protected function run1($stage)
{
$this->console->out('Converting Farms manage permission to create, update, delete');
$this->db->BeginTrans();
try {
foreach ([Acl::RESOURCE_FARMS, Acl::RESOURCE_OWN_FARMS, Acl::RESOURCE_TEAM_FARMS] as $resourceId) {
foreach ([Acl::PERM_FARMS_CREATE, Acl::PERM_FARMS_UPDATE, Acl::PERM_FARMS_DELETE] as $permission) {
if ($permission == Acl::PERM_FARMS_CREATE && $resourceId != Acl::RESOURCE_OWN_FARMS) {
// leave CREATE only for OWN_FARMS
continue;
}
$this->db->Execute("INSERT IGNORE `acl_account_role_resource_permissions` (`account_role_id`, `resource_id`, `perm_id`, `granted`) " . "SELECT `account_role_id`, ? AS `resource_id`, ? AS `perm_id`, `granted` " . "FROM `acl_account_role_resource_permissions` WHERE resource_id = ? AND perm_id = ?", [$resourceId, $permission, $resourceId, self::PERM_FARMS_MANAGE]);
$this->db->Execute("\n INSERT IGNORE `acl_role_resource_permissions` (`role_id`, `resource_id`, `perm_id`, `granted`)\n VALUES (?, ?, ?, 1)\n ", array(Acl::ROLE_ID_FULL_ACCESS, $resourceId, $permission));
}
}
$this->console->out('Deleting "manage" permission from Farms resources');
foreach ([Acl::RESOURCE_FARMS, Acl::RESOURCE_OWN_FARMS, Acl::RESOURCE_TEAM_FARMS] as $resourceId) {
foreach ([self::PERM_FARMS_MANAGE, Acl::PERM_FARMS_CHANGE_OWNERSHIP] as $permission) {
if ($permission == Acl::PERM_FARMS_CHANGE_OWNERSHIP && $resourceId != Acl::RESOURCE_OWN_FARMS) {
// remove CHANGE_OWNERSHIP only for OWN_FARMS
continue;
}
$this->db->Execute("DELETE FROM `acl_role_resource_permissions` WHERE `resource_id` = ? AND `perm_id` = ?", [$resourceId, $permission]);
$this->db->Execute("DELETE FROM `acl_account_role_resource_permissions` WHERE `resource_id` = ? AND `perm_id` = ?", [$resourceId, $permission]);
}
}
$this->db->CommitTrans();
} catch (\Exception $e) {
$this->db->RollbackTrans();
$this->console->out("Transaction rolled back");
throw $e;
}
}