/** * View the permissions for a role level, and change them if we have a POST. */ public function indexAction() { if ($this->request->isPost()) { // Validate the role $role = Roles::findFirstById($this->request->getPost('roleId')); if ($role) { if ($this->request->hasPost('save') && $this->request->hasPost('permissions')) { // Deletes the current permissions $role->getPermissions()->delete(); $savedMessages = []; // Save the new permissions foreach ($this->request->getPost('permissions') as $permission) { // This may become out of sync with the permission model validators but // its user input so rather be a bit more careful. if (preg_match('/^([a-z]*):([a-zA-Z]+).([a-zA-Z]+)$/', $permission, $matches) !== 1) { throw new \Exception('Error: The fully qualified permission is not valid'); } $permission = new Permissions(); $permission->rolesId = $role->id; $permission->namespace = $matches[1]; $permission->resource = $matches[2]; $permission->action = $matches[3]; if (!$permission->save()) { $savedMessages[] = $permission->getMessages()[0]; } } if (empty($savedMessages)) { $this->flash->success($this->translate->gettext('Permissions were updated with success')); } } $this->view->acl = $this->acl; // // Pass the current permissions to the view $this->view->permissions = $this->acl->getPermissions($role); } $this->view->role = $role; } // Pass all the active roles $this->view->roles = Roles::find(['active = :active:', 'bind' => ['active' => 'Y']]); }
/** * Deletes a Role * * @param int $id */ public function deleteAction($id) { $role = Roles::findFirstById($id); if (!$role) { $this->flash->error($this->translate->gettext('Role was not found')); return $this->dispatcher->forward(['action' => 'index']); } if (!$role->delete()) { $this->flash->error($role->getMessages()); } else { $this->flash->success($this->translate->gettext('Role was deleted')); } return $this->dispatcher->forward(['action' => 'index']); }