summaryrefslogblamecommitdiffstats
path: root/application/modules/user/controllers/RoleController.php
blob: 4a4640fd1083a561fd9c110014bce4c02b35f8f6 (plain) (tree)
1
2
3
4
5
6
7
8
9
10
11
     









                                                                           


                                                        
                                           

                                    
 



                                                                                        
                                                                   
                                                                  
                                                                                       



                                                                                           
                                                                                           
                                


                                                                                                           


                                                                    


                                                                                 
         
 

                                     


                                                  


                                                                                                     
                        
















                                                                                                            


                                         

                                               
                        
















                                                                                                                             
 







                                                                                
 

         
                                       
                                                

                                                  


                                                                               

                                   


                                                  







                                                                                                             
                         





























                                                                                                                                                                                                         

                                                 
                                 

                                                                       
                         

                                                



                                    


                                                  

                                                              


                                                                            

                                     
                                                                  
                               
                        










                                                                                
                                                                                                                                                 
                                
                                                                                                                                                         


                                                                                   
                                                              







                                                                                                    
                                                                               

                                               
                         





                                                                        
                 



                                    


                                                  
                                                              
                                     


                                                                            
                 
                                                            
                             


                                                                         
                                                                                                                
                                                                                                               


                                                                                                         
                                                                                                     



                                                                                      
                                 







                                                                                                                           





                                                                             



                                                                                                 







                                                                                        
                         







                                                               


                                                  
                                                            
                                                              
                                     


                                                                            
                 
                                    












                                                                                            





                                                                                                                                                                     


                                                                               




                                                                                

                                       







                                                               


                                                  
                                                              
                                     


                                                                            
                 
                                    



                                                                                
                                                                                                               


                                                                         
                                                                                                                   





                                                                                                              
                                                         
                                                                     

                                                                                                                                             

                                                                       
                                                 
                                         
                                        




                                                                                                                             


                                                                    
                                                                                                                      
                                                
                                                                                                                              
                                                                                 




                                                                                                                         
 








                                                                                                                                    

                                                                                                              

                                                               
                                         



                                                                                              
                                 
 
                                


                                                                              









                                                               


                                                  




                                                                          



                                                                                                        






                                                                                                    




















                                                                                                            
 







                                                                                                      
                                         
                                 





                                                               



 
<?php
/*
 * Copyright (c) 2011 - OpenSLX GmbH, RZ Uni Freiburg
 * This program is free software distributed under the GPL version 2.
 * See http://gpl.openslx.org/
 *
 * If you have any feedback please consult http://feedback.openslx.org/ and
 * send your suggestions, praise, or complaints to feedback@openslx.org
 *
 * General information about OpenSLX can be found at http://openslx.org/
 */

class User_RoleController extends Zend_Controller_Action
{
	protected $userIDsNamespace = null;
	protected $membership;
	protected $membershipMapper;

	public function init()
	{
		if (Zend_Auth::getInstance()->hasIdentity()) {
			$this->userIDsNamespace = Zend_Session::namespaceGet('userIDs');
			if($this->userIDsNamespace['roleID'] ==''){
				$pbsNotifier = new Pbs_Notifier();
				echo $pbsNotifier->notify('No roleID set','forbidden');
			}
			$this->roleMapper = new Application_Model_RoleMapper();
			$this->rightMapper = new Application_Model_RightMapper();
			$this->rightRolesMapper = new Application_Model_RightRolesMapper();
			$this->membershipMapper = new Application_Model_MembershipMapper();
				
			$userIDsNamespace = Zend_Session::namespaceGet('userIDs');
			$this->membership = new Application_Model_Membership();
			$this->membershipMapper->find($userIDsNamespace['membershipID'],$this->membership);
		} else {
			$this->_helper->redirector('login', 'auth');
		}
		if($this->membership->getGroupID() == ''){
			$this->_helper->redirector('selectmembership', 'person');
		}
	}

	public function indexAction()
	{
		if(!Pbs_Acl::checkRight('ro')) {
			$this->_redirect('/user');
		}
		$this->view->membership = $this->membership;
		$groupID = $this->membership->getGroupID();
		$this->view->roleList = $this->roleMapper->findBy(array('groupID' => $groupID),true);
			
		$roles = array();
		$groupGroupsMapper = new Application_Model_GroupGroupsMapper();
		$parents = $groupGroupsMapper->getParentGroups($groupID);
		$groupMapper = new Application_Model_GroupMapper();
		$roleMapper = new Application_Model_RoleMapper();
		$crawled = array();
		foreach($parents as $p){
			foreach($p as $a){
				if(!in_array($a,$crawled)){
					$crawled[] = $a;
					$group = $groupMapper->find($a);
					if($groupID != $a)
					$r = $roleMapper->findBy(array('groupID' => $a,'inheritance'=>"1"));
					else
					$r = $roleMapper->findBy(array('groupID' => $a));
					foreach($r as $d){
						$roles[$group->getTitle()][] = $d;
					}
				}
			}
		}
		$this->view->roleList = $roles;
			
		// Search
		$search = $this->_request->getParam('search');
		$mySearch = new Pbs_Search();
		$mySearch->setSearchTerm($search);
		$mySearch->setModule('role');
		if($search != ''){
			$this->view->search = $mySearch->getSearchTerm();
			$this->view->roleList = $mySearch->search($this->view->roleList);
		}
		$this->view->searchform = $mySearch->searchForm();

		// Pagination
		$pagination = new Pbs_Pagination();
		$pagination->setPerPage(10);
		$pagination->setElement($this->view->roleList);
		$pagination->setRequestPage($this->_request->getParam('page'));
		$pagination->setPageUrl('/user/role/index'.((isset($this->view->search))?'/search/'.$this->view->search:''));

		$this->view->roleList = $pagination->getElements();
		$this->view->pagination = $pagination->pagination();
		$this->view->page 		= $pagination->getRequestPage();
		$this->view->addRight = Pbs_Acl::checkRight('ra');
		$this->view->editRight = Pbs_Acl::checkRight('re');
		$this->view->deleteRight = Pbs_Acl::checkRight('rd');
		$this->view->detailsRight = Pbs_Acl::checkRight('rdd');
		$this->view->userIDsNamespace = $this->userIDsNamespace;

	}

	public function searchAction(){
		if(!Pbs_Acl::checkRight('ro')) {
			$this->_redirect('/user');
		}
		$this->_redirect('/user/role/index/search/'.($_GET['search']));
	}

	public function addAction()
	{
		if(!Pbs_Acl::checkRight('ra')) {
			$this->_redirect('/user');
		}

		$roleID = $this->userIDsNamespace['roleID'];
		$rights = $this->rightMapper->fetchAll();
		if(count($rights) > 0) {
			$rightCategoryMapper = new Application_Model_RightCategoryMapper();
			foreach($rights as $right) {
				$rightCategory = $rightCategoryMapper->find($right->getRightcategoryID());
				$rightlist[$rightCategory->getTitle()][$right->getID()] = $right->getTitle();
			}
		}
		if (!isset($_POST["add"])){
			$addForm = new user_Form_RoleAdd(array('rightlist' => $rightlist, 'inheritanceright' => Pbs_Acl::checkRight('rir'), 'addrighttoroleright' => Pbs_Acl::checkRight('rar')));
		} else {
			$addForm = new user_Form_RoleAdd(array('rightlist' => $rightlist, 'inheritanceright' => Pbs_Acl::checkRight('rir'), 'addrighttoroleright' => Pbs_Acl::checkRight('rar')),$_POST);
			if ($addForm->isValid($_POST)) {
				$_POST['groupID'] = $this->userIDsNamespace['groupID'];
				$role = new Application_Model_Role($_POST);
				try {
					$this->roleMapper->save($role);
					$db = Zend_Db_Table::getDefaultAdapter();
					$insertedRoleID = $db->lastInsertId();
				} catch(Zend_Exception $e)
				{
					echo "Caught exception: " . get_class($e) . "<br/>";
					echo "Message: " . $e->getMessage() . "<br/>";
					return;
				}
				foreach($_POST['rights'] as $rightID => $bool) {
					if($bool == 1) {
						$rightrole = new Application_Model_RightRoles();
						$rightrole->setRightID($rightID);
						$rightrole->setRoleID($insertedRoleID);
						try {
							$this->rightRolesMapper->save($rightrole);
						} catch(Zend_Exception $e)
						{
							echo "Caught exception: " . get_class($e) . "<br/>";
							echo "Message: " . $e->getMessage() . "<br/>";
							return;
						}
					}
				}
				$this->_helper->redirector('', 'role');
				return;
			}
		}
		$this->view->addForm = $addForm;
	}

	public function editAction()
	{
		if(!Pbs_Acl::checkRight('re')) {
			$this->_redirect('/user');
		}
		$roleID = $this->_request->getParam('roleID');
		if(!isset($roleID)) {
			if(count($this->userIDsNamespace) > 0) {
				$roleID = $this->userIDsNamespace['roleID'];
			}
		}
		if(!isset($roleID)) {
			$this->_helper->redirector('add', 'role');
			return;
		} else {
			$roleMapper = new Application_Model_RoleMapper();
			$role = $roleMapper->find($roleID);
			$roleGroupID = $role->getGroupID();
		}
		if($this->userIDsNamespace['groupID'] == $roleGroupID) {
			if (!isset($_POST["save"])){
				$role = $this->roleMapper->find($roleID);
				$_POST['title'] = $role->getTitle();
				$_POST['description'] = $role->getDescription();
				$_POST['groupID'] = $role->getGroupID();
				$_POST['inheritance'] = $role->getInheritance();
				$editForm = new user_Form_RoleEdit(array('roleID' => $roleID, 'inheritanceright' => Pbs_Acl::checkRight('rir')));
			} else {
				$editForm = new user_Form_RoleEdit(array('roleID' => $roleID, 'inheritanceright' => Pbs_Acl::checkRight('rir')), $_POST);
				if ($editForm->isValid($_POST)) {

					$role = new Application_Model_Role($_POST);
					$role->setID($roleID);
					try {
						$this->roleMapper->save($role);
					} catch(Zend_Exception $e)
					{
						echo "Caught exception: " . get_class($e) . "<br/>";
						echo "Message: " . $e->getMessage() . "<br/>";
						return;
					}
					$this->_helper->redirector('', 'role');
					return;
				}
			}
			$this->view->editForm = $editForm;
		} else {
			$pbsNotifier = new Pbs_Notifier();
			echo $pbsNotifier->notify('modify','forbidden');
			$this->_helper-> viewRenderer-> setNoRender();
			return;
		}
	}

	public function showAction()
	{
		if(!Pbs_Acl::checkRight('rdd')) {
			$this->_redirect('/user');
		}
		$roleID = $this->_request->getParam('roleID');
		if(!isset($roleID)) {
			if(count($this->userIDsNamespace) > 0) {
				$roleID = $this->userIDsNamespace['roleID'];
			}
		}
		$this->view->membership = $this->membership;
		if($roleID) {
			$roleMapper = new Application_Model_RoleMapper();
			$role = $roleMapper->find($roleID);
			$roleGroupID = $role->getGroupID();
			if($this->userIDsNamespace['groupID'] == $roleGroupID || $role->getInheritance() == 1) {
				$rightroles = $this->rightRolesMapper->findBy(array('roleID' => $roleID),true);
				if(count($rightroles) > 0) {
					foreach($rightroles as $rightrole) {
						$right = $this->rightMapper->find($rightrole['rightID']);
						$rightsList[$right->getRightcategoryID()][] = $right;
					}
					if(is_array($rightsList)) {
						$this->view->rightsList = $rightsList;
					}
				}
				$rightCategoryMapper = new Application_Model_RightCategoryMapper();
				$rightCategories = $rightCategoryMapper->fetchAll();
				if(count($rightCategories) > 0) {
					foreach($rightCategories as $rightCategory) {
						$rightcategorieslist[$rightCategory->getID()] = $rightCategory->getTitle();
					}
					$this->view->rightcategorieslist = $rightcategorieslist;
				}
				$rights = $this->rightMapper->fetchAll();
				if(count($rights) == count($rightroles)) {
					$this->view->rightsAvailable = false;
				} else {
					$this->view->rightsAvailable = true;
				}
				$this->view->editRight = Pbs_Acl::checkRight('re');
				$this->view->deleteRight = Pbs_Acl::checkRight('rd');
				$this->view->addRightToRoleRight = Pbs_Acl::checkRight('rar');
				$this->view->removeRightOfRoleRight = Pbs_Acl::checkRight('rrr');
				$this->view->role = $this->roleMapper->find($roleID);
				$this->view->roleID = $roleID;
				$this->view->userIDsNamespace = $this->userIDsNamespace;
			} else {
				$pbsNotifier = new Pbs_Notifier();
				echo $pbsNotifier->notify('view','forbidden');
				$this->_helper-> viewRenderer-> setNoRender();
				return;
			}
		} else {
			$this->_helper->redirector('', 'role');
			return;
		}
	}

	public function deleteAction()
	{
		if(!Pbs_Acl::checkRight('rd')) {
			$this->_redirect('/user');
		}
		$this->_helper->viewRenderer->setNoRender();
		$roleID = $this->_request->getParam('roleID');
		if(!isset($roleID)) {
			if(count($this->userIDsNamespace) > 0) {
				$roleID = $this->userIDsNamespace['roleID'];
			}
		}
		if (isset($roleID)){
			$roleMapper = new Application_Model_RoleMapper();
			$role = $roleMapper->find($roleID);
			$roleGroupID = $role->getGroupID();
			if($this->userIDsNamespace['groupID'] == $roleGroupID) {
				$role = $this->roleMapper->find($roleID);
				try {
					$this->roleMapper->delete($role);
				} catch(Zend_Exception $e)
				{
					echo "Caught exception: " . get_class($e) . "<br/>";
					echo "Message: " . $e->getMessage() . "<br/>";
					return;
				}
				if($_SERVER['HTTP_REFERER']) {
					if(strpos($_SERVER['HTTP_REFERER'], '/user/role/show') !== false && strpos($_SERVER['HTTP_REFERER'], '/roleID/') === false) {
						$this->_helper->redirector('changemembership', 'person');
					} else {
						$this->_helper->redirector('', 'role');
					}
				} else {
					$this->_helper->redirector('', 'role');
				}
				return;
			} else {
				$pbsNotifier = new Pbs_Notifier();
				echo $pbsNotifier->notify('delete','forbidden');
				$this->_helper-> viewRenderer-> setNoRender();
				return;
			}
		} else {
			$this->_helper->redirector('', 'role');
			return;
		}
	}

	public function linkrightAction()
	{
		if(!Pbs_Acl::checkRight('rar')) {
			$this->_redirect('/user');
		}
		$roleID = $this->_request->getParam('roleID');
		if(!isset($roleID)) {
			if(count($this->userIDsNamespace) > 0) {
				$roleID = $this->userIDsNamespace['roleID'];
			}
		}
		if(isset($roleID)) {
			$roleMapper = new Application_Model_RoleMapper();
			$role = $roleMapper->find($roleID);
			$roleGroupID = $role->getGroupID();
			if($this->userIDsNamespace['groupID'] == $roleGroupID) {
				$rightroles = $this->rightRolesMapper->findBy(array('roleID' => $roleID),true);
				$rights = $this->rightMapper->fetchAll();
				if(count($rightroles) > 0) {
					if(count($rights) > 0) {
						$rightCategoryMapper = new Application_Model_RightCategoryMapper();
						foreach($rights as $right) {
							foreach($rightroles as $rightrole) {
								if($right->getID() == $rightrole['rightID']) {
									$found = true;
									break;
								}
							}
							if(!$found) {
								$rightCategory = $rightCategoryMapper->find($right->getRightcategoryID());
								$rightlist[$rightCategory->getTitle()][$right->getID()] = $right->getTitle();
							}
							$found = false;
						}
					}
				} else {
					$rightCategoryMapper = new Application_Model_RightCategoryMapper();
					foreach($rights as $right) {
						$rightCategory = $rightCategoryMapper->find($right->getRightcategoryID());
						$rightlist[$rightCategory->getTitle()][$right->getID()] = $right->getTitle();
					}
				}
				if(count($rightlist) > 0) {
					if (!isset($_POST["link"])){
						$linkForm = new user_Form_LinkRight(array('rightlist' => $rightlist));
					} else {
						$linkForm = new user_Form_LinkRight(array('rightlist' => $rightlist, $_POST));
						if ($linkForm->isValid($_POST)) {
							foreach($_POST['rights'] as $rightID => $bool) {
								if($bool == 1) {
									$rightroles = new Application_Model_RightRoles();
									$rightroles->setRightID($rightID);
									$rightroles->setRoleID($roleID);

									try {
										$this->rightRolesMapper->save($rightroles);
									} catch(Zend_Exception $e)
									{
										echo "Caught exception: " . get_class($e) . "<br/>";
										echo "Message: " . $e->getMessage() . "<br/>";
										return;
									}
								}
							}
							$this->_redirect('/user/role/show/roleID/' . $roleID);
							return;
						}
					}
					$this->view->linkForm = $linkForm;
				} else {
					$this->_redirect('/user/role/show/roleID/' . $roleID);
					return;
				}

			} else {
				$pbsNotifier = new Pbs_Notifier();
				echo $pbsNotifier->notify('link','forbidden');
				$this->_helper-> viewRenderer-> setNoRender();
				return;
			}
		} else {
			$this->_helper->redirector('', 'role');
			return;
		}
	}

	public function unlinkrightAction()
	{
		if(!Pbs_Acl::checkRight('rrr')) {
			$this->_redirect('/user');
		}
		$this->_helper-> viewRenderer-> setNoRender();
		$rightRolesID = $this->_request->getParam('rightrolesID');
		if(isset($rightRolesID)) {
			$rightRolesID = explode('-',$rightRolesID);
			$roleID = $rightRolesID[0];
			if($rightRolesID[1] == 'all') {
				$rightRolesMapper = new Application_Model_RightRolesMapper();
				$rightroleslist = $rightRolesMapper->findBy(array('roleID' => $roleID));
				foreach($rightroleslist as $rightroles) {
					try {
						$this->rightRolesMapper->delete($rightroles);
					} catch(Zend_Exception $e)
					{
						echo "Caught exception: " . get_class($e) . "<br/>";
						echo "Message: " . $e->getMessage() . "<br/>";
						return;
					}
				}
				$this->_redirect('/user/role/show/roleID/' . $roleID);
				return;
			} else {
				$rightID = $rightRolesID[1];
				if (isset($roleID) && isset($rightID)){
					$roleMapper = new Application_Model_RoleMapper();
					$role = $roleMapper->find($roleID);
					$roleGroupID = $role->getGroupID();
					if($this->userIDsNamespace['groupID'] == $roleGroupID) {
						$rightroles = new Application_Model_RightRoles();
						$rightroles->setRoleID($roleID);
						$rightroles->setRightID($rightID);
						try {
							$this->rightRolesMapper->delete($rightroles);
						} catch(Zend_Exception $e)
						{
							echo "Caught exception: " . get_class($e) . "<br/>";
							echo "Message: " . $e->getMessage() . "<br/>";
							return;

						}
						$this->_redirect('/user/role/show/roleID/' . $roleID);
						return;
					} else {
						$pbsNotifier = new Pbs_Notifier();
						echo $pbsNotifier->notify('unlink','forbidden');
						$this->_helper-> viewRenderer-> setNoRender();
						return;
					}
				}
			}
		} else {
			$this->_helper->redirector('', 'role');
			return;
		}
	}


}