/** * Executes the uniqueness validation * * @param \Phalcon\Validation $validator * @param string $attribute * @return boolean */ public function validate(Validation $validator, $attribute) { $table = $this->getOption('table'); $column = $this->getOption('column'); $result = $this->db->fetchOne(sprintf('SELECT COUNT(*) as count FROM %s WHERE %s = ?', $table, $column), Db::FETCH_ASSOC, array($validator->getValue($attribute))); if ($result['count']) { $message = $this->getOption('message'); if (null === $message) { $message = 'Already taken. Choose another!'; } $validator->appendMessage(new Message($message, $attribute, 'Uniqueness')); return false; } return true; }
/** * Executes the uniqueness validation * * @param \Phalcon\Validation $validator * @param string $attribute * @return boolean */ public function validate(Validation $validator, $attribute) { $table = $this->db->escapeIdentifier($this->getOption('table')); $column = $this->db->escapeIdentifier($this->getOption('column')); if ($this->hasOption('exclude')) { $exclude = $this->getOption('exclude'); $result = $this->db->fetchOne(sprintf('SELECT COUNT(*) AS count FROM %s WHERE %s = ? AND %s != ?', $table, $column, $this->db->escapeIdentifier($exclude['column'])), Db::FETCH_ASSOC, [$validator->getValue($attribute), $exclude['value']]); } else { $result = $this->db->fetchOne(sprintf('SELECT COUNT(*) AS count FROM %s WHERE %s = ?', $table, $column), Db::FETCH_ASSOC, [$validator->getValue($attribute)]); } if ($result['count']) { $message = $this->getOption('message', 'Already taken. Choose another!'); $validator->appendMessage(new Message($message, $attribute, 'Uniqueness')); return false; } return true; }
/** * Check whether a role is allowed to access an action from a resource * * <code> * //Does Andres have access to the customers resource to create? * $acl->isAllowed('Andres', 'Products', 'create'); * * //Do guests have access to any resource to edit? * $acl->isAllowed('guests', '*', 'edit'); * </code> * * @param string $roleName * @param string $resourceName * @param mixed $accessName * @return boolean */ public function isAllowed($roleName, $resourceName, $accessName) { $exists = $this->_db->fetchOne('SELECT id FROM ' . $this->_options['roles'] . " WHERE name = ?", null, [$roleName]); if (!array_key_exists(0, $exists)) { throw new \Engine\Exception("Role '" . $roleName . "' does not exist in ACL"); } $roleId = $exists[0]; $exists = $this->_db->fetchOne('SELECT id FROM ' . $this->_options['resources'] . " WHERE name = ?", null, [$resourceName]); if (!$exists[0]) { throw new \Engine\Exception("Resource '" . $resourceName . "' does not exist in ACL"); } $resourceId = $exists[0]; $sql = 'SELECT id FROM ' . $this->_options['resourcesAccesses'] . " WHERE resource_id = ? AND name = ?"; $exists = $this->_db->fetchOne($sql, null, [$resourceId, $accessName]); if (!$exists[0]) { throw new \Engine\Exception("Access '" . $accessName . "' does not exist in resource '" . $resourceName . "' in ACL"); } $accessId = $exists[0]; $sql = 'SELECT id FROM ' . $this->_options['resourcesAccesses'] . " WHERE resource_id = ? AND name = ?"; $exists = $this->_db->fetchOne($sql, null, [$resourceId, '*']); if (!$exists[0]) { throw new \Engine\Exception("Access '*' does not exist in resource '" . $resourceName . "' in ACL"); } $accessIdZero = $exists[0]; /** * Check if there is a specific rule for that resource/access */ $sql = 'SELECT allowed FROM ' . $this->_options['accessList'] . " WHERE role_id = ? AND resource_id = ? AND access_id = ?"; $allowed = $this->_db->fetchOne($sql, \Phalcon\Db::FETCH_NUM, [$roleId, $resourceId, $accessId]); if (is_array($allowed)) { return (int) $allowed[0]; } /** * Check if there is an common rule for that resource */ /*$sql = 'SELECT COUNT(*) FROM '.$this->_options['accessList']." WHERE role_id = ? AND resource_id = ? AND access_id = ?"; $allowed = $this->_db->fetchOne($sql, \Phalcon\Db::FETCH_NUM, [$roleId, $resourceId, $accessIdZero]); if (is_array($allowed)) { return (int) $allowed[0]; }*/ $sql = 'SELECT inherit_role_id FROM ' . $this->_options['rolesInherits'] . ' WHERE role_id = ?'; $inheritedRoles = $this->_db->fetchAll($sql, \Phalcon\Db::FETCH_NUM, [$roleId]); /** * Check inherited roles for a specific rule */ foreach ($inheritedRoles as $row) { $sql = 'SELECT allowed FROM ' . $this->_options['accessList'] . " WHERE role_id = ? AND resource_id = ? AND access_id = ?"; $allowed = $this->_db->fetchOne($sql, \Phalcon\Db::FETCH_NUM, [$row[0], $resourceId, $accessId]); if (is_array($allowed)) { return (int) $allowed[0]; } } /** * Check if there is a common rule for that access */ $exists = $this->_db->fetchOne('SELECT id FROM ' . $this->_options['resources'] . " WHERE name = ?", null, ['*']); if (!$exists[0]) { throw new \Engine\Exception("Resource '*' does not exist in ACL"); } $resourceIdZero = $exists[0]; $sql = 'SELECT allowed FROM ' . $this->_options['accessList'] . " WHERE role_id = ? AND resource_id = ? AND access_id = ?"; $allowed = $this->_db->fetchOne($sql, \Phalcon\Db::FETCH_NUM, [$roleId, $resourceIdZero, $accessId]); if (is_array($allowed)) { return (int) $allowed[0]; } /** * Return the default access action */ return $this->_defaultAccess; }