26 public function grant($obj, $actions){
31 $acoNodes = $obj->getNodes();
33 foreach($actions as $action){
39 $action =
Action::model()->find(
'name = :name', array(
':name' => $action));
42 throw new RuntimeException(
'Invalid action');
44 $permission =
Permission::model()->find(
'action_id = :action_id AND aco_id '.$acoIn.
' AND aro_id '.$aroIn,
45 array(
':action_id' => $action->id));
47 if($permission === NULL){
48 foreach($aroNodes as $aroNode){
49 foreach($acoNodes as $acoNode){
52 $perm->aro_id = $aroNode->id;
53 $perm->aro_path = $aroNode->getOwnPath();
54 $perm->aco_id = $acoNode->id;
55 $perm->aco_path = $acoNode->getOwnPath();
56 $perm->action_id = $action->id;
59 throw new RuntimeException(
'Unable to grant permission of '.$action->name.
' from '
60 .$aroNode->id.
' to '.$acoNode->id);
74 public function deny($obj, $actions){
79 $acoNodes = $obj->getNodes();
84 foreach($actions as $action){
86 $action =
Action::model()->find(
'name = :name', array(
':name' => $action));
89 throw new RuntimeException(
'Invalid action');
92 $suc =
Permission::model()->deleteAll(
'aco_id '.$acoIn.
' AND aro_id '.$aroIn.
' AND action_id = :action_id',
93 array(
':action_id' => $action->id));
96 throw new RuntimeException(
'Unabel to deny permission '.$action->id.
' of '.$this->id.
' to '.$obj->id);
107 public function may($obj, $actions){
114 $acoPaths = $obj->getPaths();
117 foreach($actions as $action){
119 $action =
Action::model()->find(
'name = :name', array(
':name' => $action));
121 throw new RuntimeException(
'Invalid action');
124 if(isset($obj::$possibleActions) && !in_array($action, $possibleActions))
127 $perm =
Permission::model()->find(
'action_id = :action_id AND '.$aroCondition.
' AND '.$acoCondition,
128 array(
':action_id' => $action->id));
142 public static function model($className=__CLASS__)
152 return '{{aro_collection}}';
174 'aroNodes' => array(static::HAS_MANY,
'PmAroNode',
'collection_id'),
175 'permissions' => array(static::HAS_MANY,
'Permission',
'aro_id')
188 'foreign_key' =>
'Foreign Key',
189 'created' =>
'Created'