1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * DISCLAIMER
 16:  *
 17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
 18:  * versions in the future. If you wish to customize Magento for your
 19:  * needs please refer to http://www.magentocommerce.com for more information.
 20:  *
 21:  * @category    Mage
 22:  * @package     Mage_Adminhtml
 23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
 24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 25:  */
 26: 
 27: /**
 28:  * Adminhtml roles controller
 29:  *
 30:  * @category   Mage
 31:  * @package    Mage_Adminhtml
 32:  * @author      Magento Core Team <core@magentocommerce.com>
 33:  */
 34: class Mage_Adminhtml_Api_RoleController extends Mage_Adminhtml_Controller_Action
 35: {
 36: 
 37:     protected function _initAction()
 38:     {
 39:         $this->loadLayout();
 40:         $this->_setActiveMenu('system/services/roles');
 41:         $this->_addBreadcrumb($this->__('Web services'), $this->__('Web services'));
 42:         $this->_addBreadcrumb($this->__('Permissions'), $this->__('Permissions'));
 43:         $this->_addBreadcrumb($this->__('Roles'), $this->__('Roles'));
 44:         return $this;
 45:     }
 46: 
 47:     public function indexAction()
 48:     {
 49:         $this->_title($this->__('System'))
 50:              ->_title($this->__('Web Services'))
 51:              ->_title($this->__('Roles'));
 52: 
 53:         $this->_initAction();
 54: 
 55:         $this->_addContent($this->getLayout()->createBlock('adminhtml/api_roles'));
 56: 
 57:         $this->renderLayout();
 58:     }
 59: 
 60:     public function roleGridAction()
 61:     {
 62:         $this->getResponse()
 63:             ->setBody($this->getLayout()
 64:             ->createBlock('adminhtml/api_grid_role')
 65:             ->toHtml()
 66:         );
 67:     }
 68: 
 69:     public function editRoleAction()
 70:     {
 71:         $this->_title($this->__('System'))
 72:              ->_title($this->__('Web Services'))
 73:              ->_title($this->__('Roles'));
 74: 
 75:         $this->_initAction();
 76: 
 77:         $roleId = $this->getRequest()->getParam('rid');
 78:         if( intval($roleId) > 0 ) {
 79:             $breadCrumb = $this->__('Edit Role');
 80:             $breadCrumbTitle = $this->__('Edit Role');
 81:             $this->_title($this->__('Edit Role'));
 82:         } else {
 83:             $breadCrumb = $this->__('Add New Role');
 84:             $breadCrumbTitle = $this->__('Add New Role');
 85:             $this->_title($this->__('New Role'));
 86:         }
 87:         $this->_addBreadcrumb($breadCrumb, $breadCrumbTitle);
 88: 
 89:         $this->getLayout()->getBlock('head')->setCanLoadExtJs(true);
 90: 
 91:         $this->_addLeft(
 92:             $this->getLayout()->createBlock('adminhtml/api_editroles')
 93:         );
 94:         $resources = Mage::getModel('api/roles')->getResourcesList();
 95:         $this->_addContent(
 96:             $this->getLayout()->createBlock('adminhtml/api_buttons')
 97:                 ->setRoleId($roleId)
 98:                 ->setRoleInfo(Mage::getModel('api/roles')->load($roleId))
 99:                 ->setTemplate('api/roleinfo.phtml')
100:         );
101:         $this->_addJs($this->getLayout()->createBlock('adminhtml/template')->setTemplate('api/role_users_grid_js.phtml'));
102:         $this->renderLayout();
103:     }
104: 
105:     public function deleteAction()
106:     {
107:         $rid = $this->getRequest()->getParam('rid', false);
108: 
109:         try {
110:             Mage::getModel("api/roles")->load($rid)->delete();
111:             Mage::getSingleton('adminhtml/session')->addSuccess($this->__('The role has been deleted.'));
112:         } catch (Exception $e) {
113:             Mage::getSingleton('adminhtml/session')->addError($this->__('An error occurred while deleting this role.'));
114:         }
115: 
116:         $this->_redirect("*/*/");
117:     }
118: 
119:     public function saveRoleAction()
120:     {
121: 
122:         $rid        = $this->getRequest()->getParam('role_id', false);
123:         $role = Mage::getModel('api/roles')->load($rid);
124:         if (!$role->getId() && $rid) {
125:             Mage::getSingleton('adminhtml/session')->addError($this->__('This Role no longer exists'));
126:             $this->_redirect('*/*/');
127:             return;
128:         }
129: 
130:         $resource   = explode(',', $this->getRequest()->getParam('resource', false));
131:         $roleUsers  = $this->getRequest()->getParam('in_role_user', null);
132:         parse_str($roleUsers, $roleUsers);
133:         $roleUsers = array_keys($roleUsers);
134: 
135:         $oldRoleUsers = $this->getRequest()->getParam('in_role_user_old');
136:         parse_str($oldRoleUsers, $oldRoleUsers);
137:         $oldRoleUsers = array_keys($oldRoleUsers);
138: 
139:         $isAll = $this->getRequest()->getParam('all');
140:         if ($isAll) {
141:             $resource = array("all");
142:         }
143: 
144:         try {
145:             $role = $role
146:                     ->setName($this->getRequest()->getParam('rolename', false))
147:                     ->setPid($this->getRequest()->getParam('parent_id', false))
148:                     ->setRoleType('G')
149:                     ->save();
150: 
151:             Mage::getModel("api/rules")
152:                 ->setRoleId($role->getId())
153:                 ->setResources($resource)
154:                 ->saveRel();
155: 
156:             foreach($oldRoleUsers as $oUid) {
157:                 $this->_deleteUserFromRole($oUid, $role->getId());
158:             }
159: 
160:             foreach ($roleUsers as $nRuid) {
161:                 $this->_addUserToRole($nRuid, $role->getId());
162:             }
163: 
164:             $rid = $role->getId();
165:             Mage::getSingleton('adminhtml/session')->addSuccess($this->__('The role has been saved.'));
166:         } catch (Exception $e) {
167:             Mage::getSingleton('adminhtml/session')->addError($this->__('An error occurred while saving this role.'));
168:         }
169: 
170:         //$this->getResponse()->setRedirect($this->getUrl("*/*/editrole/rid/$rid"));
171:         $this->_redirect('*/*/editrole', array('rid' => $rid));
172:         return;
173:     }
174: 
175:     public function editrolegridAction()
176:     {
177:         $this->getResponse()->setBody($this->getLayout()->createBlock('adminhtml/api_role_grid_user')->toHtml());
178:     }
179: 
180:     protected function _deleteUserFromRole($userId, $roleId)
181:     {
182:         try {
183:             Mage::getModel("api/user")
184:                 ->setRoleId($roleId)
185:                 ->setUserId($userId)
186:                 ->deleteFromRole();
187:         } catch (Exception $e) {
188:             throw $e;
189:             return false;
190:         }
191:         return true;
192:     }
193: 
194:     protected function _addUserToRole($userId, $roleId)
195:     {
196:         $user = Mage::getModel("api/user")->load($userId);
197:         $user->setRoleId($roleId)->setUserId($userId);
198: 
199:         if( $user->roleUserExists() === true ) {
200:             return false;
201:         } else {
202:             $user->add();
203:             return true;
204:         }
205:     }
206: 
207:     protected function _isAllowed()
208:     {
209:         return Mage::getSingleton('admin/session')->isAllowed('system/api/roles');
210:     }
211: }
212: