rschneider/fitness-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add access control to backend

Browse Source
This commit is contained in:
Roland Schneider 2015-11-02 14:32:19 +01:00
parent e34b150d74
commit 1ee0a6bbe9
13 changed files with 106 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
backend/controllers/AccountController.php
View File

@ -23,6 +23,18 @@ class AccountController extends Controller
'delete' => ['post'],
],
],
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => [ 'index','view','create','update'],
'rules' => [
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
// everything else is denied
],
],
];
}

12
backend/controllers/DiscountController.php
View File

@ -23,6 +23,18 @@ class DiscountController extends Controller
'delete' => ['post'],
],
],
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => [ 'index','view','create','update'],
'rules' => [
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
// everything else is denied
],
],
];
}

12
backend/controllers/ProcurementController.php
View File

@ -26,6 +26,18 @@ class ProcurementController extends Controller
'delete' => ['post'],
],
],
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => [ 'index','view','create','update'],
'rules' => [
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
// everything else is denied
],
],
];
}

13
backend/controllers/ProductCategoryController.php
View File

@ -23,6 +23,19 @@ class ProductCategoryController extends Controller
'delete' => ['post'],
],
],
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => [ 'index','view','create','update'],
'rules' => [
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
// everything else is denied
],
],
];
}

13
backend/controllers/ProductController.php
View File

@ -25,9 +25,22 @@ class ProductController extends Controller
'delete' => ['post'],
],
],
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => [ 'index','view','create','update'],
'rules' => [
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
// everything else is denied
],
],
];
}
/**
* Lists all Product models.
* @return mixed

12
backend/controllers/TicketTypeController.php
View File

@ -24,6 +24,18 @@ class TicketTypeController extends Controller
'delete' => ['post'],
],
],
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => [ 'index','view','create','update'],
'rules' => [
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
// everything else is denied
],
],
];
}

12
backend/controllers/UserController.php
View File

@ -29,6 +29,18 @@ class UserController extends Controller
'delete' => ['post'],
],
],
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => [ 'index', 'create','update','view'],
'rules' => [
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
// everything else is denied
],
],
];
}

12
backend/controllers/WarehouseController.php
View File

@ -24,6 +24,18 @@ class WarehouseController extends Controller
'delete' => ['post'],
],
],
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => [ 'create','update','view','index'],
'rules' => [
// allow authenticated users
[
'allow' => true,
'roles' => ['@'],
],
// everything else is denied
],
],
];
}

4
backend/views/user/index.php
View File

@ -28,7 +28,9 @@ $this->params['breadcrumbs'][] = $this->title;
'email:email',
'created_at:datetime',
['class' => 'yii\grid\ActionColumn'],
['class' => 'yii\grid\ActionColumn',
'template' => '{view} {update}'
],
],
]); ?>

7
backend/views/user/view.php
View File

@ -16,13 +16,6 @@ $this->params['breadcrumbs'][] = $this->title;
<p>
<?= Html::a(Yii::t('app', 'Update'), ['update', 'id' => $model->id], ['class' => 'btn btn-primary']) ?>
<?= Html::a(Yii::t('app', 'Delete'), ['delete', 'id' => $model->id], [
'class' => 'btn btn-danger',
'data' => [
'confirm' => Yii::t('app', 'Are you sure you want to delete this item?'),
'method' => 'post',
],
]) ?>
</p>
<?= DetailView::widget([

2
common/messages/hu/common/account.php
View File

@ -20,7 +20,7 @@ return [
'Accounts' => 'Kasszák',
'Account' => 'Kassza',
'Active' => 'Aktív',
'Create' => 'Inaktív',
'Create' => 'Mentés',
'Create Account' => 'Új kassza',
'Created At' => 'Létrehozás ideje',
'Id Account' => 'Azonosító',

4
common/models/User.php
View File

@ -209,7 +209,9 @@ class User extends ActiveRecord implements IdentityInterface
public function attributeLabels(){
return [
'username' => Yii::t('backend/user', 'Username'),
'email' => Yii::t('backend/user', 'E-Mail'),
'created_at' => Yii::t('backend/user', 'Created at'),
];
}

2
composer.json
View File

@ -15,7 +15,7 @@
"minimum-stability": "stable",
"require": {
"php": ">=5.4.0",
"yiisoft/yii2": ">=2.0.6",
"yiisoft/yii2": "2.0.6",
"yiisoft/yii2-bootstrap": "*",
"yiisoft/yii2-swiftmailer": "*",
"kartik-v/yii2-widgets": "^3.4",