mirror of
https://github.com/ZoneMinder/zoneminder.git
synced 2026-03-25 01:01:53 -04:00
4e60cb96a7
Add a User Roles system where roles define reusable permission templates. When a user has a role assigned, the role provides fallback permissions (user's direct permissions take precedence; role is used when user has 'None'). Database changes: - Add User_Roles table with same permission fields as Users - Add Role_Groups_Permissions table for per-role group overrides - Add Role_Monitors_Permissions table for per-role monitor overrides - Add RoleId foreign key to Users table Permission resolution order: 1. User's direct Monitor/Group permissions (if not 'Inherit') 2. Role's Monitor/Group permissions (if user has role) 3. Role's base permission (if user's is 'None') 4. User's base permission (fallback) Includes: - PHP models: User_Role, Role_Group_Permission, Role_Monitor_Permission - Role management UI in Options > Roles tab - Role selector in user edit form - REST API endpoints for roles CRUD - Translation strings for en_gb Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
89 lines
1.7 KiB
PHP
89 lines
1.7 KiB
PHP
<?php
|
|
App::uses('AppModel', 'Model');
|
|
/**
|
|
* User Model
|
|
*
|
|
*/
|
|
class User extends AppModel {
|
|
|
|
public $validate = array(
|
|
'Username' => array(
|
|
'required' => array(
|
|
'rule' => array('notEmpty'),
|
|
'message' => 'A username is required'
|
|
)
|
|
),
|
|
'Password' => array(
|
|
'required' => array(
|
|
'rule' => array('notEmpty'),
|
|
'message' => 'A password is required'
|
|
)
|
|
)
|
|
);
|
|
|
|
function beforeFind($query) {
|
|
if ( empty($query['fields']) ) {
|
|
$schema = $this->schema();
|
|
unset($schema['Password']);
|
|
|
|
foreach (array_keys($schema) as $field) {
|
|
$query['fields'][] = $this->alias . '.' . $field;
|
|
}
|
|
return $query;
|
|
}
|
|
return parent::beforeFind($query);
|
|
}
|
|
|
|
public function beforeSave($options = array()) {
|
|
if (!empty($this->data['User']['Password'])) {
|
|
$this->data['User']['Password'] = password_hash($this->data['User']['Password'], PASSWORD_BCRYPT);
|
|
}
|
|
return true;
|
|
} # end function beforeSave
|
|
|
|
/**
|
|
* Use table
|
|
*
|
|
* @var mixed False or table name
|
|
*/
|
|
public $useTable = 'Users';
|
|
|
|
/**
|
|
* Primary key field
|
|
*
|
|
* @var string
|
|
*/
|
|
public $primaryKey = 'Id';
|
|
|
|
/**
|
|
* Display field
|
|
*
|
|
* @var string
|
|
*/
|
|
public $displayField = 'Username';
|
|
|
|
|
|
//The Associations below have been created with all possible keys, those that are not needed can be removed
|
|
|
|
/**
|
|
* belongsTo associations
|
|
*
|
|
* @var array
|
|
*/
|
|
public $belongsTo = array(
|
|
'Role' => array(
|
|
'className' => 'Role',
|
|
'foreignKey' => 'RoleId',
|
|
),
|
|
);
|
|
|
|
/**
|
|
* hasMany associations
|
|
*
|
|
* @var array
|
|
*/
|
|
public $hasMany = array(
|
|
);
|
|
|
|
}
|