fix backend user access, fix payout cart account change

2016-02-18 22:51:55 +01:00
parent 0ce6958e0b
commit 84e2badd34
14 changed files with 153 additions and 68 deletions
--- a/backend/controllers/DoorLogController.php
+++ b/backend/controllers/DoorLogController.php
@@ -11,20 +11,28 @@ use yii\filters\VerbFilter;

 /**
 * DoorLogController implements the CRUD actions for DoorLog model.
+ * 
+ * TODO: FIX ACCESS
 */
 class DoorLogController extends Controller
 {
-    public function behaviors()
-    {
-        return [
-            'verbs' => [
-                'class' => VerbFilter::className(),
-                'actions' => [
-                    'delete' => ['post'],
-                ],
-            ],
-        ];
-    }
+	public function behaviors()
+	{
+		return [
+				'access' => [
+						'class' => \yii\filters\AccessControl::className(),
+						'rules' => [
+								// allow authenticated users
+								[
+										'actions' => [  ],
+										'allow' => true,
+										'roles' => ['admin','employee','reception'],
+								],
+								// everything else is denied
+						],
+				],
+		];
+	}

    /**
     * Lists all DoorLog models.
@@ -57,7 +65,6 @@ class DoorLogController extends Controller
     * Creates a new DoorLog model.
     * If creation is successful, the browser will be redirected to the 'view' page.
     * @return mixed
-     */
    public function actionCreate()
    {
        $model = new DoorLog();
@@ -70,13 +77,13 @@ class DoorLogController extends Controller
            ]);
        }
    }
+     */

    /**
     * Updates an existing DoorLog model.
     * If update is successful, the browser will be redirected to the 'view' page.
     * @param integer $id
     * @return mixed
-     */
    public function actionUpdate($id)
    {
        $model = $this->findModel($id);
@@ -89,19 +96,20 @@ class DoorLogController extends Controller
            ]);
        }
    }
+     */

    /**
     * Deletes an existing DoorLog model.
     * If deletion is successful, the browser will be redirected to the 'index' page.
     * @param integer $id
     * @return mixed
-     */
    public function actionDelete($id)
    {
        $this->findModel($id)->delete();

        return $this->redirect(['index']);
    }
+     */

    /**
     * Finds the DoorLog model based on its primary key value.