/**
* adding auth item child relationships
*/
public function actionAddItemChild()
{
// Check Access
checkAccessThrowException('op_permission_add_item_child');
$model = new AuthItemChild();
$roles = AuthItem::model()->findAll(array('order' => 'type DESC, name ASC'));
$_roles = array();
if (count($roles)) {
foreach ($roles as $role) {
$_roles[AuthItem::model()->types[$role->type]][$role->name] = $role->description . ' (' . $role->name . ')';
}
}
// Did we choose a parent already?
if (isset($_GET['parent']) && $_GET['parent'] != '') {
$model->parent = $_GET['parent'];
}
if (isset($_POST['AuthItemChild'])) {
if (isset($_POST['AuthItemChild']['child']) && count($_POST['AuthItemChild']['child'])) {
// We need to delete all child items selected up until now
$existsalready = AuthItemChild::model()->findAll('parent=:parent', array(':parent' => $model->parent));
if (count($existsalready)) {
foreach ($existsalready as $existitem) {
Yii::app()->authManager->removeItemChild($existitem->parent, $existitem->child);
}
}
$added = 0;
foreach ($_POST['AuthItemChild']['child'] as $childItem) {
$model->child = $childItem;
if ($model->validate()) {
$added++;
}
}
// Get model parent
$authItem = AuthItem::model()->find('name=:name', array(':name' => $model->parent));
fok(at('{number} Child item(s) Added.', array('{number}' => $added)));
// Log Message
alog(at("Added {number} child items for {name}", array('{number}' => $added, '{name}' => $model->parent)));
if ($authItem) {
$this->redirect(array('view', 'id' => $authItem->id, '#' => 'tabs-2'));
} else {
$this->redirect(array('index'));
}
}
}
// Selected values
$selected = AuthItemChild::model()->findAll('parent=:parent', array(':parent' => $model->parent));
$_selected = array();
if (count($selected)) {
foreach ($selected as $select) {
$_selected[] = $select->child;
}
}
$model->child = $_selected;
// Add Breadcrumb
$this->addBreadCrumb(at('Adding Child Permissions'));
$this->title[] = at('Adding Child Permissions');
$this->render('child_form', array('model' => $model, 'roles' => $_roles));
}
public function actionCreate()
{
$parent = $this->getItem();
$item = new AuthItem();
$item_child = new AuthItemChild();
if (isset($_POST['AuthItem'])) {
$item->attributes = $_POST['AuthItem'];
$item_child->attributes = $_POST['AuthItemChild'];
$item_child->child = $item->name;
if ($item->validate() && $item_child->validate()) {
$item->save(false);
$item_child->save(false);
$this->redirect(array('view', 'name' => $item->name));
}
}
$this->render('create', array('parent' => $parent, 'item' => $item, 'item_child' => $item_child));
}
/**
* adding auth item child relationships
*/
public function actionaddauthitemchild()
{
// Perms
if (!Yii::app()->user->checkAccess('op_roles_add_authchild')) {
throw new CHttpException(403, Yii::t('error', 'Sorry, You don\'t have the required permissions to enter this section'));
}
$model = new AuthItemChild();
$roles = AuthItem::model()->findAll(array('order' => 'type DESC, name ASC'));
$_roles = array();
if (count($roles)) {
foreach ($roles as $role) {
$_roles[AuthItem::model()->types[$role->type]][$role->name] = $role->description . ' (' . $role->name . ')';
}
}
// Did we choose a parent already?
if (isset($_GET['parent']) && $_GET['parent'] != '') {
$model->parent = $_GET['parent'];
}
if (isset($_POST['AuthItemChild'])) {
if (isset($_POST['AuthItemChild']['child']) && count($_POST['AuthItemChild']['child'])) {
// We need to delete all child items selected up until now
$existsalready = AuthItemChild::model()->findAll('parent=:parent', array(':parent' => $model->parent));
if (count($existsalready)) {
foreach ($existsalready as $existitem) {
Yii::app()->authManager->removeItemChild($existitem->parent, $existitem->child);
}
}
$added = 0;
foreach ($_POST['AuthItemChild']['child'] as $childItem) {
$model->child = $childItem;
if ($model->validate()) {
$added++;
}
}
Yii::app()->user->setFlash('success', Yii::t('adminroles', '{number} Child item(s) Added.', array('{number}' => $added)));
$this->redirect(array('roles/index'));
}
}
// Selected values
$selected = AuthItemChild::model()->findAll('parent=:parent', array(':parent' => $model->parent));
$_selected = array();
if (count($selected)) {
foreach ($selected as $select) {
$_selected[] = $select->child;
}
}
$model->child = $_selected;
$this->breadcrumbs[Yii::t('adminroles', 'Adding auth item child')] = '';
$this->pageTitle[] = Yii::t('adminroles', 'Adding auth item child');
$this->render('child_form', array('model' => $model, 'roles' => $_roles, 'label' => Yii::t('adminroles', 'Add Auth Item Child')));
}
/**
*
* @desc
*/
public function actionMove()
{
$this->checkAccess('RbacViewer', true);
if (!empty($_POST)) {
$this->checkAccess('RbacEditor', true);
$from = isset($_POST['moveFromItem']) ? $_POST['moveFromItem'] : null;
$to = isset($_POST['moveToItem']) ? $_POST['moveToItem'] : null;
// check only if parent is protected
if (in_array($to, $this->protectedItems)) {
if (in_array($from, $this->protectedItems)) {
$this->messageErrors[] = "Sorry, Item is protected by Controller";
$this->actionIndex();
}
}
if (!$from || !$to || $from == $to) {
$this->messageErrors[] = "Please select Parent- and Childitem and care that they are not same.";
$this->actionIndex();
}
// default validate
$model = new AuthItemChild();
$model->attributes = array('child' => $from, 'parent' => $to);
if (!$model->validate()) {
$this->messageErrors[] = "Post validation Error. Please mail Siteadmin if this Error returns.";
$this->actionIndex();
}
// check if branch already exists
if ($model->findByAttributes(array('child' => $from, 'parent' => $to)) !== null) {
$this->messageErrors[] = "Create Brunch Error: Brunch already exists.";
$this->actionIndex();
}
// Items exist?
$model = new AuthItem();
if (!count($model->findByAttributes(array('name' => $from))) || !count($model->findByAttributes(array('name' => $to)))) {
$this->messageErrors[] = "Check Items exists Error. Please mail Siteadmin if this Error returns.";
$this->actionIndex();
}
// make recursioncheck and move Items
$model = new RBACTree();
$model->moveFrom = $from;
$model->moveTo = $to;
if ($model->checkRecursion()) {
$model->moveItem();
$this->messageSuccess[] = "Item {$from} successfull moved to {$to}.";
} else {
$this->messageErrors[] = "Can't move Selection cause that will produce a Recursion.\n\t\t\t\t<br>If you can't see producing a Recursion, it may help to eject Item before moving it.";
$this->actionIndex();
}
}
$this->actionIndex();
}
public function actionAddSubItem($id)
{
$auth = Yii::app()->authManager;
$children = $auth->getItemChildren($id);
$allOperations = $auth->getOperations();
$availOperations = array();
foreach ($allOperations as $k => $v) {
if (!isset($children[$k])) {
$availOperations[$k] = empty($v->description) ? $k : $v->description;
}
}
$model = new AuthItemChild();
if (isset($_POST['AuthItemChild'])) {
$model->attributes = $_POST['AuthItemChild'];
if ($model->validate()) {
$model->parent = $id;
$auth->addItemChild($id, $model->child);
// form inputs are valid, do something here
$this->redirect(array('permission/viewTasks', 'id' => $id));
}
}
$this->render('addSubItem', array('operations' => $availOperations, 'model' => $model));
}
