rschneider/fitness-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix backend user access, fix payout cart account change

Browse Source
This commit is contained in:
Roland Schneider 2016-02-18 22:51:55 +01:00
parent 0ce6958e0b
commit 84e2badd34
14 changed files with 153 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
backend/controllers/CardPackageController.php
View File

@ -21,20 +21,26 @@ use common\components\Upload;
/** /**
* CardPackageController implements the CRUD actions for CardPackage model. * CardPackageController implements the CRUD actions for CardPackage model.
*/ */
class CardPackageController extends Controller { class CardPackageController extends \backend\controllers\BackendController {
public function behaviors() {
public function behaviors()
{
return [ return [
'verbs' => [ 'access' => [
'class' => VerbFilter::className (), 'class' => \yii\filters\AccessControl::className(),
'actions' => [ 'rules' => [
'delete' => [ // allow authenticated users
'post' [
] 'actions' => ['create','index','view','import','download'],
] 'allow' => true,
] 'roles' => ['admin','employee','reception'],
],
// everything else is denied
],
],
]; ];
} }
/** /**
* Lists all CardPackage models. * Lists all CardPackage models.
* *

19
backend/controllers/ContractController.php
View File

@ -15,16 +15,23 @@ use backend\models\ContractRequestSearch;
/** /**
* ContractController implements the CRUD actions for Contract model. * ContractController implements the CRUD actions for Contract model.
*
* TODO: FIX CONTROLLER
*/ */
class ContractController extends Controller class ContractController extends Controller
{ {
public function behaviors() public function behaviors() {
{
return [ return [
'verbs' => [ 'access' => [
'class' => VerbFilter::className(), 'class' => \yii\filters\AccessControl::className(),
'actions' => [ 'rules' => [
'delete' => ['post'], // allow authenticated users
[
'actions' => [ ],
'allow' => true,
'roles' => ['admin','employee','reception'],
],
// everything else is denied
], ],
], ],
]; ];

22
backend/controllers/DoorLogController.php
View File

@ -11,16 +11,24 @@ use yii\filters\VerbFilter;
/** /**
* DoorLogController implements the CRUD actions for DoorLog model. * DoorLogController implements the CRUD actions for DoorLog model.
*
* TODO: FIX ACCESS
*/ */
class DoorLogController extends Controller class DoorLogController extends Controller
{ {
public function behaviors() public function behaviors()
{ {
return [ return [
'verbs' => [ 'access' => [
'class' => VerbFilter::className(), 'class' => \yii\filters\AccessControl::className(),
'actions' => [ 'rules' => [
'delete' => ['post'], // allow authenticated users
[
'actions' => [ ],
'allow' => true,
'roles' => ['admin','employee','reception'],
],
// everything else is denied
], ],
], ],
]; ];
@ -57,7 +65,6 @@ class DoorLogController extends Controller
* Creates a new DoorLog model. * Creates a new DoorLog model.
* If creation is successful, the browser will be redirected to the 'view' page. * If creation is successful, the browser will be redirected to the 'view' page.
* @return mixed * @return mixed
*/
public function actionCreate() public function actionCreate()
{ {
$model = new DoorLog(); $model = new DoorLog();
@ -70,13 +77,13 @@ class DoorLogController extends Controller
]); ]);
} }
} }
*/
/** /**
* Updates an existing DoorLog model. * Updates an existing DoorLog model.
* If update is successful, the browser will be redirected to the 'view' page. * If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id * @param integer $id
* @return mixed * @return mixed
*/
public function actionUpdate($id) public function actionUpdate($id)
{ {
$model = $this->findModel($id); $model = $this->findModel($id);
@ -89,19 +96,20 @@ class DoorLogController extends Controller
]); ]);
} }
} }
*/
/** /**
* Deletes an existing DoorLog model. * Deletes an existing DoorLog model.
* If deletion is successful, the browser will be redirected to the 'index' page. * If deletion is successful, the browser will be redirected to the 'index' page.
* @param integer $id * @param integer $id
* @return mixed * @return mixed
*/
public function actionDelete($id) public function actionDelete($id)
{ {
$this->findModel($id)->delete(); $this->findModel($id)->delete();
return $this->redirect(['index']); return $this->redirect(['index']);
} }
*/
/** /**
* Finds the DoorLog model based on its primary key value. * Finds the DoorLog model based on its primary key value.

14
backend/controllers/KeyController.php
View File

@ -27,7 +27,19 @@ class KeyController extends Controller {
'post' 'post'
] ]
] ]
] ] ,
'access' => [
'class' => \yii\filters\AccessControl::className(),
'rules' => [
// allow authenticated users
[
'actions' => ['create','index','view','update'],
'allow' => true,
'roles' => ['admin','employee','reception'],
],
// everything else is denied
],
],
]; ];
} }

16
backend/controllers/MessageDetstaController.php
View File

@ -13,16 +13,24 @@ use common\components\DetStaDBSave;
/** /**
* MessageDetstaController implements the CRUD actions for MessageDetsta model. * MessageDetstaController implements the CRUD actions for MessageDetsta model.
*
* TODO : FIX ACCESS
*/ */
class MessageDetstaController extends Controller class MessageDetstaController extends Controller
{ {
public function behaviors() public function behaviors()
{ {
return [ return [
'verbs' => [ 'access' => [
'class' => VerbFilter::className(), 'class' => \yii\filters\AccessControl::className(),
'actions' => [ 'rules' => [
'delete' => ['post'], // allow authenticated users
[
'actions' => [ ],
'allow' => true,
'roles' => ['admin','employee','reception'],
],
// everything else is denied
], ],
], ],
]; ];

2
backend/controllers/TicketInstallmentRequestController.php
View File

@ -15,6 +15,8 @@ use backend\models\GiroKotegForm;
/** /**
* TicketInstallmentRequestController implements the CRUD actions for TicketInstallmentRequest model. * TicketInstallmentRequestController implements the CRUD actions for TicketInstallmentRequest model.
*
* TODO: FIX ACCESS
*/ */
class TicketInstallmentRequestController extends Controller class TicketInstallmentRequestController extends Controller
{ {

1
backend/controllers/TransferController.php
View File

@ -61,6 +61,7 @@ class TransferController extends \backend\controllers\BackendController
'accounts' => $accounts, 'accounts' => $accounts,
'users' => $users, 'users' => $users,
]); ]);
} }
/** /**

1
backend/controllers/UgiroController.php
View File

@ -14,6 +14,7 @@ use yii\web\UploadedFile;
/** /**
* UgiroController implements the CRUD actions for Ugiro model. * UgiroController implements the CRUD actions for Ugiro model.
* TODO: FIX ACCESS
*/ */
class UgiroController extends Controller class UgiroController extends Controller
{ {

38
backend/models/TransferSearch.php
View File

@ -69,12 +69,12 @@ class TransferSearch extends Transfer
$query = Transfer::find(); $query = Transfer::find();
$query->innerJoinWith('account'); $query->innerJoinWith('account');
$query->innerJoin('user', " user.id = transfer.id_user");
if ( !RoleDefinition::isAdmin() ){ if ( !RoleDefinition::isAdmin() ){
$query->innerJoin("user_account_assignment",'transfer.id_account = user_account_assignment.id_account' ); $query->innerJoin("user_account_assignment",'transfer.id_account = user_account_assignment.id_account' );
$query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]); $query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]);
$query->andWhere(['account.type' => Account::TYPE_ALL ]); $query->andWhere(['account.type' => Account::TYPE_ALL ]);
if ( RoleDefinition::isReception()){ if ( RoleDefinition::isReception()){
@ -84,6 +84,42 @@ class TransferSearch extends Transfer
$dataProvider = new ActiveDataProvider([ $dataProvider = new ActiveDataProvider([
'query' => $query, 'query' => $query,
'sort' =>[
'attributes' =>[
'paid_at' =>[
'asc' => ['transfer.paid_at' => SORT_ASC ],
'desc' => ['transfer.paid_at' => SORT_DESC],
],
'created_at' =>[
'asc' => ['transfer.created_at' => SORT_ASC ],
'desc' => ['transfer.created_at' => SORT_DESC],
],
'status' =>[
'asc' => ['transfer.status' => SORT_ASC ],
'desc' => ['transfer.status' => SORT_DESC],
],
'money' =>[
'asc' => ['transfer.money' => SORT_ASC ],
'desc' => ['transfer.money' => SORT_DESC],
],
'count' =>[
'asc' => ['transfer.count' => SORT_ASC ],
'desc' => ['transfer.count' => SORT_DESC],
],
'item_price' =>[
'asc' => ['transfer.item_price' => SORT_ASC ],
'desc' => ['transfer.item_price' => SORT_DESC],
],
'id_account' =>[
'asc' => ['account.name' => SORT_ASC ],
'desc' => ['account.name' => SORT_DESC],
],
'id_user' =>[
'asc' => ['user.username' => SORT_ASC ],
'desc' => ['user.username' => SORT_DESC],
],
]
]
]); ]);

4
backend/views/key/update.php
View File

@ -6,9 +6,7 @@ use common\models\Key;
/* @var $this yii\web\View */ /* @var $this yii\web\View */
/* @var $model common\models\Key */ /* @var $model common\models\Key */
$this->title = Yii::t('backend/key', 'Update {modelClass}: ', [ $this->title = "Kulcs módosítása";
'modelClass' => 'Key',
]) . ' ' . $model->id_key;
$this->params['breadcrumbs'][] = ['label' => Yii::t('backend/key', 'Keys'), 'url' => ['index']]; $this->params['breadcrumbs'][] = ['label' => Yii::t('backend/key', 'Keys'), 'url' => ['index']];
$this->params['breadcrumbs'][] = ['label' => $model->id_key, 'url' => ['view', 'id' => $model->id_key]]; $this->params['breadcrumbs'][] = ['label' => $model->id_key, 'url' => ['view', 'id' => $model->id_key]];
$this->params['breadcrumbs'][] = Yii::t('backend/key', 'Update'); $this->params['breadcrumbs'][] = Yii::t('backend/key', 'Update');

29
backend/views/key/view.php
View File

@ -2,11 +2,13 @@
use yii\helpers\Html; use yii\helpers\Html;
use yii\widgets\DetailView; use yii\widgets\DetailView;
use common\models\Key;
use common\components\Helper;
/* @var $this yii\web\View */ /* @var $this yii\web\View */
/* @var $model common\models\Key */ /* @var $model common\models\Key */
$this->title = $model->id_key; $this->title = "Kulcs részletek";
$this->params['breadcrumbs'][] = ['label' => Yii::t('backend/key', 'Keys'), 'url' => ['index']]; $this->params['breadcrumbs'][] = ['label' => Yii::t('backend/key', 'Keys'), 'url' => ['index']];
$this->params['breadcrumbs'][] = $this->title; $this->params['breadcrumbs'][] = $this->title;
?> ?>
@ -16,25 +18,26 @@ $this->params['breadcrumbs'][] = $this->title;
<p> <p>
<?= Html::a(Yii::t('backend/key', 'Update'), ['update', 'id' => $model->id_key], ['class' => 'btn btn-primary']) ?> <?= Html::a(Yii::t('backend/key', 'Update'), ['update', 'id' => $model->id_key], ['class' => 'btn btn-primary']) ?>
<?= Html::a(Yii::t('backend/key', 'Delete'), ['delete', 'id' => $model->id_key], [
'class' => 'btn btn-danger',
'data' => [
'confirm' => Yii::t('backend/key', 'Are you sure you want to delete this item?'),
'method' => 'post',
],
]) ?>
</p> </p>
<?= DetailView::widget([ <?= DetailView::widget([
'model' => $model, 'model' => $model,
'attributes' => [ 'attributes' => [
'id_key', [
'attribute' => 'id_key',
'label' =>"Kulcs azon."
],
'number', 'number',
'rfid_key', 'rfid_key',
'status', [
'type', 'attribute' => 'status',
'created_at', 'value' => Helper::getArrayValue( Key::statuses() ,$model->status, "Ismeretlen" )
'updated_at', ],
[
'attribute' => 'type',
'value' => Helper::getArrayValue( Key::types() ,$model->type, "Ismeretlen" )
],
'created_at:datetime',
], ],
]) ?> ]) ?>

3
changelog.txt
View File

@ -1,3 +1,6 @@
-0.0.37
- fix backend user acces
- fix sell product account will not anymore changed
-0.0.36 -0.0.36
- Door log- add account - Door log- add account
- Key import - no menu ( key/import ) - Key import - no menu ( key/import )

2
common/config/params.php
View File

@ -4,7 +4,7 @@ return [
'supportEmail' => 'rocho02@gmail.com', 'supportEmail' => 'rocho02@gmail.com',
'infoEmail' => 'info@rocho-net.hu', 'infoEmail' => 'info@rocho-net.hu',
'user.passwordResetTokenExpire' => 3600, 'user.passwordResetTokenExpire' => 3600,
'version' => 'v0.0.36', 'version' => 'v0.0.37',
'company' => 'movar',//gyor 'company' => 'movar',//gyor
'company_name' => "Freimann Kft.", 'company_name' => "Freimann Kft.",
'product_visiblity' => 'account',// on reception which products to display. account or global 'product_visiblity' => 'account',// on reception which products to display. account or global

2
frontend/controllers/ProductController.php
View File

@ -177,7 +177,7 @@ class ProductController extends Controller {
$connection = \Yii::$app->db; $connection = \Yii::$app->db;
$transaction = $connection->beginTransaction (); $transaction = $connection->beginTransaction ();
try { try {
UserSoldItem::payout ( $user, $model->transfers , Account::readDefault() ); UserSoldItem::payout ( $user, $model->transfers );
$transaction->commit (); $transaction->commit ();
\Yii::$app->session->setFlash ( 'success', 'Recepicó kosár fizetve' ); \Yii::$app->session->setFlash ( 'success', 'Recepicó kosár fizetve' );
} catch ( Exception $e ) { } catch ( Exception $e ) {