1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * DISCLAIMER
 16:  *
 17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
 18:  * versions in the future. If you wish to customize Magento for your
 19:  * needs please refer to http://www.magentocommerce.com for more information.
 20:  *
 21:  * @category    Mage
 22:  * @package     Mage_Adminhtml
 23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
 24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 25:  */
 26: 
 27: /**
 28:  * Adminhtml roles controller
 29:  *
 30:  * @category   Mage
 31:  * @package    Mage_Adminhtml
 32:  * @author      Magento Core Team <core@magentocommerce.com>
 33:  */
 34: class Mage_Adminhtml_Permissions_RoleController extends Mage_Adminhtml_Controller_Action
 35: {
 36: 
 37:     /**
 38:      * Preparing layout for output
 39:      *
 40:      * @return Mage_Adminhtml_Permissions_RoleController
 41:      */
 42:     protected function _initAction()
 43:     {
 44:         $this->loadLayout();
 45:         $this->_setActiveMenu('system/acl');
 46:         $this->_addBreadcrumb($this->__('System'), $this->__('System'));
 47:         $this->_addBreadcrumb($this->__('Permissions'), $this->__('Permissions'));
 48:         $this->_addBreadcrumb($this->__('Roles'), $this->__('Roles'));
 49:         return $this;
 50:     }
 51: 
 52:     /**
 53:      * Initialize role model by passed parameter in request
 54:      *
 55:      * @return Mage_Admin_Model_Roles
 56:      */
 57:     protected function _initRole($requestVariable = 'rid')
 58:     {
 59:         $this->_title($this->__('System'))
 60:              ->_title($this->__('Permissions'))
 61:              ->_title($this->__('Roles'));
 62: 
 63:         $role = Mage::getModel('admin/roles')->load($this->getRequest()->getParam($requestVariable));
 64:         // preventing edit of relation role
 65:         if ($role->getId() && $role->getRoleType() != 'G') {
 66:             $role->unsetData($role->getIdFieldName());
 67:         }
 68: 
 69:         Mage::register('current_role', $role);
 70:         return Mage::registry('current_role');
 71:     }
 72: 
 73:     /**
 74:      * Show grid with roles existing in systems
 75:      *
 76:      */
 77:     public function indexAction()
 78:     {
 79:         $this->_title($this->__('System'))
 80:              ->_title($this->__('Permissions'))
 81:              ->_title($this->__('Roles'));
 82: 
 83:         $this->_initAction();
 84: 
 85:         $this->renderLayout();
 86:     }
 87: 
 88:     /**
 89:      * Action for ajax request from grid
 90:      *
 91:      */
 92:     public function roleGridAction()
 93:     {
 94:         $this->loadLayout();
 95:         $this->getResponse()->setBody($this->getLayout()->getBlock('adminhtml.permission.role.grid')->toHtml());
 96:     }
 97: 
 98:     /**
 99:      * Edit role action
100:      *
101:      */
102:     public function editRoleAction()
103:     {
104:         $role = $this->_initRole();
105:         $this->_initAction();
106: 
107:         if ($role->getId()) {
108:             $breadCrumb      = $this->__('Edit Role');
109:             $breadCrumbTitle = $this->__('Edit Role');
110:         } else {
111:             $breadCrumb = $this->__('Add New Role');
112:             $breadCrumbTitle = $this->__('Add New Role');
113:         }
114: 
115:         $this->_title($role->getId() ? $role->getRoleName() : $this->__('New Role'));
116: 
117:         $this->_addBreadcrumb($breadCrumb, $breadCrumbTitle);
118: 
119:         $this->getLayout()->getBlock('head')->setCanLoadExtJs(true);
120: 
121:         $this->_addContent(
122:             $this->getLayout()->createBlock('adminhtml/permissions_buttons')
123:                 ->setRoleId($role->getId())
124:                 ->setRoleInfo($role)
125:                 ->setTemplate('permissions/roleinfo.phtml')
126:         );
127:         $this->_addJs(
128:             $this->getLayout()->createBlock('adminhtml/template')->setTemplate('permissions/role_users_grid_js.phtml')
129:         );
130:         $this->renderLayout();
131:     }
132: 
133:     /**
134:      * Remove role action
135:      *
136:      */
137:     public function deleteAction()
138:     {
139:         $rid = $this->getRequest()->getParam('rid', false);
140: 
141:         $currentUser = Mage::getModel('admin/user')->setId(Mage::getSingleton('admin/session')->getUser()->getId());
142: 
143:         if (in_array($rid, $currentUser->getRoles()) ) {
144:             Mage::getSingleton('adminhtml/session')->addError($this->__('Self-assigned roles cannot be deleted.'));
145:             $this->_redirect('*/*/editrole', array('rid' => $rid));
146:             return;
147:         }
148: 
149:         try {
150:             $role = $this->_initRole()->delete();
151: 
152:             Mage::getSingleton('adminhtml/session')->addSuccess($this->__('The role has been deleted.'));
153:         } catch (Exception $e) {
154:             Mage::getSingleton('adminhtml/session')->addError($this->__('An error occurred while deleting this role.'));
155:         }
156: 
157:         $this->_redirect("*/*/");
158:     }
159: 
160:     /**
161:      * Role form submit action to save or create new role
162:      *
163:      */
164:     public function saveRoleAction()
165:     {
166:         $rid        = $this->getRequest()->getParam('role_id', false);
167:         $resource   = explode(',', $this->getRequest()->getParam('resource', false));
168:         $roleUsers  = $this->getRequest()->getParam('in_role_user', null);
169:         parse_str($roleUsers, $roleUsers);
170:         $roleUsers = array_keys($roleUsers);
171: 
172:         $oldRoleUsers = $this->getRequest()->getParam('in_role_user_old');
173:         parse_str($oldRoleUsers, $oldRoleUsers);
174:         $oldRoleUsers = array_keys($oldRoleUsers);
175: 
176:         $isAll = $this->getRequest()->getParam('all');
177:         if ($isAll)
178:             $resource = array("all");
179: 
180:         $role = $this->_initRole('role_id');
181:         if (!$role->getId() && $rid) {
182:             Mage::getSingleton('adminhtml/session')->addError($this->__('This Role no longer exists.'));
183:             $this->_redirect('*/*/');
184:             return;
185:         }
186: 
187:         try {
188:             $roleName = $this->getRequest()->getParam('rolename', false);
189: 
190:             $role->setName($roleName)
191:                  ->setPid($this->getRequest()->getParam('parent_id', false))
192:                  ->setRoleType('G');
193:             Mage::dispatchEvent(
194:                 'admin_permissions_role_prepare_save',
195:                 array('object' => $role, 'request' => $this->getRequest())
196:             );
197:             $role->save();
198: 
199:             Mage::getModel("admin/rules")
200:                 ->setRoleId($role->getId())
201:                 ->setResources($resource)
202:                 ->saveRel();
203: 
204:             foreach($oldRoleUsers as $oUid) {
205:                 $this->_deleteUserFromRole($oUid, $role->getId());
206:             }
207: 
208:             foreach ($roleUsers as $nRuid) {
209:                 $this->_addUserToRole($nRuid, $role->getId());
210:             }
211: 
212:             $rid = $role->getId();
213:             Mage::getSingleton('adminhtml/session')->addSuccess($this->__('The role has been successfully saved.'));
214:         } catch (Mage_Core_Exception $e) {
215:             Mage::getSingleton('adminhtml/session')->addError($e->getMessage());
216:         } catch (Exception $e) {
217:             Mage::getSingleton('adminhtml/session')->addError($this->__('An error occurred while saving this role.'));
218:         }
219: 
220:         //$this->getResponse()->setRedirect($this->getUrl("*/*/editrole/rid/$rid"));
221:         $this->_redirect('*/*/');
222:         return;
223:     }
224: 
225:     /**
226:      * Action for ajax request from assigned users grid
227:      *
228:      */
229:     public function editrolegridAction()
230:     {
231:         $this->getResponse()->setBody(
232:             $this->getLayout()->createBlock('adminhtml/permissions_role_grid_user')->toHtml()
233:         );
234:     }
235: 
236:     /**
237:      * Remove user from role
238:      *
239:      * @param int $userId
240:      * @param int $roleId
241:      * @return bool
242:      */
243:     protected function _deleteUserFromRole($userId, $roleId)
244:     {
245:         try {
246:             Mage::getModel("admin/user")
247:                 ->setRoleId($roleId)
248:                 ->setUserId($userId)
249:                 ->deleteFromRole();
250:         } catch (Exception $e) {
251:             throw $e;
252:             return false;
253:         }
254:         return true;
255:     }
256: 
257:     /**
258:      * Assign user to role
259:      *
260:      * @param int $userId
261:      * @param int $roleId
262:      * @return bool
263:      */
264:     protected function _addUserToRole($userId, $roleId)
265:     {
266:         $user = Mage::getModel("admin/user")->load($userId);
267:         $user->setRoleId($roleId)->setUserId($userId);
268: 
269:         if( $user->roleUserExists() === true ) {
270:             return false;
271:         } else {
272:             $user->add();
273:             return true;
274:         }
275:     }
276: 
277:     /**
278:      * Acl checking
279:      *
280:      * @return bool
281:      */
282:     protected function _isAllowed()
283:     {
284:         return Mage::getSingleton('admin/session')->isAllowed('system/acl/roles');
285:     }
286: }
287: