public static function checkUserPermission($controller, $action)
{
$controller = strtoupper($controller . 'Controller');
if (Yii::app()->user->name === 'admin') {
return true;
}
if (!isset(Yii::app()->user->role)) {
return false;
}
$userId = Yii::app()->user->getId();
$group_id = Yii::app()->user->role;
/*get group permission*/
$permission = AGroupPermission::model()->findAll('group_id = :group_id', array(':group_id' => $group_id));
$arrayGroupPermission = array();
foreach ($permission as $row) {
$arrayGroupPermission[strtoupper($row['controller'])] = unserialize($row['permission']);
}
/*get user permission*/
$uerPermission = ASystemUserPermission::model()->findAll('user_id = :user_id', array(':user_id' => $userId));
$arrayUserPermission = array();
if (is_array($uerPermission)) {
foreach ($uerPermission as $row) {
$arrayUserPermission[strtoupper($row['controller'])] = unserialize($row['permission']);
}
}
$resutUserPermission = array_merge($arrayGroupPermission, $arrayUserPermission);
if (is_array($resutUserPermission)) {
if (isset($resutUserPermission[$controller]) && in_array($action, $resutUserPermission[$controller])) {
return true;
}
}
return false;
}
public function actionPermission()
{
$user = $this->loadModel($_REQUEST['id']);
/*get group permission*/
$permission = AGroupPermission::model()->findAll('group_id = :group_id', array(':group_id' => $user->group_id));
$arrayGroupPermission = array();
foreach ($permission as $row) {
$arrayGroupPermission[$row['controller']] = unserialize($row['permission']);
}
$arrayController = array();
$declaredClasses = get_declared_classes();
foreach (glob(Yii::getPathOfAlias('application.adm.controllers') . "/*Controller.php") as $controller) {
$class = basename($controller, ".php");
//check exist user permission
$objBSystemUserPermission = ASystemUserPermission::model()->find(array('select' => 'permission', 'condition' => 'user_id = :userId AND controller = :controller', 'params' => array(':userId' => $_REQUEST['id'], ':controller' => $class)));
if (isset($_REQUEST[$class])) {
if ($objBSystemUserPermission) {
if (unserialize($objBSystemUserPermission->permission) === $_REQUEST[$class]) {
} else {
//update
ASystemUserPermission::model()->updateAll(array('permission' => serialize($_REQUEST[$class])), 'user_id = :user_id AND controller = :controller', array(':user_id' => $_REQUEST['id'], ':controller' => $class));
}
} else {
/*get user permission*/
$uerPermission = ASystemUserPermission::model()->findAll('user_id = :user_id', array(':user_id' => $_REQUEST['id']));
$arrayUserPermission = array();
if (is_array($uerPermission)) {
foreach ($uerPermission as $row) {
$arrayUserPermission[$row['controller']] = unserialize($row['permission']);
}
}
if (isset($arrayUserPermission[$class]) && $arrayUserPermission[$class] === $_REQUEST[$class]) {
} else {
//insert
$bSystemUserPermission = new ASystemUserPermission();
$bSystemUserPermission->controller = $class;
$bSystemUserPermission->user_id = $_REQUEST['id'];
$bSystemUserPermission->permission = serialize($_REQUEST[$class]);
$bSystemUserPermission->insert();
}
}
} else {
if (isset($arrayGroupPermission[$class])) {
if (!$objBSystemUserPermission) {
$bSystemUserPermission = new ASystemUserPermission();
$bSystemUserPermission->controller = $class;
$bSystemUserPermission->user_id = $_REQUEST['id'];
$bSystemUserPermission->permission = serialize(array());
$bSystemUserPermission->insert();
} else {
ASystemUserPermission::model()->updateAll(array('permission' => serialize(array())), 'user_id = :user_id AND controller = :controller', array(':user_id' => $_REQUEST['id'], ':controller' => $class));
}
} else {
$aSystemUserPermission = ASystemUserPermission::model()->find('user_id = :user_id AND controller = :controller', array(':user_id' => $_REQUEST['id'], ':controller' => $class));
if ($aSystemUserPermission === null) {
$aSystemUserPermission = new ASystemUserPermission();
$aSystemUserPermission->user_id = $_REQUEST['id'];
$aSystemUserPermission->controller = $class;
$aSystemUserPermission->permission = serialize(array());
$aSystemUserPermission->save();
} else {
ASystemUserPermission::model()->updateAll(array('permission' => serialize(array())), 'user_id = :user_id AND controller = :controller', array(':user_id' => $_REQUEST['id'], ':controller' => $class));
}
}
}
}
Yii::app()->user->setFlash('success', "Bạn đã sửa quyền thành công");
$this->redirect(array('view', 'id' => $_REQUEST['id']));
}
