Gentics Portal.Node PHP API
 All Classes Namespaces Functions Variables Pages
AssignmentController.php
1 <?php
2 /**
3 * Rights assignment controller class file.
4 *
5 * @author Christoffer Niska <cniska@live.com>
6 * @copyright Copyright &copy; 2010 Christoffer Niska
7 * @since 0.9.1
8 */
10 {
11 
12  /**
13  * @var property used when controller invoked not directly but created manually
14  */
15  public $invoker;
16 
17  /**
18  * @property RAuthorizer
19  */
20  private $_authorizer;
21 
22 
23  /**
24  * Initializes the controller.
25  */
26  public function init()
27  {
28  $this->_authorizer = $this->module->getAuthorizer();
29  $this->layout = $this->module->layout;
30  $this->defaultAction = 'view';
31 
32  // Register the scripts
33  $this->module->registerScripts();
34  }
35 
36  /**
37  * @return array action filters
38  */
39  public function filters()
40  {
41  return array('accessControl');
42  }
43 
44  /**
45  * Specifies the access control rules.
46  * This method is used by the 'accessControl' filter.
47  * @return array access control rules
48  */
49  public function accessRules()
50  {
51  return array(
52  array('allow', // Allow superusers to access Rights
53  'actions'=>array(
54  'view',
55  'user',
56  'revoke',
57  ),
58  'users'=>$this->_authorizer->getSuperusers(),
59  ),
60  array('deny', // Deny all users
61  'users'=>array('*'),
62  ),
63  );
64  }
65 
66  /**
67  * Displays an overview of the users and their assignments.
68  */
69  public function actionView()
70  {
71  // Create a data provider for listing the users
72  $dataProvider = new RAssignmentDataProvider(array(
73  'pagination'=>array(
74  'pageSize'=>10,
75  ),
76  ));
77 
78  // Render the view
79  $this->render('view', array(
80  'dataProvider'=>$dataProvider,
81  ));
82  }
83 
84  /**
85  * Displays the authorization assignments for an user.
86  */
87  public function actionUser()
88  {
89  // Create the user model and attach the required behavior
90  $userClass = $this->module->userClass;
91  $model = CActiveRecord::model($userClass)->findByPk($_GET['id']);
92  $this->_authorizer->attachUserBehavior($model);
93 
94  $assignedItems = $this->_authorizer->getAuthItems(null, $model->getId());
95  $assignments = array_keys($assignedItems);
96 
97  // Make sure we have items to be selected
98  $assignSelectOptions = Rights::getAuthItemSelectOptions(null, $assignments);
99  if( $assignSelectOptions!==array() )
100  {
101  $formModel = new AssignmentForm();
102 
103  // Form is submitted and data is valid, redirect the user
104  if( isset($_POST['AssignmentForm'])===true )
105  {
106  $formModel->attributes = $_POST['AssignmentForm'];
107  if( $formModel->validate()===true )
108  {
109  // Update and redirect
110  $this->_authorizer->authManager->assign($formModel->itemname, $model->getId());
111  $item = $this->_authorizer->authManager->getAuthItem($formModel->itemname);
112  $item = $this->_authorizer->attachAuthItemBehavior($item);
113 
114  Yii::app()->user->setFlash($this->module->flashSuccessKey,
115  Rights::t('core', 'Permission :name assigned.', array(':name'=>$item->getNameText()))
116  );
117 
118  $this->redirect(
119  array( !$this->invoker ? 'assignment/user' : "/{$this->invoker->module->id}/assignment/user", 'id'=>$model->getId())
120  );
121  }
122  }
123  }
124  // No items available
125  else
126  {
127  $formModel = null;
128  }
129 
130  // Create a data provider for listing the assignments
131  $dataProvider = new RAuthItemDataProvider('assignments', array(
132  'userId'=>$model->getId(),
133  ));
134 
135 
136  // Render the view
137  $this->render('user', array(
138  'model'=>$model,
139  'dataProvider'=>$dataProvider,
140  'formModel'=>$formModel,
141  'assignSelectOptions'=>$assignSelectOptions,
142  ));
143  }
144 
145  /**
146  * Revokes an assignment from an user.
147  */
148  public function actionRevoke()
149  {
150  // We only allow deletion via POST request
151  if( Yii::app()->request->isPostRequest===true )
152  {
153  $itemName = $this->getItemName();
154 
155  // Revoke the item from the user and load it
156  $this->_authorizer->authManager->revoke($itemName, $_GET['id']);
157  $item = $this->_authorizer->authManager->getAuthItem($itemName);
158  $item = $this->_authorizer->attachAuthItemBehavior($item);
159 
160  // Set flash message for revoking the item
161  Yii::app()->user->setFlash($this->module->flashSuccessKey,
162  Rights::t('core', 'Permission :name revoked.', array(':name'=>$item->getNameText()))
163  );
164 
165  // if AJAX request, we should not redirect the browser
166  if( isset($_POST['ajax'])===false )
167  $this->redirect(array(!$this->invoker ? 'assignment/user' : "/{$this->invoker->module->id}/assignment/user", 'id'=>$_GET['id']));
168  }
169  else
170  {
171  throw new CHttpException(400, Rights::t('core', 'Invalid request. Please do not repeat this request again.'));
172  }
173  }
174 
175  /**
176  * @return string the item name or null if not set.
177  */
178  public function getItemName()
179  {
180  return isset($_GET['name'])===true ? urldecode($_GET['name']) : null;
181  }
182 }