PageRenderTime 40ms CodeModel.GetById 12ms RepoModel.GetById 0ms app.codeStats 1ms

/baser/controllers/permissions_controller.php

https://github.com/hashing/basercms
PHP | 500 lines | 257 code | 52 blank | 191 comment | 44 complexity | 2011f78dab5170563d5c9031168b8ee3 MD5 | raw file
Possible License(s): MIT
  1. <?php
  2. /* SVN FILE: $Id$ */
  3. /**
  4. * アクセス制限設定コントローラー
  5. *
  6. * PHP versions 5
  7. *
  8. * baserCMS : Based Website Development Project <http://basercms.net>
  9. * Copyright 2008 - 2012, baserCMS Users Community <http://sites.google.com/site/baserusers/>
  10. *
  11. * @copyright Copyright 2008 - 2012, baserCMS Users Community
  12. * @link http://basercms.net baserCMS Project
  13. * @package baser.controllers
  14. * @since baserCMS v 0.1.0
  15. * @version $Revision$
  16. * @modifiedby $LastChangedBy$
  17. * @lastmodified $Date$
  18. * @license http://basercms.net/license/index.html
  19. */
  20. /**
  21. * アクセス制限設定コントローラー
  22. *
  23. * @package baser.controllers
  24. */
  25. class PermissionsController extends AppController {
  26. /**
  27. * クラス名
  28. *
  29. * @var string
  30. * @access public
  31. */
  32. var $name = 'Permissions';
  33. /**
  34. * モデル
  35. *
  36. * @var array
  37. * @access public
  38. */
  39. var $uses = array('Permission');
  40. /**
  41. * コンポーネント
  42. *
  43. * @var array
  44. * @access public
  45. */
  46. var $components = array('BcAuth','Cookie','BcAuthConfigure');
  47. /**
  48. * ヘルパ
  49. *
  50. * @var array
  51. * @access public
  52. */
  53. var $helpers = array(BC_TIME_HELPER, BC_FREEZE_HELPER);
  54. /**
  55. * サブメニューエレメント
  56. *
  57. * @var array
  58. * @access public
  59. */
  60. var $subMenuElements = array('site_configs', 'users','user_groups','permissions');
  61. /**
  62. * ぱんくずナビ
  63. *
  64. * @var array
  65. * @access public
  66. */
  67. var $crumbs = array(
  68. array('name' => 'ユーザー管理', 'url' => array('controller' => 'users', 'action' => 'index')),
  69. array('name' => 'ユーザーグループ管理', 'url' => array('controller' => 'user_groups', 'action' => 'index')),
  70. array('name' => 'アクセス制限設定管理', 'url' => array('controller' => 'permissions', 'action' => 'index'))
  71. );
  72. /**
  73. * beforeFilter
  74. *
  75. * @return oid
  76. * @access public
  77. */
  78. function beforeFilter () {
  79. parent::beforeFilter();
  80. if($this->params['prefix']=='admin'){
  81. $this->set('usePermission',true);
  82. }
  83. }
  84. /**
  85. * アクセス制限設定の一覧を表示する
  86. *
  87. * @return void
  88. * @access public
  89. */
  90. function admin_index($userGroupId=null) {
  91. /* セッション処理 */
  92. if(!$userGroupId) {
  93. $this->Session->setFlash('無効な処理です。');
  94. $this->redirect(array('controller' => 'user_groups', 'action' => 'index'));
  95. }
  96. $default = array('named' => array('sortmode' => 0));
  97. $this->setViewConditions('Permission', array('default' => $default));
  98. $conditions = $this->_createAdminIndexConditions($userGroupId);
  99. $datas = $this->Permission->find('all', array('conditions' => $conditions, 'order'=>'Permission.sort'));
  100. if($datas) {
  101. foreach($datas as $key => $data) {
  102. $datas[$key]['Permission']['url'] = preg_replace('/^\/admin\//', '/'.Configure::read('Routing.admin').'/', $data['Permission']['url']);
  103. }
  104. }
  105. $this->set('datas',$datas);
  106. $this->_setAdminIndexViewData();
  107. if($this->RequestHandler->isAjax() || !empty($this->params['url']['ajax'])) {
  108. $this->render('ajax_index');
  109. return;
  110. }
  111. $userGroupName = $this->Permission->UserGroup->field('title', array('UserGroup.id' => $userGroupId));
  112. $this->pageTitle = '['.$userGroupName.'] アクセス制限設定一覧';
  113. $this->help = 'permissions_index';
  114. }
  115. /**
  116. * 一覧の表示用データをセットする
  117. *
  118. * @return void
  119. * @access protected
  120. */
  121. function _setAdminIndexViewData() {
  122. $this->set('sortmode', $this->passedArgs['sortmode']);
  123. }
  124. /**
  125. * [ADMIN] 登録処理
  126. *
  127. * @return void
  128. * @access public
  129. */
  130. function admin_add($userGroupId) {
  131. $userGroup = $this->Permission->UserGroup->find('first',array('conditions'=>array('UserGroup.id' => $userGroupId),
  132. 'fields' => array('id', 'title'),
  133. 'order'=>'UserGroup.id ASC','recursive'=>-1));
  134. if(!$this->data) {
  135. $this->data = $this->Permission->getDefaultValue();
  136. $this->data['Permission']['user_group_id'] = $userGroupId;
  137. $authPrefix = $this->Permission->UserGroup->getAuthPrefix($userGroupId);
  138. }else {
  139. /* 登録処理 */
  140. if(isset($this->data['Permission']['user_group_id'])){
  141. $userGroupId = $this->data['Permission']['user_group_id'];
  142. }else{
  143. $userGroupId = null;
  144. }
  145. $authPrefix = $this->Permission->UserGroup->getAuthPrefix($userGroupId);
  146. $this->data['Permission']['url'] = '/'.$authPrefix.'/'.$this->data['Permission']['url'];
  147. $this->data['Permission']['no'] = $this->Permission->getMax('no',array('user_group_id'=>$userGroupId))+1;
  148. $this->data['Permission']['sort'] = $this->Permission->getMax('sort',array('user_group_id'=>$userGroupId))+1;
  149. $this->Permission->create($this->data);
  150. if($this->Permission->save()) {
  151. $message = '新規アクセス制限設定「'.$this->data['Permission']['name'].'」を追加しました。';
  152. $this->Session->setFlash($message);
  153. $this->Permission->saveDbLog($message);
  154. $this->redirect(array('action' => 'index', $userGroupId));
  155. }else {
  156. $this->data['Permission']['url'] = preg_replace('/^\/'.$authPrefix.'\//', '', $this->data['Permission']['url']);
  157. $this->Session->setFlash('入力エラーです。内容を修正してください。');
  158. }
  159. }
  160. /* 表示設定 */
  161. if($authPrefix == 'admin') {
  162. $authPrefix = Configure::read('Routing.admin');
  163. }
  164. $this->pageTitle = '['.$userGroup['UserGroup']['title'].'] 新規アクセス制限設定登録';
  165. $this->set('authPrefix', $authPrefix);
  166. $this->help = 'permissions_form';
  167. $this->render('form');
  168. }
  169. /**
  170. * [ADMIN] 登録処理
  171. *
  172. * @return void
  173. * @access public
  174. */
  175. function admin_ajax_add() {
  176. if($this->data) {
  177. $authPrefix = $this->Permission->UserGroup->getAuthPrefix($this->data['Permission']['user_group_id']);
  178. $this->data['Permission']['url'] = '/'.$authPrefix.'/'.$this->data['Permission']['url'];
  179. $this->data['Permission']['no'] = $this->Permission->getMax('no',array('user_group_id'=>$this->data['Permission']['user_group_id']))+1;
  180. $this->data['Permission']['sort'] = $this->Permission->getMax('sort',array('user_group_id'=>$this->data['Permission']['user_group_id']))+1;
  181. $this->data['Permission']['status'] = true;
  182. $this->Permission->create($this->data);
  183. if($this->Permission->save()) {
  184. $this->Permission->saveDbLog('新規アクセス制限設定「'.$this->data['Permission']['name'].'」を追加しました。');
  185. exit(true);
  186. } else {
  187. $this->ajaxError(500, $this->Page->validationErrors);
  188. }
  189. } else {
  190. $this->ajaxError(500, '無効な処理です。');
  191. }
  192. exit();
  193. }
  194. /**
  195. * [ADMIN] 編集処理
  196. *
  197. * @param int $id
  198. * @return void
  199. * @access public
  200. */
  201. function admin_edit($userGroupId, $id) {
  202. /* 除外処理 */
  203. if(!$userGroupId || !$id) {
  204. $this->Session->setFlash('無効なIDです。');
  205. $this->redirect(array('action' => 'index'));
  206. }
  207. $userGroup = $this->Permission->UserGroup->find('first',array('conditions'=>array('UserGroup.id' => $userGroupId),
  208. 'fields' => array('id', 'title'),
  209. 'order'=>'UserGroup.id ASC','recursive'=>-1));
  210. $authPrefix = $this->Permission->getAuthPrefix($id);
  211. if(empty($this->data)) {
  212. $this->data = $this->Permission->read(null, $id);
  213. $this->data['Permission']['url'] = preg_replace('/^\/'.$authPrefix.'\//', '', $this->data['Permission']['url']);
  214. }else {
  215. /* 更新処理 */
  216. $this->data['Permission']['url'] = '/'.$authPrefix.'/'.$this->data['Permission']['url'];
  217. if($this->Permission->save($this->data)) {
  218. $message = 'アクセス制限設定「'.$this->data['Permission']['name'].'」を更新しました。';
  219. $this->Session->setFlash($message);
  220. $this->Permission->saveDbLog($message);
  221. $this->redirect(array('action' => 'index', $userGroupId));
  222. }else {
  223. $this->data['Permission']['url'] = preg_replace('/^\/'.$authPrefix.'\//', '', $this->data['Permission']['url']);
  224. $this->Session->setFlash('入力エラーです。内容を修正してください。');
  225. }
  226. }
  227. /* 表示設定 */
  228. if($authPrefix == 'admin') {
  229. $authPrefix = Configure::read('Routing.admin');
  230. }
  231. $this->pageTitle = '['.$userGroup['UserGroup']['title'].'] アクセス制限設定編集:'.$this->data['Permission']['name'];
  232. $this->set('authPrefix', $authPrefix);
  233. $this->help = 'permissions_form';
  234. $this->render('form');
  235. }
  236. /**
  237. * [ADMIN] 削除処理 (ajax)
  238. *
  239. * @param int $id
  240. * @return void
  241. * @access public
  242. */
  243. function _batch_del($ids) {
  244. if($ids) {
  245. foreach($ids as $id) {
  246. // メッセージ用にデータを取得
  247. $post = $this->Permission->read(null, $id);
  248. /* 削除処理 */
  249. if($this->Permission->del($id)) {
  250. $message = 'アクセス制限設定「'.$post['Permission']['name'].'」 を削除しました。';
  251. }
  252. }
  253. }
  254. return true;
  255. }
  256. /**
  257. * [ADMIN] 削除処理 (ajax)
  258. *
  259. * @param int $id
  260. * @return void
  261. * @access public
  262. */
  263. function admin_ajax_delete($id = null) {
  264. /* 除外処理 */
  265. if(!$id) {
  266. $this->ajaxError(500, '無効な処理です。');
  267. }
  268. // メッセージ用にデータを取得
  269. $post = $this->Permission->read(null, $id);
  270. /* 削除処理 */
  271. if($this->Permission->del($id)) {
  272. $message = 'アクセス制限設定「'.$post['Permission']['name'].'」 を削除しました。';
  273. exit(true);
  274. }
  275. exit();
  276. }
  277. /**
  278. * [ADMIN] 削除処理
  279. *
  280. * @param int $id
  281. * @return void
  282. * @access public
  283. */
  284. function admin_delete($userGroupId, $id = null) {
  285. /* 除外処理 */
  286. if(!$id) {
  287. $this->Session->setFlash('無効なIDです。');
  288. $this->redirect(array('action' => 'index'));
  289. }
  290. // メッセージ用にデータを取得
  291. $post = $this->Permission->read(null, $id);
  292. /* 削除処理 */
  293. if($this->Permission->del($id)) {
  294. $message = 'アクセス制限設定「'.$post['Permission']['name'].'」 を削除しました。';
  295. $this->Session->setFlash($message);
  296. $this->Permission->saveDbLog($message);
  297. }else {
  298. $this->Session->setFlash('データベース処理中にエラーが発生しました。');
  299. }
  300. $this->redirect(array('action' => 'index'));
  301. }
  302. /**
  303. * 並び替えを更新する [AJAX]
  304. *
  305. * @return boolean
  306. * @access public
  307. */
  308. function admin_ajax_update_sort ($userGroupId) {
  309. if($this->data){
  310. $conditions = $this->_createAdminIndexConditions($userGroupId);
  311. if($this->Permission->changeSort($this->data['Sort']['id'],$this->data['Sort']['offset'],$conditions)){
  312. echo true;
  313. } else {
  314. $this->ajaxError(500, $this->Permission->validationErrors);
  315. }
  316. } else {
  317. $this->ajaxError(500, '無効な処理です。');
  318. }
  319. exit();
  320. }
  321. /**
  322. * 管理画面ページ一覧の検索条件を取得する
  323. *
  324. * @param array $data
  325. * @return string
  326. * @access protected
  327. */
  328. function _createAdminIndexConditions($userGroupId){
  329. /* 条件を生成 */
  330. $conditions = array();
  331. if($userGroupId) {
  332. $conditions['Permission.user_group_id'] = $userGroupId;
  333. }
  334. return $conditions;
  335. }
  336. /**
  337. * [ADMIN] データコピー(AJAX)
  338. *
  339. * @param int $id
  340. * @return void
  341. * @access public
  342. */
  343. function admin_ajax_copy($userGroupId, $id) {
  344. if(!$id) {
  345. $this->ajaxError(500, '無効な処理です。');
  346. }
  347. $result = $this->Permission->copy($id);
  348. if($result) {
  349. $this->setViewConditions('Permission', array('action' => 'admin_index'));
  350. $result['Permission']['url'] = preg_replace('/^\/admin\//', '/'.Configure::read('Routing.admin').'/', $result['Permission']['url']);
  351. $this->set('sortmode', $this->passedArgs['sortmode']);
  352. $this->set('data', $result);
  353. } else {
  354. $this->ajaxError(500, $this->Permission->validationErrors);
  355. }
  356. }
  357. /**
  358. * [ADMIN] 無効状態にする(AJAX)
  359. *
  360. * @param string $blogContentId
  361. * @param string $blogPostId beforeFilterで利用
  362. * @param string $blogCommentId
  363. * @return void
  364. * @access public
  365. */
  366. function admin_ajax_unpublish($id) {
  367. if(!$id) {
  368. $this->ajaxError(500, '無効な処理です。');
  369. }
  370. if($this->_changeStatus($id, false)) {
  371. exit(true);
  372. } else {
  373. $this->ajaxError(500, $this->Permission->validationErrors);
  374. }
  375. exit();
  376. }
  377. /**
  378. * [ADMIN] 有効状態にする(AJAX)
  379. *
  380. * @param string $blogContentId
  381. * @param string $blogPostId beforeFilterで利用
  382. * @param string $blogCommentId
  383. * @return void
  384. * @access public
  385. */
  386. function admin_ajax_publish($id) {
  387. if(!$id) {
  388. $this->ajaxError(500, '無効な処理です。');
  389. }
  390. if($this->_changeStatus($id, true)) {
  391. exit(true);
  392. } else {
  393. $this->ajaxError(500, $this->Permission->validationErrors);
  394. }
  395. exit();
  396. }
  397. /**
  398. * 一括公開
  399. *
  400. * @param array $ids
  401. * @return boolean
  402. * @access protected
  403. */
  404. function _batch_publish($ids) {
  405. if($ids) {
  406. foreach($ids as $id) {
  407. $this->_changeStatus($id, true);
  408. }
  409. }
  410. return true;
  411. }
  412. /**
  413. * 一括非公開
  414. *
  415. * @param array $ids
  416. * @return boolean
  417. * @access protected
  418. */
  419. function _batch_unpublish($ids) {
  420. if($ids) {
  421. foreach($ids as $id) {
  422. $this->_changeStatus($id, false);
  423. }
  424. }
  425. return true;
  426. }
  427. /**
  428. * ステータスを変更する
  429. *
  430. * @param int $id
  431. * @param boolean $status
  432. * @return boolean
  433. */
  434. function _changeStatus($id, $status) {
  435. $statusTexts = array(0 => '無効', 1 => '有効');
  436. $data = $this->Permission->find('first', array('conditions' => array('Permission.id' => $id), 'recursive' => -1));
  437. $data['Permission']['status'] = $status;
  438. $this->Permission->set($data);
  439. if($this->Permission->save()) {
  440. $statusText = $statusTexts[$status];
  441. $this->Permission->saveDbLog('アクセス制限設定「'.$data['Permission']['name'].'」 を'.$statusText.'化しました。');
  442. return true;
  443. } else {
  444. return false;
  445. }
  446. }
  447. }
  448. ?>