28 if(is_object($conditions) && get_class($conditions) ==
'CDbCriteria'){
29 $criteria = $conditions;
32 $criteria =
new CDbCriteria;
33 $criteria->mergeWith(array(
34 'condition' => $conditions,
46 $criteria->distinct =
true;
50 $collection =
'INNER JOIN `'.$acoClass::model()->tableName().
'` AS acoC ON acoC.model = :RAR_model AND acoC.foreign_key = t.id';
51 $criteria->params[
':RAR_model'] = get_class($this->getOwner());
55 $nodes =
' INNER JOIN `'.$acoNodeClass::model()->tableName().
'` AS aco ON aco.collection_id = acoC.id';
60 $aro = $aroClass::model()->find(
'model = :model AND foreign_key = :foreign_key',
66 $aro = $aroClass::model()->find(
'alias = :alias',
67 array(
':alias' => $guest));
75 $aroPositions = $aro->fetchComprisedPositions();
76 $aroPositionCheck = $aro->addPositionCheck($aroPositions,
"aro",
"map");
79 $action =
Action::model()->find(
'name = :name', array(
':name' =>
'read'));
82 throw new RuntimeException(
'Unable to find action read');
85 $acoCondition = $acoClass::buildTreeQueryCondition(
86 array(
'table' =>
'aco'),
87 array(
'table' =>
'map',
'field' =>
'aco'),
88 $options[
'disableInheritance']
90 $connection =
' INNER JOIN `'.Permission::model()->tableName().
'` AS map ON '.$acoCondition.
' AND '.$aroPositionCheck.
' AND map.action_id = :acl_action_id';
91 $criteria->params[
':acl_action_id'] = $action->id;
93 $joins = array($collection, $nodes, $connection);
95 foreach($joins as $join){
96 $criteria->mergeWith(array(
'join' => $join),
true);
116 $owner = $this->getOwner();
119 $actions =
Action::model()->findAll(
'name '.$actionCondition);
121 $actionIds = array();
122 foreach($actions as $action){
123 $actionIds[] = $action->id;
130 $positions = $aco->fetchComprisedPositions();
135 $rGroupTable = RGroup::model()->tableName();
136 $nodeTable = $aroNodeClass::model()->tableName();
138 return Yii::app()->db->createCommand()
139 ->selectDistinct(
't.id AS collection_id, t.foreign_key, t.model, p.action_id')
140 ->from($rGroupTable.
' t')
141 ->join($nodeTable.
' n',
'n.collection_id = t.id')
142 ->join($permTable.
' p',
143 'p.aro_id = n.id AND p.aco_path '.$acoCondition.
' AND p.action_id '. $actionIdCondition)
154 if(!$this->getOwner()->isNewRecord){
157 if(!$aro->may($this->getOwner(),
'update'))
158 throw new RuntimeException(
'You are not allowed to update this record');
170 $owner = $this->getOwner();
171 if(!$aro->may($owner,
'delete'))
172 throw new RuntimeException(
'You are not allowed to delete this record');
176 $aco = $class::model()->find(
'model = :model AND foreign_key = :key', array(
':model' => get_class($owner),
':key' => $owner->id));
178 throw new RuntimeException(
'No associated Aco!');
181 throw new RuntimeException(
'Unable to delete associated Aco');
193 $owner = $this->getOwner();
200 $aco->model = get_class(owner);
201 $aco->foreign_key = $owner->getPrimaryKey();
204 throw new RuntimeException(
'Unable to create corresponding Aco for new '.get_class($owner));
207 $aro->grant($aco,
'*');
218 return $aro->may($this->getOwner(), $permission);