1 <?php
2 3 4 5 6 7 8
9 class AssignmentController extends RController
10 {
11 12 13
14 private $_authorizer;
15
16 17 18
19 public function init()
20 {
21 $this->_authorizer = $this->module->getAuthorizer();
22 $this->layout = $this->module->layout;
23 $this->defaultAction = 'view';
24
25
26 $this->module->registerScripts();
27 }
28
29 30 31
32 public function filters()
33 {
34 return array('accessControl');
35 }
36
37 38 39 40 41
42 public function accessRules()
43 {
44 return array(
45 array('allow',
46 'actions'=>array(
47 'view',
48 'user',
49 'revoke',
50 ),
51 'users'=>$this->_authorizer->getSuperusers(),
52 ),
53 array('deny',
54 'users'=>array('*'),
55 ),
56 );
57 }
58
59 60 61
62 public function actionView()
63 {
64
65 $dataProvider = new RAssignmentDataProvider(array(
66 'pagination'=>array(
67 'pageSize'=>50,
68 ),
69 ));
70
71
72 $this->render('view', array(
73 'dataProvider'=>$dataProvider,
74 ));
75 }
76
77 78 79
80 public function actionUser()
81 {
82
83 $userClass = $this->module->userClass;
84 $model = CActiveRecord::model($userClass)->findByPk($_GET['id']);
85 $this->_authorizer->attachUserBehavior($model);
86
87 $assignedItems = $this->_authorizer->getAuthItems(null, $model->getId());
88 $assignments = array_keys($assignedItems);
89
90
91 $assignSelectOptions = Rights::getAuthItemSelectOptions(null, $assignments);
92 if( $assignSelectOptions!==array() )
93 {
94 $formModel = new AssignmentForm();
95
96
97 if( isset($_POST['AssignmentForm'])===true )
98 {
99 $formModel->attributes = $_POST['AssignmentForm'];
100 if( $formModel->validate()===true )
101 {
102
103 $this->_authorizer->authManager->assign($formModel->itemname, $model->getId());
104 $item = $this->_authorizer->authManager->getAuthItem($formModel->itemname);
105 $item = $this->_authorizer->attachAuthItemBehavior($item);
106
107 Yii::app()->user->setFlash($this->module->flashSuccessKey,
108 Rights::t('core', 'Permission :name assigned.', array(':name'=>$item->getNameText()))
109 );
110
111 $this->redirect(array('assignment/user', 'id'=>$model->getId()));
112 }
113 }
114 }
115
116 else
117 {
118 $formModel = null;
119 }
120
121
122 $dataProvider = new RAuthItemDataProvider('assignments', array(
123 'userId'=>$model->getId(),
124 ));
125
126
127 $this->render('user', array(
128 'model'=>$model,
129 'dataProvider'=>$dataProvider,
130 'formModel'=>$formModel,
131 'assignSelectOptions'=>$assignSelectOptions,
132 ));
133 }
134
135 136 137
138 public function actionRevoke()
139 {
140
141 if( Yii::app()->request->isPostRequest===true )
142 {
143 $itemName = $this->getItemName();
144
145
146 $this->_authorizer->authManager->revoke($itemName, $_GET['id']);
147 $item = $this->_authorizer->authManager->getAuthItem($itemName);
148 $item = $this->_authorizer->attachAuthItemBehavior($item);
149
150
151 Yii::app()->user->setFlash($this->module->flashSuccessKey,
152 Rights::t('core', 'Permission :name revoked.', array(':name'=>$item->getNameText()))
153 );
154
155
156 if( isset($_POST['ajax'])===false )
157 $this->redirect(array('assignment/user', 'id'=>$_GET['id']));
158 }
159 else
160 {
161 throw new CHttpException(400, Rights::t('core', 'Invalid request. Please do not repeat this request again.'));
162 }
163 }
164
165 166 167
168 public function getItemName()
169 {
170 return isset($_GET['name'])===true ? urldecode($_GET['name']) : null;
171 }
172 }
173