Projekt

Obecné

Profil

Stáhnout (13.6 KB) Statistiky
| Větev: | Tag: | Revize:
<?php defined('SYSPATH') or die('No direct script access.');
/*
* This file is part of open source system FreenetIS
* and it is released under GPLv3 licence.
*
* More info about licence can be found:
* http://www.gnu.org/licenses/gpl-3.0.html
*
* More info about project can be found:
* http://www.freenetis.org/
*
*/

/**
* Controller performs actions with access control rules
*
* @package Controller
* @author Michal Kliment
*/
class Acl_Controller extends Controller
{
/**
* Index function, only redirect to list of all access control rules
*
* @author Michal Kliment
*/
public function index()
{
url::redirect('acl/show_all');
}

/**
* Shows all access control rules
*
* @author Michal Kliment
* @param integer $limit_results
* @param string $order_by
* @param string $order_by_direction
* @param string $page_word
* @param integer $page
*/
public function show_all (
$limit_results = 100, $order_by = 'id',
$order_by_direction = 'asc',
$page_word = 'page', $page = 1)
{
// check access
if (!$this->acl_check_view('Acl_Controller', 'acl'))
Controller::Error(ACCESS);
// gets new selector
if (is_numeric($this->input->post('record_per_page')))
$limit_results = (int) $this->input->post('record_per_page');
// parameters control
$allowed_order_type = array
(
'id', 'desription', 'aco_count', 'aro_groups_count','axo_count'
);
// order by check
if (!in_array(strtolower($order_by), $allowed_order_type))
$order_by = 'id';
// order by direction check
if (strtolower($order_by_direction) != 'desc')
$order_by_direction = 'asc';
$filter_form = new Filter_form('a');
$filter_form->add('note');
$filter_form->add('aco_value')
->label('ACO')
->type('select')
->values(Aco_Model::get_actions());
$filter_form->add('aro_group_id')
->label('ARO group')
->type('select')
->values(Aro_group_Model::get_groups());
$filter_form->add('axo_section_value')
->label('AXO section')
->type('select')
->values(Axo_Model::get_section_values());
$filter_form->add('axo_value')
->label('AXO value')
->type('select')
->values(Axo_Model::get_values());
$acl_model = new Acl_Model();
$total_rules = $acl_model->count_all_rules($filter_form->as_sql());
// limit check
if (($sql_offset = ($page - 1) * $limit_results) > $total_rules)
$sql_offset = 0;
$rules = $acl_model->get_all_rules(
$sql_offset, (int)$limit_results, $order_by, $order_by_direction,
$filter_form->as_sql()
);
$headline = __('List of all rules for access control');
// path to form
$path = Config::get('lang') . '/acl/show_all/' . $limit_results . '/'
. $order_by . '/' . $order_by_direction.'/'.$page_word.'/'
. $page;
// it creates grid to view all members
$grid = new Grid('acl', null, array
(
'current' => $limit_results,
'selector_increace' => 50,
'selector_min' => 100,
'selector_max_multiplier' => 20,
'base_url' => $path,
'uri_segment' => 'page',
'total_items' => $total_rules,
'items_per_page' => $limit_results,
'style' => 'classic',
'order_by' => $order_by,
'order_by_direction' => $order_by_direction,
'limit_results' => $limit_results,
'filter' => $filter_form
));
if ($this->acl_check_new('Acl_Controller', 'acl'))
{
$grid->add_new_button('acl/add', __('Add new rule'));
}
$grid->order_field('id')
->label(__('ID'));
$grid->order_callback_field('note')
->callback('callback::limited_text');
$grid->order_callback_field('aco_count')
->label(__('ACO count').' '.help::hint('aco_count'))
->callback('callback::aco_count_field')
->class('center');
$grid->order_callback_field('aro_groups_count')
->label(__('ARO groups count').' '.help::hint('aro_groups_count'))
->callback('callback::aro_groups_count_field')
->class('center');
$grid->order_callback_field('axo_count')
->label(__('AXO count').' '.help::hint('axo_count'))
->callback('callback::axo_count_field')
->class('center');
$actions = $grid->grouped_action_field();
$actions->add_action('id')
->icon_action('show')
->url('acl/show');
if ($this->acl_check_edit('Acl_Controller', 'acl'))
{
$actions->add_action('id')
->icon_action('edit')
->url('acl/edit');
}
if ($this->acl_check_delete('Acl_Controller', 'acl'))
{
$actions->add_action('id')
->icon_action('delete')
->url('acl/delete')
->class('delete_link');
}
$grid->datasource($rules);
if ($this->acl_check_view('Aro_groups_Controller', 'aro_group'))
{
$submenu = array();
$submenu[] = html::anchor('acl/show_all', __('Access control rules'));
$submenu[] = html::anchor('aro_groups/show_all', __('Access control groups of users'));
}
else
{
$submenu = NULL;
}
$view = new View('main');
$view->breadcrumbs = __('Access control rules');
$view->title = $headline;
$view->content = new View('show_all');
$this->sections = $submenu;
$view->content->current = 'acl/show_all';
$view->content->headline = $headline;
$view->content->table = $grid;
$view->render(TRUE);
}
/**
* Shows access control rule
*
* @author Michal Kliment
* @param integer $acl_id
*/
public function show ($acl_id = NULL)
{
// check access
if (!$this->acl_check_view('Acl_Controller', 'acl'))
Controller::Error(ACCESS);
// bad parameter
if (!$acl_id || !is_numeric($acl_id))
Controller::warning (PARAMETER);
$acl = new Acl_Model($acl_id);
// record doesn't exist
if (!$acl->id)
Controller::error(RECORD);
/** ACO **/
$acos = $acl->get_acos();
// grid
$aco_grid = new Grid(url_lang::base().'aco', null, array
(
'use_paginator' => false,
'use_selector' => false,
'total_items' => count($acos)
));
$aco_grid->callback_field('value')
->callback('callback::aco_value_field');
$aco_grid->datasource($acos);
/** ARO groups **/
$aro_groups = $acl->get_aro_groups();
// grid
$aro_groups_grid = new Grid(url_lang::base().'aro_groups', null, array
(
'use_paginator' => false,
'use_selector' => false,
'total_items' => count($aro_groups)
));
$aro_groups_grid->field('id')
->label(__('ID'));
$aro_groups_grid->field('name');
$aro_groups_grid->datasource($aro_groups);
/** AXO **/
$axos = $acl->get_axos();
// grid
$axo_grid = new Grid(url_lang::base().'axo', null, array
(
'use_paginator' => false,
'use_selector' => false,
'total_items' => count($axos)
));
$axo_grid->field('id')
->label(__('ID'));
$axo_grid->field('section_value')
->label('Section');
$axo_grid->field('value');
$axo_grid->field('name');
if ($this->acl_check_new('Acl_Controller', 'acl') ||
$this->acl_check_edit('Acl_Controller', 'acl'))
{
$axo_grid->callback_field('name')
->callback('callback::axodoc')
->label('Actions');
}
$axo_grid->datasource($axos);
$headline = __('Show access control rule');
$breadcrumbs = breadcrumbs::add()
->link('acl/show_all', 'Access control rules',
$this->acl_check_view('Acl_Controller', 'acl'))
->text('ID '.$acl->id);
$view = new View('main');
$view->breadcrumbs = $breadcrumbs->html();
$view->title = $headline;
$view->content = new View('access_rights/acl_show');
$view->content->acl = $acl;
$view->content->aco_grid = $aco_grid;
$view->content->aro_groups_grid = $aro_groups_grid;
$view->content->axo_grid = $axo_grid;
$view->render(TRUE);
}
/**
* Adds new access control rule
*
* @author Michal Kliment
*/
public function add ()
{
// check access
if (!$this->acl_check_new('Acl_Controller', 'acl'))
Controller::Error(ACCESS);
$form = new Forge(url::base(TRUE).url::current(TRUE));
$form->textarea('description')
->rules('required')
->style('width:600px');
$form->dropdown('aco[]')
->label('ACO')
->help(help::hint('aco'))
->rules('required')
->options(Aco_Model::get_actions())
->multiple('multiple')
->size(10);
$aro_group_model = new Aro_group_Model();
$arr_aro_groups = $aro_group_model->select_list('id', 'name', 'name');
$form->dropdown('aro_group[]')
->label('ARO groups')
->help(help::hint('aro_groups'))
->rules('required')
->options($arr_aro_groups)
->multiple('multiple')
->size(20);
$axo_model = new Axo_Model();
$arr_axos = $axo_model->select_list('id', 'CONCAT(section_value, \' - \', name)');
$form->dropdown('axo[]')
->label('AXO')
->help(help::hint('axo'))
->rules('required')
->options($arr_axos)
->multiple('multiple')
->size(20);
$form->submit('submit')
->value(__('Add'));
// form is validate
if ($form->validate())
{
$form_data = $form->as_array();
$aco = (isset($_POST["aco"])) ? $_POST["aco"] : array();
$aro_groups = (isset($_POST["aro_group"])) ? $_POST["aro_group"] : array();
$axo = (isset($_POST["axo"])) ? $_POST["axo"] : array();
$axo_model = new Axo_Model();
$axo = $axo_model->get_values_by_ids($axo);

$acl = new Acl_Model();
$acl->note = $form_data['description'];
$acl->save();
$acl->insert_aco($aco);
$acl->insert_aro_groups($aro_groups);
$acl->insert_axo($axo);
status::success('Access control rule has been successfully added.');
url::redirect('acl/show/'.$acl->id);
}
$headline = __('Add access control rule');
$breadcrumbs = breadcrumbs::add()
->link('acl/show_all', 'Access control rules',
$this->acl_check_view('Acl_Controller', 'acl'))
->text('Add new rule');
$view = new View('main');
$view->breadcrumbs = $breadcrumbs->html();
$view->title = $headline;
$view->content = new View('form');
$view->content->form = $form;
$view->content->headline = $headline;
$view->render(TRUE);
}
/**
* Edits access control rule
*
* @author Michal Kliment
* @param integer $acl_id
*/
public function edit ($acl_id = NULL)
{
// check access
if (!$this->acl_check_edit('Acl_Controller', 'acl'))
Controller::Error(ACCESS);
// bad parameter
if (!$acl_id || !is_numeric($acl_id))
Controller::warning (PARAMETER);
$acl = new Acl_Model($acl_id);
// record doesn't exist
if (!$acl->id)
Controller::error(RECORD);
$form = new Forge(url::base(TRUE).url::current(TRUE));
$form->textarea('description')
->value($acl->note)
->rules('required')
->style('width:600px');
$sel_acos = array();
foreach ($acl->get_acos() as $aco)
$sel_acos[] = $aco->value;
$form->dropdown('aco[]')
->label('ACO')
->help(help::hint('aco'))
->rules('required')
->options(Aco_Model::get_actions())
->selected($sel_acos)
->multiple('multiple')
->size(10);
$aro_group_model = new Aro_group_Model();
$arr_aro_groups = $aro_group_model->select_list('id', 'name', 'name');
$sel_aro_groups = array();
foreach ($acl->get_aro_groups() as $aro_group)
$sel_aro_groups[] = $aro_group->id;
$form->dropdown('aro_group[]')
->label('ARO groups')
->help(help::hint('aro_groups'))
->rules('required')
->options($arr_aro_groups)
->selected($sel_aro_groups)
->multiple('multiple')
->size(20);
$axo_model = new Axo_Model();
$arr_axos = $axo_model->select_list('id', 'CONCAT(section_value, \' - \', name)');
$sel_axos = array();
foreach ($acl->get_axos() as $axo)
$sel_axos[] = $axo->id;
$form->dropdown('axo[]')
->label('AXO')
->help(help::hint('axo'))
->rules('required')
->options($arr_axos)
->selected($sel_axos)
->multiple('multiple')
->size(20);
$form->submit('submit')
->value(__('Update'));
// form is validate
if ($form->validate())
{
$form_data = $form->as_array();
$aco = (isset($_POST["aco"])) ? $_POST["aco"] : array();
$aro_groups = (isset($_POST["aro_group"])) ? $_POST["aro_group"] : array();
$axo = (isset($_POST["axo"])) ? $_POST["axo"] : array();
$axo_model = new Axo_Model();
$axo = $axo_model->get_values_by_ids($axo);
$acl->note = $form_data['description'];
$acl->save();
$acl->clean_rule();
$acl->insert_aco($aco);
$acl->insert_aro_groups($aro_groups);
$acl->insert_axo($axo);
status::success('Access control rule has been successfully updated.');
url::redirect('acl/show/'.$acl->id);
}
$headline = __('Edit access control rule');
$breadcrumbs = breadcrumbs::add()
->link('acl/show_all', 'Access control rules',
$this->acl_check_view('Acl_Controller', 'acl'))
->link('acl/show/'.$acl->id, 'ID '.$acl->id,
$this->acl_check_view('Acl_Controller', 'acl'))
->text('Edit');
$view = new View('main');
$view->breadcrumbs = $breadcrumbs->html();
$view->title = $headline;
$view->content = new View('form');
$view->content->form = $form;
$view->content->headline = $headline;
$view->render(TRUE);
}
/**
* Deletes access control rule
*
* @author Michal Kliment
* @param integer $acl_id
*/
public function delete ($acl_id = NULL)
{
// check access
if (!$this->acl_check_delete('Acl_Controller', 'acl'))
Controller::Error(ACCESS);
// bad parameter
if (!$acl_id || !is_numeric($acl_id))
Controller::warning(PARAMETER);
$acl = new Acl_Model($acl_id);
// record doesn't exist
if (!$acl->id)
Controller::error(RECORD);
// clean ACL
$acl->clean_rule();
// successfully deleted
if ($acl->delete())
status::success('Access control rule has been successfully deleted.');
else
status::error('Error - cannot delete access rule.');
url::redirect('acl/show_all');
}
}
(2-2/90)