From 43d5598f23df87a1f9d4d7709b99af28a85179e9 Mon Sep 17 00:00:00 2001
From: Roland Schneider <rocho02@gmail.com>
Date: Thu, 5 Nov 2015 09:26:08 +0100
Subject: [PATCH] add role to user

---
 backend/controllers/UserController.php |  2 +-
 backend/models/UserCreate.php          | 11 +++--
 backend/models/UserUpdate.php          | 17 ++++---
 backend/views/user/_form.php           | 11 ++++-
 backend/views/user/index.php           | 10 ++++
 backend/views/user/view.php            |  4 ++
 common/components/Helper.php           | 28 +++++++++--
 common/components/RoleDefinition.php   | 65 ++++++++++++++++++++++++++
 common/models/User.php                 | 20 +++++++-
 9 files changed, 151 insertions(+), 17 deletions(-)
 create mode 100644 common/components/RoleDefinition.php

diff --git a/backend/controllers/UserController.php b/backend/controllers/UserController.php
index 93759f4..d437bf3 100644
--- a/backend/controllers/UserController.php
+++ b/backend/controllers/UserController.php
@@ -65,7 +65,7 @@ class UserController extends \backend\controllers\BackendController
         	
         	$this->updateAccountAssignments($model);
         	
-//             return $this->redirect(['view', 'id' => $model->id]);
+            return $this->redirect(['index' ]);
             
         } 
         
diff --git a/backend/models/UserCreate.php b/backend/models/UserCreate.php
index b6b2945..710765c 100644
--- a/backend/models/UserCreate.php
+++ b/backend/models/UserCreate.php
@@ -10,6 +10,8 @@ class UserCreate extends User{
 	public $password_repeat;
 	public $selected_accounts = [];
 	
+	public $role;
+	
 	/**
 	 * @inheritdoc
 	 */
@@ -28,6 +30,9 @@ class UserCreate extends User{
 				['username' ,'unique' ],
 				[['password_plain' ,'password_repeat'] ,'string','min' =>6 ],
 				[['password_repeat']   ,'validatePasswordRepeat' ],
+				
+				[['role'], 'required'],
+				[['role'], 'string', 'max' => 20],
 		];
 	}
 	
@@ -66,9 +71,9 @@ class UserCreate extends User{
 	
 	public function afterSave($insert, $changedAttributes){
 	 	parent::afterSave($insert, $changedAttributes); 
-// 		$am = Yii::$app->authManager;
-//     	$role = $am->getRole('admin');
-// 		Yii::$app->authManager->assign($role, $this->id);
+		$am = Yii::$app->authManager;
+    	$role = $am->getRole($this->role);
+		Yii::$app->authManager->assign($role, $this->id);
 	}
 	
 }
\ No newline at end of file
diff --git a/backend/models/UserUpdate.php b/backend/models/UserUpdate.php
index c6d900f..03a47f8 100644
--- a/backend/models/UserUpdate.php
+++ b/backend/models/UserUpdate.php
@@ -9,6 +9,8 @@ class UserUpdate extends User {
 	public $password_plain;
 	public $password_repeat;
 	public $selected_accounts = [];
+
+	public $role;
 	
 	/**
 	 * @inheritdoc
@@ -28,7 +30,9 @@ class UserUpdate extends User {
 						$this->addError($attribute, 'Invalid array');
 					}
 				}
-				]
+				],
+				[['role'], 'required'],
+				[['role'], 'string', 'max' => 20],
 		];
 	}
 	
@@ -68,10 +72,11 @@ class UserUpdate extends User {
 			return false;
 		}
 	}
-	public function afterSave($insert, $changedAttributes) {
-		parent::afterSave ( $insert, $changedAttributes );
-		// $am = Yii::$app->authManager;
-		// $role = $am->getRole('admin');
-		// Yii::$app->authManager->assign($role, $this->id);
+	public function afterSave($insert, $changedAttributes){
+	 	parent::afterSave($insert, $changedAttributes); 
+		$am = Yii::$app->authManager;
+		$am->revokeAll($this->id);
+    	$role = $am->getRole($this->role);
+		Yii::$app->authManager->assign($role, $this->id);
 	}
 }
\ No newline at end of file
diff --git a/backend/views/user/_form.php b/backend/views/user/_form.php
index e0ca38f..7a8afe7 100644
--- a/backend/views/user/_form.php
+++ b/backend/views/user/_form.php
@@ -3,15 +3,21 @@
 use yii\helpers\Html;
 use yii\widgets\ActiveForm;
 use yii\grid\GridView;
-use yii\base\Widget;
-use yii\base\Object;
 use yii\data\ArrayDataProvider;
+use common\components\RoleDefinition;
 
 /* @var $this yii\web\View */
 /* @var $model common\models\User */
 /* @var $form yii\widgets\ActiveForm */
 ?>
 
+<?php 
+
+$roleOptions = RoleDefinition::roleLabels();
+asort($roleOptions);
+
+?>
+
 <div class="user-form">
 
     <?php $form = ActiveForm::begin(); ?>
@@ -21,6 +27,7 @@ use yii\data\ArrayDataProvider;
     <?= $form->field($model, 'email')->textInput() ?>
     <?= $form->field($model, 'password_plain')->passwordInput() ?>
     <?= $form->field($model, 'password_repeat')->passwordInput() ?>
+    <?= $form->field($model, 'role')->dropDownList($roleOptions) ?>
 
 	<?php 
 	
diff --git a/backend/views/user/index.php b/backend/views/user/index.php
index 591af23..792fa55 100644
--- a/backend/views/user/index.php
+++ b/backend/views/user/index.php
@@ -2,6 +2,7 @@
 
 use yii\helpers\Html;
 use yii\grid\GridView;
+use common\components\RoleDefinition;
 
 /* @var $this yii\web\View */
 /* @var $searchModel frontend\models\UserSearch */
@@ -28,6 +29,15 @@ $this->params['breadcrumbs'][] = $this->title;
             'email:email',
             'created_at:datetime',
 
+        	[
+        		'attribute' => 'role',
+        		'value' => function ($model){
+    				$roles = \Yii::$app->authManager->getRolesByUser($model->id );
+    				
+    				return implode(', ', array_map(function ($role) { return sprintf("%s", RoleDefinition::getRoleLabel($role->name)); }, $roles ));
+    			}
+    		]	,
+        		
             ['class' => 'yii\grid\ActionColumn',
              'template' => '{view} {update}'
     ],
diff --git a/backend/views/user/view.php b/backend/views/user/view.php
index f681530..2b76d2b 100644
--- a/backend/views/user/view.php
+++ b/backend/views/user/view.php
@@ -25,6 +25,10 @@ $this->params['breadcrumbs'][] = $this->title;
             'email:email',
             'statusHuman',
             'created_at:datetime',
+        	[
+        		'attribute' => 'role',
+        		'value' => $model->roleString
+    ]
         ],
     ]) ?>
 
diff --git a/common/components/Helper.php b/common/components/Helper.php
index 9f74fc4..4255b7f 100644
--- a/common/components/Helper.php
+++ b/common/components/Helper.php
@@ -1,10 +1,6 @@
 <?php
 namespace common\components;
 
-use yii\base\InvalidConfigException;
-use Yii;
-use yii\base\Model;
-
 class Helper
 {
 
@@ -27,4 +23,28 @@ class Helper
 		$query->andFilterWhere([ '<' , $field  , $end ]   );
 	}
 	
+	public static function roleLabels(){
+		return [
+				'reception' => Yii::t('common/role' ,'Reception'),
+				'admin' => Yii::t('common/role' ,'Administrator'),
+				'employee' => Yii::t('common/role' ,'Alkalmazott'),
+		];
+	}
+	
+	public static function roleDefinitions(){
+		return [
+				'employee' =>  [
+					'canAllow' => [  'employee'],
+				],
+				'admin' =>  [
+					'canAllow' => ['admin','reception','employee'],
+				],
+				'reception' =>  [
+					'canAllow' => [ ],
+				],
+		];
+	}
+	
+	
+	
 }
\ No newline at end of file
diff --git a/common/components/RoleDefinition.php b/common/components/RoleDefinition.php
new file mode 100644
index 0000000..b208c46
--- /dev/null
+++ b/common/components/RoleDefinition.php
@@ -0,0 +1,65 @@
+<?php
+namespace common\components;
+
+use \Yii;
+
+class RoleDefinition{
+	
+	
+	
+	public static function roleLabels(){
+		return [
+				'reception' => Yii::t('common/role' ,'Reception'),
+				'admin' => Yii::t('common/role' ,'Administrator'),
+				'employee' => Yii::t('common/role' ,'Employee'),
+		];
+	}
+	
+	public static function getRoleLabel($role){
+		$result = null;
+		$roleLabels = self::roleLabels();
+		if ( array_key_exists($role, $roleLabels)){
+			$result = $roleLabels[$role];
+		}
+		return $result;
+	}
+	
+	
+	public static function roleDefinitions(){
+		return [
+				'employee' =>  [
+						'canAllow' => [  'employee'],
+				],
+				'admin' =>  [
+						'canAllow' => ['admin','reception','employee'],
+				],
+				'reception' =>  [
+						'canAllow' => [ ],
+				],
+		];
+	}
+	
+	
+	public static function getRoleDefinition($role){
+		$defs = self::roleDefinitions();
+		$result = null;
+		if ( array_key_exists($role, $defs)){
+			$result = $defs[$role];
+		}
+		$result = $defs[$role];
+		return $result;
+	}
+	
+	public static function getRolesCanAllow($role){
+		$result = [];
+		$def = self::getRoleDefinition($role);
+		if ( isset($def)){
+			$result = $def['canAllow'];
+		}
+	
+		return $result;
+	}
+
+	
+	
+}
\ No newline at end of file
diff --git a/common/models/User.php b/common/models/User.php
index 44880f5..d255786 100644
--- a/common/models/User.php
+++ b/common/models/User.php
@@ -6,6 +6,7 @@ use yii\base\NotSupportedException;
 use yii\behaviors\TimestampBehavior;
 use yii\db\ActiveRecord;
 use yii\web\IdentityInterface;
+use common\components\RoleDefinition;
 
 /**
  * User model
@@ -212,10 +213,27 @@ class User extends ActiveRecord implements IdentityInterface
     		'username' => Yii::t('backend/user', 'Username'),
     		'email' => Yii::t('backend/user', 'E-Mail'),
     		'created_at' => Yii::t('backend/user', 'Created at'),
+    		'role' => Yii::t('backend/user', 'Role'),
     	];
     }
     
-    
+    /**
+     * 
+     * 
+     * @return \yii\rbac\Role[]*/
+    public function getRoles(){
+    	$roles = \Yii::$app->authManager->getRolesByUser($this->id );
+		return $roles;    	
+    }
+
+    /**
+     * @return string
+     * */
+    public function getRoleString(){
+    	$roles = \Yii::$app->authManager->getRolesByUser($this->id );
+    	
+    	return implode(', ', array_map(function ($role) { return sprintf("%s", RoleDefinition::getRoleLabel($role->name)); }, $roles ));
+    }
     
     /**
      * $param int $forceIncludeAccount id warehouse, that should be included in list, even if it is inactive