public function grid($dataArray) { $request = Zend_Controller_Front::getInstance(); $params = $request->getRequest()->getParams(); $menu_model = new Default_Model_Menu(); $session = new Zend_Auth_Storage_Session(); $data = $session->read(); $role_id = $data['emprole']; $menunamestr = ''; $sortStr = ''; $actnArr = array(); $sortStr = $dataArray['by']; $controllers_arr = $menu_model->getControllersByRole($role_id); if ($dataArray['objectname'] == 'processes') { $actionsobjname = 'empscreening'; } else { $actionsobjname = $dataArray['objectname']; } if (isset($controllers_arr[$actionsobjname . "controller.php"])) { $actions_arr = $controllers_arr[$actionsobjname . "controller.php"]['actions']; $menuName = $actions_arr[sizeof($actions_arr) - 1]; } else { $actions_arr = array(); } $gridFieldsArr = array(); $tmpActionsArr = array(); $tmpActionsArr = $actions_arr; array_pop($tmpActionsArr); //last element of actions array is menuname so delete that & check the privileges are empty or not... $actnArr = $tmpActionsArr; if (($key = array_search('add', $actnArr)) !== false) { unset($actnArr[$key]); } if (empty($tmpActionsArr)) { $gridFieldsArr = $dataArray['tableheader']; unset($gridFieldsArr['action']); $dataArray['tableheader'] = $gridFieldsArr; } if (isset($dataArray['menuName'])) { $menuName = $dataArray['menuName']; } $paginator = new Zend_Paginator(new Zend_Paginator_Adapter_DbSelect($dataArray['tablecontent'])); $paginator->setItemCountPerPage($dataArray['perPage'])->setCurrentPageNumber($dataArray['pageNo']); if (empty($dataArray['tableheader'])) { $widgetsModel = new Default_Model_Widgets(); $columnData = $widgetsModel->getTableFields('/' . $dataArray['objectname']); $dataArray['tableheader'] = json_decode($columnData['menufields'], true); } $msgtitle = $dataArray['objectname'] . '_delete'; $msgtitle = strtoupper($msgtitle); $msgflag = constant($msgtitle); $msgAr = explode(' ', $msgflag); $msgdta = implode('@#$', $msgAr); if (isset($dataArray['formgrid']) && $dataArray['formgrid'] == 'true') { if (isset($dataArray['unitId'])) { $con = '/unitId/' . $dataArray['unitId']; } else { if (isset($params['id'])) { $con = '/unitId/' . $params['id']; } } $formgridVal = $dataArray['formgrid']; if ($dataArray['objectname'] == 'departments') { $viewaction = 'view'; } else { $viewaction = 'viewpopup'; } $editaction = 'editpopup'; if (isset($dataArray['menuName']) && $dataArray['menuName'] != '') { $menunamestr = $dataArray['menuName']; } $viewpopup_str = '<a onclick="displaydeptform(\'' . DOMAIN . $dataArray['objectname'] . '/' . $viewaction . '/id/{{id}}' . $con . '/popup/1\',\'' . $menunamestr . '\')" name="{{id}}" class="sprite view" title=\'View\'></a>'; $editpopup_str = '<a id="edit{{id}}" onclick="displaydeptform(\'' . DOMAIN . $dataArray['objectname'] . '/' . $editaction . '/id/{{id}}' . $con . '/popup/1\',\'' . $menunamestr . '\')" name="{{id}}" class="sprite edit" title=\'Edit\' ></a>'; $deletepopup_str = '<a name="{{id}}" id="del{{id}}" onclick= changestatus(\'' . $dataArray['objectname'] . '\',\'{{id}}\',\'' . $msgdta . '\') href= javascript:void(0) title=\'Delete\' class="sprite delete" ></a>'; if (!in_array('view', $actions_arr) && !in_array('edit', $actions_arr) && !in_array('delete', $actions_arr)) { if ($dataArray['objectname'] == 'processes') { $extra['action'] = array('name' => 'edit', 'value' => '<div class="grid-action-align"> <a onclick="displaydeptform(\'' . DOMAIN . $dataArray['objectname'] . '/' . $viewaction . '/id/{{id}}' . $con . '/popup/1\',\'' . $menunamestr . '\')" name="{{id}}" class="sprite view" title=\'View\'></a> <a onclick="displaydeptform(\'' . DOMAIN . $dataArray['objectname'] . '/' . $editaction . '/id/{{id}}' . $con . '/popup/1\',\'' . $menunamestr . '\')" name="{{id}}" class="sprite edit" title=\'Edit\' ></a> <a name="{{id}}" id="{{id}}" onclick= changestatus(\'' . $dataArray['objectname'] . '\',\'{{id}}\',\'' . $msgdta . '\') href= javascript:void(0) title=\'Delete\' class="sprite delete" ></a> </div>'); } else { $extra['action'] = array(); } } else { if ($dataArray['objectname'] == 'empleavesummary' || $dataArray['objectname'] == 'empscreening') { $view_str = '<a href= "' . DOMAIN . $dataArray['objectname'] . '/view/id/{{id}}" name="{{id}}" class="sprite view" title=\'View\'></a>'; $edit_str = '<a href= "' . DOMAIN . $dataArray['objectname'] . '/edit/id/{{id}}" name="{{id}}" class="sprite edit" title=\'Edit\'></a>'; $delete_str = '<a name="{{id}}" onclick= changestatus(\'' . $dataArray['objectname'] . '\',\'{{id}}\',\'' . $msgdta . '\') href= javascript:void(0) title=\'Delete\' class="sprite delete" ></a>'; $extra['action'] = array('name' => 'edit', 'value' => '<div class="grid-action-align"> ' . (in_array('view', $actions_arr) ? $view_str : '') . ' ' . (in_array('edit', $actions_arr) ? $edit_str : '') . ' ' . (in_array('delete', $actions_arr) ? $delete_str : '') . ' </div>'); } else { $extra['action'] = array('name' => 'edit', 'value' => '<div class="grid-action-align"> ' . (in_array('view', $actions_arr) ? $viewpopup_str : '') . ' ' . (in_array('edit', $actions_arr) ? $editpopup_str : '') . ' ' . (in_array('delete', $actions_arr) ? $deletepopup_str : '') . ' </div>'); } } } else { $formgridVal = ''; $view_str = '<a href= "' . DOMAIN . $dataArray['objectname'] . '/view/id/{{id}}" name="{{id}}" class="sprite view" title=\'View\'></a>'; $edit_str = '<a href= "' . DOMAIN . $dataArray['objectname'] . '/edit/id/{{id}}" name="{{id}}" class="sprite edit" title=\'Edit\'></a>'; if ($dataArray['objectname'] == 'pendingleaves') { $delete_str = '<a name="{{id}}" onclick= changestatus(\'' . $dataArray['objectname'] . '\',\'{{id}}\',\'' . $msgdta . '\') href= javascript:void(0) title=\'Cancel Leave\' class="sprite cancel-lev" ></a>'; } else { if ($dataArray['objectname'] == 'createprojects') { $delete_str = '<a name="{{id}}" onclick= changestatus(\'' . $dataArray['objectname'] . '\',\'{{id}}\',\'' . $msgdta . '\') href= javascript:void(0) title=\'Cancel Project\' class="sprite cancel-lev" ></a>'; } else { if ($dataArray['objectname'] == 'createtasks') { $delete_str = '<a name="{{id}}" onclick= changestatus(\'' . $dataArray['objectname'] . '\',\'{{id}}\',\'' . $msgdta . '\') href= javascript:void(0) title=\'Cancel Tasks\' class="sprite cancel-lev" ></a>'; } else { if ($dataArray['objectname'] == 'approvedleaves') { $delete_str = '<a name="{{id}}" onclick= changestatus(\'' . $dataArray['objectname'] . '\',\'{{id}}\',\'' . $msgdta . '\') href= javascript:void(0) title=\'Cancel Approved Leave\' class="sprite cancel-lev" ></a>'; } else { if ($dataArray['objectname'] == 'manageremployeevacations') { if ($params['action'] == "approved" || $_SESSION["manageremployeevacations_view"] == "2") { $delete_str = '<a name="{{id}}" onclick= changestatus(\'' . $dataArray['objectname'] . '\',\'{{id}}\',\'' . $msgdta . '\') href= javascript:void(0) title=\'Cancel Approved Leave\' class="sprite cancel-lev" ></a>'; } } else { if ($dataArray['objectname'] == 'usermanagement') { $delete_str = '<a id="del{{id}}" name="{{id}}" onclick= changestatus(\'' . $dataArray['objectname'] . '\',\'{{id}}\',\'' . $msgdta . '\') href= javascript:void(0) title=\'Delete\' class="sprite delete" ></a>'; } else { $delete_str = '<a name="{{id}}" onclick= changestatus(\'' . $dataArray['objectname'] . '\',\'{{id}}\',\'' . $msgdta . '\') href= javascript:void(0) title=\'Delete\' class="sprite delete" ></a>'; } } } } } } if (!in_array('view', $actions_arr) && !in_array('edit', $actions_arr) && !in_array('delete', $actions_arr)) { $extra['action'] = array(); } else { $extra['action'] = array('name' => 'edit', 'value' => '<div class="grid-action-align"> ' . (in_array('view', $actions_arr) ? $view_str : '') . ' ' . (in_array('edit', $actions_arr) ? $edit_str : '') . ' ' . (in_array('delete', $actions_arr) ? $delete_str : '') . ' </div>'); //onclick ="javascript:editlocdata(\'{{id}}\')" } } $extra['options'] = array(); $addaction = ''; if (isset($dataArray['add']) && $dataArray['add'] != '') { $addaction = $dataArray['add']; } else { $addaction = ''; } $unitId = ''; if (in_array('add', $actions_arr)) { $addpermission = "true"; } else { $addpermission = "false"; } if (isset($dataArray['unitId'])) { $unitId = $dataArray['unitId']; } return $this->generateGrid($dataArray['objectname'], $dataArray['tableheader'], $paginator, $extra, true, $dataArray['jsGridFnName'], $dataArray['perPage'], $dataArray['pageNo'], $dataArray['jsFillFnName'], $dataArray['searchArray'], $formgridVal, $addaction, $menuName, $unitId, $addpermission, $menunamestr, isset($dataArray['call']) ? $dataArray['call'] : "", $sortStr, isset($dataArray['search_filters']) ? $dataArray['search_filters'] : "", isset($dataArray['dashboardcall']) ? $dataArray['dashboardcall'] : "No", isset($dataArray['empstatus']) ? $dataArray['empstatus'] : "", $actnArr, isset($dataArray['empscreentotalcount']) ? $dataArray['empscreentotalcount'] : "", isset($dataArray['sort']) ? $dataArray['sort'] : "", isset($dataArray['by']) ? $dataArray['by'] : ""); }
/** * This function is used to create access control dynamically. */ public static function generateAccessControl() { //$filename = Zend_Registry::get('acess_file_path'); $filename = ACCESS_CONTROL_PATH . SEPARATOR . "application" . SEPARATOR . "modules" . SEPARATOR . "default" . SEPARATOR . "plugins" . SEPARATOR . "AccessControl.php"; $menu_model = new Default_Model_Menu(); $role_model = new Default_Model_Roles(); $storage = new Zend_Auth_Storage_Session(); $data = $storage->read(); $controllers = $menu_model->getControllersByRole('1'); $roles_arr = $role_model->getRoleTypesForAccess(); $acl = self::generateAccessControl_helper($controllers, '1'); $role_str = ""; $role_str1 = ""; foreach ($roles_arr as $role_id => $roles) { $role_str .= "else if(\$role == " . $role_id . ")\n\t \$role = '" . $roles['roletype'] . "';\n\t"; $role_str1 .= "\n\t \$acl->addRole('" . $roles['roletype'] . "');"; } $acl_str = self::generateAccessControl_helper1($acl, $controllers, 'admin'); $acl_str .= self::generateAccessControl_helper5('', SUPERADMINROLE, 'admin'); $rcontent_roles = self::generateAccessControl_helper2($roles_arr, $menu_model); $time_management_str = self::generateAccessControl_helper6($roles_arr); $access_content = "<?php\nclass Default_Plugin_AccessControl extends Zend_Controller_Plugin_Abstract\n{\n private \$_acl,\$id_param;\n \n public function preDispatch(Zend_Controller_Request_Abstract \$request)\n {\n\t\$storage = new Zend_Auth_Storage_Session();\n\t\$data = \$storage->read();\n\t\$role = \$data['emprole'];\n\tif(\$role == 1)\n\t\t\$role = 'admin';\n\t" . $role_str . "\n \t\$request->getModuleName();\n \$request->getControllerName();\n \$request->getActionName();\n \t\n \n \$module = \$request->getModuleName();\n\t\$resource = \$request->getControllerName();\n\t\$privilege = \$request->getActionName();\n\t\$this->id_param = \$request->getParam('id');\n\t\$allowed = false;\n \$acl = \$this->_getAcl();\n\t\$moduleResource = \"\$module:\$resource\";\n\t\n\tif(\$resource == 'profile')\n \$role = 'viewer';\n\t\t\n\tif(\$resource == 'services')\n \$role = 'services';\n\t\t\n\tif(\$role != '') \n {\n if (\$acl->has(\$moduleResource)) \n {\t\t\t\t\t\t\n \$allowed = \$acl->isAllowed(\$role, \$moduleResource, \$privilege);\t\n\t\t\t \t \n }\t \n if (!\$allowed)// && \$role !='admin') \n {\t\t\t\t\n \$request->setControllerName('error');\n\t \$request->setActionName('error');\n }\n\t}\n }\n \nprotected function _getAcl()\n{\n if (\$this->_acl == null ) \n {\n\t \$acl = new Zend_Acl();\n\n\t \$acl->addRole('admin'); \n\t \$acl->addRole('viewer'); \n\t " . $role_str1 . "\n\t \$storage = new Zend_Auth_Storage_Session();\n\t \$data = \$storage->read();\n\t \$role = \$data['emprole'];\n\t\t" . $time_management_str . "\n\t \$acl->addResource(new Zend_Acl_Resource('login:index'));\t\n\t \$acl->allow('viewer', 'login:index', array('index','confirmlink','forgotpassword','forgotsuccess','login','pass','browserfailure','forcelogout','useractivation'));\n\n\t if(\$role == 1 ) \n\t {\t\t\t\t \t\t \t\n\t\t\t " . $acl_str . "\t\t\t \t\t \t \t\t\t\t \n\t } \n\t " . $rcontent_roles . "\n\n // setup acl in the registry for more\n Zend_Registry::set('acl', \$acl);\n \$this->_acl = \$acl;\n }\n return \$this->_acl;\n}\n }\n \n ?>"; $handle = fopen($filename, "w+"); if (fwrite($handle, $access_content)) { fclose($handle); } else { throw new Exception('file permission'); } }