function OnPageLoad()
{
if (is_object($this->data_object)) {
echo new XhtmlElement('h1', Html::Encode('Delete role: ' . $this->data_object->getRoleName()));
} else {
echo new XhtmlElement('h1', 'Delete role');
$this->deleted = true;
}
if ($this->deleted) {
?>
<p>The role has been deleted.</p>
<p><a href="roles.php">View all roles</a></p>
<?php
} else {
?>
<p>Deleting a role cannot be undone.</p>
<p>Are you sure you want to delete this role?</p>
<form method="post" class="deleteButtons">
<div>
<input type="submit" value="Delete role" name="delete" />
<input type="submit" value="Cancel" name="cancel" />
</div>
</form>
<?php
$this->AddSeparator();
require_once 'stoolball/user-edit-panel.class.php';
$panel = new UserEditPanel($this->GetSettings(), 'this role');
$panel->AddLink('edit this role', "role.php?item=" . $this->data_object->getRoleId());
echo $panel;
}
}
function OnPrePageLoad()
{
if (is_object($this->role)) {
$this->SetPageTitle($this->role->getRoleName() . ': Edit role');
} else {
$this->SetPageTitle('New role');
}
}
/**
*
* @param Role $role
* @return int id of the Role inserted in base. False if it didn't work.
*/
public static function flush($role)
{
$roleId = $role->getId();
$roleVar = $role->getRoleName();
if ($roleId > 0) {
$sql = 'UPDATE role SET' . 'role_name = ? ' . 'WHERE id_role = ?';
$params = array('si', &$roleVar, &$roleId);
} else {
$sql = 'INSERT INTO role (role_name) VALUES (?)';
$params = array('s', &$roleVar);
}
$idInsert = BaseSingleton::insertOrEdit($sql, $params);
if ($idInsert !== false && $roleId > 0) {
$idInsert = $roleId;
}
return $idInsert;
}
/**
* get role name
* @return string
*/
function getRoleName()
{
$role = new Role($this->getData('roleId'));
return $role->getRoleName();
}
/**
* Remove a role currently in existence.
*
* Provide the Role object of the role you wish to remove. Use getRole() to retrieve Roles.
*
* @param Role $role
* @internal param string $roleName - Name of the role to DELETE
* @return bool - based on success of function
*/
public function deleteRole(Role $role)
{
$url = $this->restUrl . ROLE_BASE_URL . '/' . $role->getRoleName();
$tenantId = $role->getTenantId();
if ($tenantId !== null || $tenantId !== '') {
$url .= PIPE . $tenantId;
}
if ($this->prepAndSend($url, array(200), 'DELETE')) {
return true;
}
return false;
}
public function delRole(Role $role)
{
$data_changed = false;
for ($i = 0; $i < count($this->roles) || $i == -1; $i++) {
if ($this->roles[$i]->getRoleName() == $role->getRoleName() && $this->roles[$i]->getTenantId() == $role->getTenantId()) {
unset($this->roles[$i]);
$data_changed = true;
$i = -1;
}
}
if ($data_changed) {
return true;
}
return false;
}
/**
* Saves a security role
* @param $role Role
*/
public function SaveRole(Role $role)
{
$roles = $this->GetSettings()->GetTable('Role');
$permissions_table = $this->GetSettings()->GetTable('PermissionRoleLink');
# if no id, it's a new object; otherwise update the object
if ($role->getRoleId()) {
$sql = "UPDATE {$roles} SET \r\n role = " . Sql::ProtectString($this->GetDataConnection(), $role->getRoleName()) . " \r\n WHERE role_id = " . Sql::ProtectNumeric($role->getRoleId());
$this->LoggedQuery($sql);
# Remove existing permissions
$sql = "DELETE FROM {$permissions_table} WHERE role_id = " . Sql::ProtectNumeric($role->getRoleId());
$this->LoggedQuery($sql);
} else {
$sql = "INSERT INTO {$roles} SET role = " . Sql::ProtectString($this->GetDataConnection(), $role->getRoleName());
$this->LoggedQuery($sql);
$role->setRoleId($this->GetDataConnection()->insertID());
}
# Add replacement permissions
$role_id = Sql::ProtectNumeric($role->getRoleId());
$permissions = $role->Permissions()->ToArray();
foreach ($permissions as $permission => $scopes) {
foreach ($scopes as $scope => $ignore_value) {
$resource_uri = $scope == PermissionType::GLOBAL_PERMISSION_SCOPE ? "NULL" : Sql::ProtectString($this->GetDataConnection(), $scope);
$sql = "INSERT INTO {$permissions_table} SET \r\n permission_id = " . Sql::ProtectNumeric($permission) . ",\r\n resource_uri = {$resource_uri}, \r\n role_id = {$role_id}";
$this->LoggedQuery($sql);
}
}
}