private function getMashup() { $request = $this->getRequest()->getQuery(); $key = @$request[ApiController::KEY_PARAM]; // disable templating etc $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout->disableLayout(); // check if a access right exists $access = new Model_Access(); $access->findByKey($key) or $this->sendError("Failed to find a accessible Mashup for key {$key}"); $m = $this->getLA()->loadMashup($access->getMashup()) or $this->sendError("Failed to load mashup " . $access->getMashup()); return $m; }
function init() { parent::init(); $this->addCondition('type', 'admin'); $this->hasOne('dokku_alt/Host', null, null, 'Host'); $this->addHook('beforeSave,beforeDelete', $this); }
/** * CRUD controller: UPDATE */ public function action_update() { $id_role = $this->request->param('id'); //we do not allow modify the admin if ($id_role == Model_Role::ROLE_ADMIN) { Alert::set(Alert::WARNING, __('Admin Role can not be modified!')); $this->redirect(Route::url('oc-panel', array('controller' => 'role'))); } $this->template->title = __('Update') . ' ' . __($this->_orm_model) . ' ' . $id_role; $role = new Model_Role($id_role); if ($this->request->post() and $role->loaded()) { //delete all the access DB::delete('access')->where('id_role', '=', $role->id_role)->execute(); //set all the access where post = on foreach ($_POST as $key => $value) { if ($value == 'on') { DB::insert('access', array('id_role', 'access'))->values(array($role->id_role, str_replace('|', '.', $key)))->execute(); } } //saving the role params $role->name = core::post('name'); $role->description = core::post('description'); $role->save(); Alert::set(Alert::SUCCESS, __('Item updated')); $this->redirect(Route::get($this->_route_name)->uri(array('controller' => Request::current()->controller()))); } //getting controllers actions $controllers = Model_Access::list_controllers(); //get all the access this user has $query = DB::select('access')->from('access')->where('id_role', '=', $id_role)->execute(); $access_in_use = array_keys($query->as_array('access')); // d(in_array('access_index',$access_in_use)); //d($access_in_use); return $this->render('oc-panel/pages/role/update', array('role' => $role, 'controllers' => $controllers, 'access_in_use' => $access_in_use)); }
function init() { parent::init(); $this->addCondition('type', 'deploy'); $this->hasOne('dokku_alt/App', null, null, 'App'); $this->addHook('beforeSave', $this); }
public function externaldeleteAction() { $muri = $this->getRequest()->getParam(HomeController::MASHUP_PARAM); if (!Zend_Uri::check($muri)) { $this->getLog()->err("Access granting failed: " . $muri . " malformed"); return $this->_helper->redirector('account'); } // check if mashup exists & belongs to current user $m = $this->getLA()->loadMashup($muri) or die('Mashup not found: ' . $muri); if ($m->getCreatorId() != $this->getUserId() && $this->getUser()->isAdmin()) { $this->getLog()->err("User " . $this->getUserId() . " has no rights on " . $muri); return $this->_helper->redirector('account'); } // delete from auth table $access = new Model_Access(); if (!$access->findByMashup($muri) || !$access->delete()) { $this->getLog()->err("Failed to remove access key: " . $access->ErrorMsg()); return $this->_helper->redirector('account'); } $this->getLog()->info("Removed access key to " . $muri); return $this->_helper->redirector('account'); }
<?php defined('SYSPATH') or die('No direct script access.'); ?> <div class="page-header" id="crud-<?php echo __($name); ?> "> <h1><?php echo __('Update'); ?> <?php echo ucfirst(__($name)); ?> </h1> <?$controllers = Model_Access::list_controllers()?> <a target="_blank" href="<?php echo Route::url('oc-panel', array('controller' => 'order', 'action' => 'index')); ?> ?email=<?php echo $form->object->email; ?> "> <?php echo __('Orders'); ?> </a> <?if (array_key_exists('ticket', $controllers)) :?> - <a target="_blank" href="<?php echo Route::url('oc-panel', array('controller' => 'support', 'action' => 'index', 'id' => 'admin')); ?>