Location: PHPKode > projects > BackendPro > modules/auth/controllers/admin/acl_permissions.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
 * BackendPro
 *
 * An open source development control panel written in PHP
 *
 * @package		BackendPro
 * @author		Adam Price
 * @copyright	Copyright (c) 2008, Adam Price
 * @license		http://www.gnu.org/licenses/lgpl.html
 * @link		http://www.kaydoo.co.uk/projects/backendpro
 * @filesource
 */

// ------------------------------------------------------------------------

/**
 * ACL Permissions
 *
 * Provide the ability to manage ACL permissions
 *
 * @package  	BackendPro
 * @subpackage  Controllers
 */
class Acl_permissions extends Admin_Controller
{
	function Acl_permissions()
	{
		parent::Admin_Controller();

		// Load files
		$this->lang->load('access_control');
		$this->load->model('access_control_model');
		$this->load->helper('form');

		// Set breadcrumb
		$this->bep_site->set_crumb($this->lang->line('backendpro_access_control'),'auth/admin/access_control');
		$this->bep_site->set_crumb($this->lang->line('access_permissions'),'auth/admin/acl_permissions');

		// Check for access permission
		check('Permissions');

		log_message('debug','BackendPro : Acl_permissions class loaded');
	}

	/**
	 * View Permissions
	 *
	 * @access public
	 * @return void
	 */
	function index()
	{
		// Display Page
		$data['header'] = $this->lang->line('access_permissions');
		$data['page'] = $this->config->item('backendpro_template_admin') . "access_control/permissions";
		$data['module'] = 'auth';
		$this->load->view($this->_container,$data);
	}

	/**
	 * Permission Form
	 *
	 * @access public
	 * @param integer $id Permission ID
	 */
	function form($id = NULL)
	{
		$this->load->library('validation');

		// Load the JS file needed
		$this->bep_assets->load_asset('bep_access_control');

		// Set action defauts since this is needed for both CREATE & MODIFY
		$query = $this->access_control_model->fetch('axos');
		foreach($query->result() as $action)
		{
			$this->validation->set_default_value('allow_'.$action->id,'N');
		}

		if( is_null($id))
		{
			// CREATE PERMISSION
			$data['header'] = $this->lang->line('access_create_permission');

			// Set form defaults
			$this->validation->set_default_value('allow','N');
			$this->validation->set_default_value('id','');
		}
		else
		{
			// MODIFY PERMISSION
			$data['header'] = $this->lang->line('access_edit_permission');

			// Fetch form data
			$this->validation->set_default_value('id',$id);
			$result = $this->access_control_model->getPermissions(NULL,array('acl.id'=>$id));
			$row = $result[$id];

			$this->validation->set_default_value('aro',$row['aro']);
			$this->validation->set_default_value('aco',$row['aco']);
			$this->validation->set_default_value('allow',($row['allow']?'Y':'N'));

			if( isset($row['actions']))
			{
				foreach($row['actions'] as $action)
				{
					$this->validation->set_default_value('action_'.$action['id'],$action['axo']);
					$this->validation->set_default_value('allow_'.$action['id'],($action['allow']?'Y':'N'));
				}
			}
		}

		// Display Page
		$this->bep_site->set_crumb($data['header'],'auth/admin/acl_permissions/form/'.$id);
		$data['page'] = $this->config->item('backendpro_template_admin') . "access_control/form_permission";
		$data['module'] = 'auth';
		$this->load->view($this->_container,$data);
	}

	/**
	 * Save Permission
	 *
	 * @access public
	 * @return void
	 */
	function save()
	{
		// Get values from form
		$id = $this->input->post('id');
		$allow = $this->input->post('allow');

		// INFO: This is a bit of a dirty fix for bug #20 there must be a better way
		if($id != NULL)
		{
			// Form has been submited, so we need to fetch the
			// aro and aco values from the database
			$result = $this->access_control_model->getPermissions(NULL,array('acl.id'=>$id));
			$row = $result[$id];

			$_POST['aro'] = $row['aro'];
			$_POST['aco'] = $row['aco'];
		}

		$aro = $this->input->post('aro');
		$aco = $this->input->post('aco');

		$this->load->library('khacl');

		$this->db->trans_begin();

		// Remove old actions if modifying
		if($id != NULL)
		{
			$this->access_control_model->delete('access_actions',array('access_id'=>$id));
		}

		// First we will process the actions
		foreach($_POST as $key=>$value)
		{
			if(substr($key,0,7) == 'action_')
			{
				$key = substr($key,strpos($key,"_")+1);
				switch($this->input->post('allow_'.$key))
				{
					case 'Y':$this->khacl->allow($aro,$aco,$this->input->post('action_'.$key));break;
					case 'N':$this->khacl->deny($aro,$aco,$this->input->post('action_'.$key));break;
				}
			}
		}

		// Now process the main permission
		switch($allow)
		{
			case 'Y':$this->khacl->allow($aro,$aco);break;
			case 'N':$this->khacl->deny($aro,$aco);break;
		}

		// Did everything go OK?
		if($this->db->trans_status() === TRUE)
		{
			// Yup all good
			$this->db->trans_commit();
			if($id == '')
			{
				flashMsg('success',$this->lang->line('access_permission_created'));
			}
			else
			{
				flashMsg('success',$this->lang->line('access_permission_saved'));
			}
		}
		else
		{
			// Something went wrong
			$this->db->trans_rollback();
			if($id == '')
			{
				flashMsg('error',sprintf($this->lang->line('backendpro_action_failed'),$this->lang->line('access_create_permission')));
			}
			else
			{
				flashMsg('error',sprintf($this->lang->line('backendpro_action_failed'),$this->lang->line('access_edit_permission')));
			}
		}
		redirect('auth/admin/acl_permissions','location');
	}

	/**
	 * Delete Permissions
	 *
	 * @access public
	 * @return void
	 */
	function delete()
	{
		if(FALSE === ($permissions = $this->input->post('select')))
		{
			redirect('auth/admin/acl_permissions','location');
		}

		foreach($permissions as $permission)
		{
			$this->access_control_model->delete('access',array('id'=>$permission));
		}
		flashMsg('success',$this->lang->line('access_permissions_deleted'));
		redirect('auth/admin/acl_permissions','location');
	}

	/**
	 * View Permissions in Advanced Mode
	 *
	 * Displays a way so a user can select a group and it shows exactly
	 * what resources that group has access to
	 *
	 * @access public
	 * @return void
	 */
	function show()
	{
		// INFO: This line has been added to solve "Fatal error: Call to a member function on a non-object in C:\xampp\htdocs\BackendPro\modules\auth\models\access_control_model.php on line 320" being thrown on advanced permission page
		$this->load->library('validation');

		// Load required JS
		$this->bep_assets->load_asset('bep_access_control');

		// Display Page
		$this->bep_site->set_crumb($this->lang->line('access_advanced_permissions'),'auth/admin/acl_permissions/show');
		$data['header'] = $this->lang->line('access_advanced_permissions');
		$data['page'] = $this->config->item('backendpro_template_admin') . "access_control/view_advanced_permissions";
		$data['module'] = 'auth';
		$this->load->view($this->_container,$data);
	}

	/**
	 * Ajax Function to fetch resources
	 *
	 * @access public
	 * @param string $group Fetch resource access rights for this group
	 * @return void
	 */
	function ajax_fetch_resources($group)
	{
		$this->load->model('access_control_model');
		$this->load->library('khacl');

		$obj = $this->access_control_model->resource;
		$tree = $obj->getTreePreorder($obj->getRoot());
		$lvl = 0;
		while($obj->getTreeNext($tree))
		{
			// Nest the tree
			$newLvl = $obj->getTreeLevel($tree);
			if ($lvl > $newLvl)
			{
				// Just gone up some levels
				for($i=0;$i<$lvl-$newLvl;$i++)
				{
					print "</ul></li>";
				}
			}
			$lvl = $newLvl;

			$allow = $this->khacl->check($group,$tree['row']['name']);

			print '<li id="'.$tree['row']['name'].'"><span ';
			print ($allow) ? 'class="icon_tick">' : 'class="icon_cross">';
			print $tree['row']['name'];
			print '</span>';

			if($obj->checkNodeHasChildren($tree['row']))
			{
				print "<ul>";
			}
			else
			{
				print "</li>";
			}
		}
	}

	/**
	 * Ajax Function to fetch a groups resources
	 *
	 * @access public
	 * @param string $group Fetch actions for this group
	 * @param string $resource Fetch actions for this resource
	 * @return void
	 */
	function ajax_fetch_actions($group,$resource)
	{
		// INFO: This line was added to stop the error Fatal error: Call to a member function on a non-object in C:\xampp\htdocs\BackendPro\modules\auth\controllers\admin\acl_permissions.php on line 274 being thrown on advanced permission page
		$this->load->library('khacl');
		$query = $this->access_control_model->fetch('axos');
		foreach($query->result() as $result)
		{
			$allow = $this->khacl->check($group,$resource,$result->name);
			print '<div class="access_action_box"><span ';
			print ($allow) ? 'class="icon_tick">' : 'class="icon_cross">';
			print $result->name;
			print '</span></div>';
		}
	}
}

/* End of file acl_permissions.php */
/* Location : ./system/application/controllers/admin/acl_permissions.php */
Return current item: BackendPro