rschneider/fitness-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix backend user access, fix payout cart account change

Browse Source
This commit is contained in:
Roland Schneider
2016-02-18 22:51:55 +01:00
parent 0ce6958e0b
commit 84e2badd34
14 changed files with 153 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
backend/controllers/CardPackageController.php
View File

@@ -21,20 +21,26 @@ use common\components\Upload;
/**
* CardPackageController implements the CRUD actions for CardPackage model.
*/
class CardPackageController extends Controller {
public function behaviors() {
return [
'verbs' => [
'class' => VerbFilter::className (),
'actions' => [
'delete' => [
'post'
]
]
]
class CardPackageController extends \backend\controllers\BackendController {
public function behaviors()
{
return [
'access' => [
'class' => \yii\filters\AccessControl::className(),
'rules' => [
// allow authenticated users
[
'actions' => ['create','index','view','import','download'],
'allow' => true,
'roles' => ['admin','employee','reception'],
],
// everything else is denied
],
],
];
}
/**
* Lists all CardPackage models.
*

29
backend/controllers/ContractController.php
View File

@@ -15,20 +15,27 @@ use backend\models\ContractRequestSearch;
/**
* ContractController implements the CRUD actions for Contract model.
*
* TODO: FIX CONTROLLER
*/
class ContractController extends Controller
{
public function behaviors()
{
return [
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'delete' => ['post'],
],
],
];
}
public function behaviors() {
return [
'access' => [
'class' => \yii\filters\AccessControl::className(),
'rules' => [
// allow authenticated users
[
'actions' => [ ],
'allow' => true,
'roles' => ['admin','employee','reception'],
],
// everything else is denied
],
],
];
}
/**
* Lists all Contract models.

36
backend/controllers/DoorLogController.php
View File

@@ -11,20 +11,28 @@ use yii\filters\VerbFilter;
/**
* DoorLogController implements the CRUD actions for DoorLog model.
*
* TODO: FIX ACCESS
*/
class DoorLogController extends Controller
{
public function behaviors()
{
return [
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'delete' => ['post'],
],
],
];
}
public function behaviors()
{
return [
'access' => [
'class' => \yii\filters\AccessControl::className(),
'rules' => [
// allow authenticated users
[
'actions' => [ ],
'allow' => true,
'roles' => ['admin','employee','reception'],
],
// everything else is denied
],
],
];
}
/**
* Lists all DoorLog models.
@@ -57,7 +65,6 @@ class DoorLogController extends Controller
* Creates a new DoorLog model.
* If creation is successful, the browser will be redirected to the 'view' page.
* @return mixed
*/
public function actionCreate()
{
$model = new DoorLog();
@@ -70,13 +77,13 @@ class DoorLogController extends Controller
]);
}
}
*/
/**
* Updates an existing DoorLog model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id
* @return mixed
*/
public function actionUpdate($id)
{
$model = $this->findModel($id);
@@ -89,19 +96,20 @@ class DoorLogController extends Controller
]);
}
}
*/
/**
* Deletes an existing DoorLog model.
* If deletion is successful, the browser will be redirected to the 'index' page.
* @param integer $id
* @return mixed
*/
public function actionDelete($id)
{
$this->findModel($id)->delete();
return $this->redirect(['index']);
}
*/
/**
* Finds the DoorLog model based on its primary key value.

14
backend/controllers/KeyController.php
View File

@@ -27,7 +27,19 @@ class KeyController extends Controller {
'post'
]
]
]
] ,
'access' => [
'class' => \yii\filters\AccessControl::className(),
'rules' => [
// allow authenticated users
[
'actions' => ['create','index','view','update'],
'allow' => true,
'roles' => ['admin','employee','reception'],
],
// everything else is denied
],
],
];
}

30
backend/controllers/MessageDetstaController.php
View File

@@ -13,20 +13,28 @@ use common\components\DetStaDBSave;
/**
* MessageDetstaController implements the CRUD actions for MessageDetsta model.
*
* TODO : FIX ACCESS
*/
class MessageDetstaController extends Controller
{
public function behaviors()
{
return [
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'delete' => ['post'],
],
],
];
}
public function behaviors()
{
return [
'access' => [
'class' => \yii\filters\AccessControl::className(),
'rules' => [
// allow authenticated users
[
'actions' => [ ],
'allow' => true,
'roles' => ['admin','employee','reception'],
],
// everything else is denied
],
],
];
}
/**
* Lists all MessageDetsta models.

2
backend/controllers/TicketInstallmentRequestController.php
View File

@@ -15,6 +15,8 @@ use backend\models\GiroKotegForm;
/**
* TicketInstallmentRequestController implements the CRUD actions for TicketInstallmentRequest model.
*
* TODO: FIX ACCESS
*/
class TicketInstallmentRequestController extends Controller
{

1
backend/controllers/TransferController.php
View File

@@ -61,6 +61,7 @@ class TransferController extends \backend\controllers\BackendController
'accounts' => $accounts,
'users' => $users,
]);
}
/**

1
backend/controllers/UgiroController.php
View File

@@ -14,6 +14,7 @@ use yii\web\UploadedFile;
/**
* UgiroController implements the CRUD actions for Ugiro model.
* TODO: FIX ACCESS
*/
class UgiroController extends Controller
{