permissions->page_actions as $page_permission) {
if (!isset($existing[$page_permission->pivot->page_id])) {
$existing[$page_permission->pivot->page_id] = [];
}
$existing[$page_permission->pivot->page_id][$page_permission->pivot->action_id] = $page_permission->pivot->access;
}
// save updates
$pages = Page::where('parent', '>=', '0')->get();
foreach ($pages as $page) {
foreach ($actionIds as $action => $action_id) {
// get value entered
if (isset($pages_permissions[$page->id][$action])) {
$value = 'allow';
} else {
$value = 'deny';
}
// check if update is required
if (isset($existing[$page->id][$action_id])) {
if ($defaults[$action_id] && $value == 'allow' || !$defaults[$action_id] && $value == 'deny') {
// remove existing
$this->_role_permissions->page_actions()->newPivotStatementForId($page->id)->whereActionId($action_id)->delete();
if ($page->group_container > 0) {
$group = PageGroup::find($page->group_container);
foreach ($group->pages as $group_page) {
$this->_role_permissions->page_actions()->newPivotStatementForId($group_page->id)->whereActionId($action_id)->delete();
}
}
} elseif ($existing[$page->id][$action_id] != $value) {
// update existing
$this->_role_permissions->page_actions()->newPivotStatementForId($page->id)->whereActionId($action_id)->update(['access' => $value]);
if ($page->group_container > 0) {
$group = PageGroup::find($page->group_container);
foreach ($group->pages as $group_page) {
$this->_role_permissions->page_actions()->newPivotStatementForId($group_page->id)->whereActionId($action_id)->update(['access' => $value]);
}
}
}
} elseif (!$defaults[$action_id] && $value == 'allow' || $defaults[$action_id] && $value == 'deny') {
// add new page action
$this->_role_permissions->page_actions()->attach($page->id, ['action_id' => $action_id, 'access' => $value]);
if ($page->group_container > 0) {
$group = PageGroup::find($page->group_container);
foreach ($group->pages as $group_page) {
$this->_role_permissions->page_actions()->attach($group_page->id, ['action_id' => $action_id, 'access' => $value]);
}
}
}
}
}
$this->addAlert('success', 'Page Permissions Updated');
}
$this->getPages($role_id);
}
public function postAdd()
{
$authUser = Auth::user();
$v = Validator::make(Request::all(), array('email' => 'required|email', 'role' => 'required|integer'));
$perm_issue = true;
$role = UserRole::find(Request::input('role'));
if (!empty($role) && $role->admin <= $authUser->role->admin) {
$perm_issue = false;
}
if ($v->passes() && !$perm_issue) {
$password = str_random(8);
$new_user = new User();
$new_user->email = Request::input('email');
$new_user->role_id = Request::input('role');
$new_user->password = Hash::make($password);
$new_user->save();
AdminLog::new_log('User \'' . $new_user->email . '\' added');
Mail::send('coaster::emails.new_account', array('email' => $new_user->email, 'password' => $password), function ($message) use($new_user) {
$message->from(config('coaster::site.email'));
$message->to($new_user->email);
$message->subject(config('coaster::site.name') . ': New Account Details');
});
$failures = Mail::failures();
if (empty($failures)) {
$email_message = 'An email has been sent to the new user with their login details.';
$email_status = 'success';
} else {
$email_message = 'There was an error sending the login details to the new user.';
$email_status = 'warning';
}
$this->layoutData['content'] = View::make('coaster::pages.users.add', array('success' => true, 'password' => $password, 'email_message' => $email_message, 'email_status' => $email_status));
} else {
FormMessage::set($v->messages());
if ($perm_issue) {
FormMessage::add('role', 'Don\'t have permission to create user with this role, or doesn\'t exist');
}
$this->getAdd();
}
}