/** * Toggle permission action. * * @param int $acoId * @param int $aroId * @return \Cake\Network\Response|null */ public function toggle($acoId, $aroId) { if (!$this->request->is('ajax')) { return $this->redirect(['action' => 'permissions']); } $aro = $this->_Permissions->Aros->find()->select(['id', 'lft', 'rght', 'model', 'alias', 'foreign_key'])->where(['id' => $aroId])->first()->toArray(); $path = $this->_Permissions->Acos->find('path', ['for' => $acoId]); $path = join('/', collection($path)->extract('alias')->toArray()); $value = !$this->_Permissions->check($aro, $path); $isAllow = $this->_Permissions->allow($aro, $path, '*', $value ? 1 : -1); $this->set('_serialize', false); $this->set(compact('value', 'acoId', 'aroId', 'isAllow')); }
/** * Get allowed actions. * * @return array */ public function getAllowed() { $allow = []; $aro = $this->_getAro(); $ref = $this->_getNodeRef(); /** @var \Cake\ORM\Query $queryNode */ $queryNode = $this->_table->Acos->node($ref); if ($queryNode !== false) { /** @var \Acl\Model\Entity\Aco $node */ $node = $queryNode->first(); $actions = $this->_table->Acos->find('list', ['valueField' => 'alias'])->where(['parent_id' => $node->get('id')])->cache('actions_' . $node->get('id'), $this->_cacheConfig); $allowedActions = $this->_table->find('list', ['valueField' => 'aco_id'])->where(['aro_id' => $aro->get('id'), '_create' => 1, '_read' => 1, '_update' => 1, '_delete' => 1])->where(function ($exp) use($actions) { /** @var \Cake\Database\Expression\QueryExpression $exp */ return $exp->in('aco_id', array_keys($actions->toArray())); })->cache($this->_getAllowedCacheKey($actions, $aro), $this->_cacheConfig); $allowedActionsIds = array_values($allowedActions->toArray()); if (is_array($allowedActionsIds) && count($allowedActionsIds)) { foreach ($allowedActionsIds as $id) { $allow[] = Hash::get($actions->toArray(), $id); } } } return $allow; }