示例#1
0
 /**
  * Executes the uniqueness validation
  *
  * @param  \Phalcon\Validation $validator
  * @param  string              $attribute
  * @return boolean
  */
 public function validate(Validation $validator, $attribute)
 {
     $table = $this->getOption('table');
     $column = $this->getOption('column');
     $result = $this->db->fetchOne(sprintf('SELECT COUNT(*) as count FROM %s WHERE %s = ?', $table, $column), Db::FETCH_ASSOC, array($validator->getValue($attribute)));
     if ($result['count']) {
         $message = $this->getOption('message');
         if (null === $message) {
             $message = 'Already taken. Choose another!';
         }
         $validator->appendMessage(new Message($message, $attribute, 'Uniqueness'));
         return false;
     }
     return true;
 }
示例#2
0
 /**
  * Executes the uniqueness validation
  *
  * @param  \Phalcon\Validation $validator
  * @param  string $attribute
  * @return boolean
  */
 public function validate(Validation $validator, $attribute)
 {
     $table = $this->db->escapeIdentifier($this->getOption('table'));
     $column = $this->db->escapeIdentifier($this->getOption('column'));
     if ($this->hasOption('exclude')) {
         $exclude = $this->getOption('exclude');
         $result = $this->db->fetchOne(sprintf('SELECT COUNT(*) AS count FROM %s WHERE %s = ? AND %s != ?', $table, $column, $this->db->escapeIdentifier($exclude['column'])), Db::FETCH_ASSOC, [$validator->getValue($attribute), $exclude['value']]);
     } else {
         $result = $this->db->fetchOne(sprintf('SELECT COUNT(*) AS count FROM %s WHERE %s = ?', $table, $column), Db::FETCH_ASSOC, [$validator->getValue($attribute)]);
     }
     if ($result['count']) {
         $message = $this->getOption('message', 'Already taken. Choose another!');
         $validator->appendMessage(new Message($message, $attribute, 'Uniqueness'));
         return false;
     }
     return true;
 }
示例#3
0
 /**
  * Check whether a role is allowed to access an action from a resource
  *
  * <code>
  * //Does Andres have access to the customers resource to create?
  * $acl->isAllowed('Andres', 'Products', 'create');
  *
  * //Do guests have access to any resource to edit?
  * $acl->isAllowed('guests', '*', 'edit');
  * </code>
  *
  * @param  string $roleName
  * @param  string $resourceName
  * @param  mixed $accessName
  * @return boolean
  */
 public function isAllowed($roleName, $resourceName, $accessName)
 {
     $exists = $this->_db->fetchOne('SELECT id FROM ' . $this->_options['roles'] . " WHERE name = ?", null, [$roleName]);
     if (!array_key_exists(0, $exists)) {
         throw new \Engine\Exception("Role '" . $roleName . "' does not exist in ACL");
     }
     $roleId = $exists[0];
     $exists = $this->_db->fetchOne('SELECT id FROM ' . $this->_options['resources'] . " WHERE name = ?", null, [$resourceName]);
     if (!$exists[0]) {
         throw new \Engine\Exception("Resource '" . $resourceName . "' does not exist in ACL");
     }
     $resourceId = $exists[0];
     $sql = 'SELECT id FROM ' . $this->_options['resourcesAccesses'] . " WHERE resource_id = ? AND name = ?";
     $exists = $this->_db->fetchOne($sql, null, [$resourceId, $accessName]);
     if (!$exists[0]) {
         throw new \Engine\Exception("Access '" . $accessName . "' does not exist in resource '" . $resourceName . "' in ACL");
     }
     $accessId = $exists[0];
     $sql = 'SELECT id FROM ' . $this->_options['resourcesAccesses'] . " WHERE resource_id = ? AND name = ?";
     $exists = $this->_db->fetchOne($sql, null, [$resourceId, '*']);
     if (!$exists[0]) {
         throw new \Engine\Exception("Access '*' does not exist in resource '" . $resourceName . "' in ACL");
     }
     $accessIdZero = $exists[0];
     /**
      * Check if there is a specific rule for that resource/access
      */
     $sql = 'SELECT allowed FROM ' . $this->_options['accessList'] . " WHERE role_id = ? AND resource_id = ? AND access_id = ?";
     $allowed = $this->_db->fetchOne($sql, \Phalcon\Db::FETCH_NUM, [$roleId, $resourceId, $accessId]);
     if (is_array($allowed)) {
         return (int) $allowed[0];
     }
     /**
      * Check if there is an common rule for that resource
      */
     /*$sql = 'SELECT COUNT(*) FROM '.$this->_options['accessList']." WHERE role_id = ? AND resource_id = ? AND access_id = ?";
     		$allowed = $this->_db->fetchOne($sql, \Phalcon\Db::FETCH_NUM, [$roleId, $resourceId, $accessIdZero]);
     		if (is_array($allowed)) {
     			return (int) $allowed[0];
     		}*/
     $sql = 'SELECT inherit_role_id FROM ' . $this->_options['rolesInherits'] . ' WHERE role_id = ?';
     $inheritedRoles = $this->_db->fetchAll($sql, \Phalcon\Db::FETCH_NUM, [$roleId]);
     /**
      * Check inherited roles for a specific rule
      */
     foreach ($inheritedRoles as $row) {
         $sql = 'SELECT allowed FROM ' . $this->_options['accessList'] . " WHERE role_id = ? AND resource_id = ? AND access_id = ?";
         $allowed = $this->_db->fetchOne($sql, \Phalcon\Db::FETCH_NUM, [$row[0], $resourceId, $accessId]);
         if (is_array($allowed)) {
             return (int) $allowed[0];
         }
     }
     /**
      * Check if there is a common rule for that access
      */
     $exists = $this->_db->fetchOne('SELECT id FROM ' . $this->_options['resources'] . " WHERE name = ?", null, ['*']);
     if (!$exists[0]) {
         throw new \Engine\Exception("Resource '*' does not exist in ACL");
     }
     $resourceIdZero = $exists[0];
     $sql = 'SELECT allowed FROM ' . $this->_options['accessList'] . " WHERE role_id = ? AND resource_id = ? AND access_id = ?";
     $allowed = $this->_db->fetchOne($sql, \Phalcon\Db::FETCH_NUM, [$roleId, $resourceIdZero, $accessId]);
     if (is_array($allowed)) {
         return (int) $allowed[0];
     }
     /**
      * Return the default access action
      */
     return $this->_defaultAccess;
 }