From cc83ccf7615073cdfe11fe192516637edcaf0118 Mon Sep 17 00:00:00 2001 From: rocho Date: Thu, 5 Nov 2015 17:24:09 +0100 Subject: [PATCH] add role checking to controllers --- backend/components/AdminMenuStructure.php | 2 +- backend/controllers/AccountController.php | 26 +++++++++++ backend/controllers/BackendController.php | 2 +- backend/controllers/CollectionController.php | 2 +- backend/controllers/DiscountController.php | 24 +++++++++++ backend/controllers/ProcurementController.php | 10 ++++- backend/controllers/ProductController.php | 2 +- backend/controllers/TicketTypeController.php | 25 +++++++++++ backend/controllers/TransferController.php | 5 +-- backend/controllers/UserController.php | 34 +++++++++++++++ backend/models/AccountSearch.php | 7 +++ backend/models/AccountStateSearch.php | 7 +++ backend/models/CollectionSearch.php | 13 ++++-- backend/models/ProcurementSearch.php | 5 +++ backend/models/ProductSearch.php | 12 ++++-- backend/models/TransferSearch.php | 9 +++- backend/views/account/index.php | 5 ++- backend/views/account/view.php | 12 ++---- backend/views/discount/index.php | 5 ++- backend/views/discount/view.php | 18 +++----- backend/views/layouts/main.php | 10 ++++- backend/views/procurement/_form.php | 1 + backend/views/product/_search.php | 2 +- backend/views/ticket-type/index.php | 6 ++- backend/views/ticket-type/view.php | 14 ++---- backend/views/user/index.php | 5 ++- backend/views/user/update.php | 10 ++--- backend/views/user/view.php | 9 ++-- common/components/AccountTotalWidget.php | 4 +- common/components/Helper.php | 4 ++ common/components/RoleDefinition.php | 43 +++++++++++++++++++ common/models/Account.php | 1 + common/models/Collection.php | 10 ++++- common/models/Transfer.php | 14 ++++-- common/models/User.php | 16 ++++--- common/models/UserSoldItem.php | 2 +- .../m151105_114421_add__role__employee.php | 31 +++++++++++++ .../m151105_151357_add__role__reception.php | 31 +++++++++++++ frontend/controllers/ProductController.php | 2 +- 39 files changed, 362 insertions(+), 78 deletions(-) create mode 100644 console/migrations/m151105_114421_add__role__employee.php create mode 100644 console/migrations/m151105_151357_add__role__reception.php diff --git a/backend/components/AdminMenuStructure.php b/backend/components/AdminMenuStructure.php index 98ab72c..357f19b 100644 --- a/backend/components/AdminMenuStructure.php +++ b/backend/components/AdminMenuStructure.php @@ -53,7 +53,7 @@ class AdminMenuStructure{ $items[] = ['label' => 'Beszerzések', 'url' => ['/procurement/index'] ]; $items[] = ['label' => 'Vendégek', 'url' => ['/customer/index'] ]; $items[] = ['label' => 'Bérletkártyák', 'url' => ['/card/index'] ]; - $items[] = ['label' => 'Pénznem', 'url' => ['/currency/index'] ]; +// $items[] = ['label' => 'Pénznem', 'url' => ['/currency/index'] ]; $items[] = ['label' => 'Tranzakciók', 'url' => ['/transfer/index' , 'TransferSearch[start]' =>$today,'TransferSearch[end]' => $tomorrow ] ]; $items[] = ['label' => 'Kassza müveletek', 'url' => ['/account-state/index'] ]; diff --git a/backend/controllers/AccountController.php b/backend/controllers/AccountController.php index 6140193..cc91a32 100644 --- a/backend/controllers/AccountController.php +++ b/backend/controllers/AccountController.php @@ -14,6 +14,32 @@ use yii\filters\VerbFilter; */ class AccountController extends \backend\controllers\BackendController { + + + public function behaviors() + { + return [ + 'access' => [ + 'class' => \yii\filters\AccessControl::className(), + 'rules' => [ + // allow authenticated users + [ + 'actions' => [ 'index','view' ], + 'allow' => true, + 'roles' => ['employee','admin','reception'], + ], + // allow authenticated users + [ + 'actions' => [ 'create', 'update'], + 'allow' => true, + 'roles' => ['admin'], + ], + // everything else is denied + ], + ], + ]; + } + /** * Lists all Account models. diff --git a/backend/controllers/BackendController.php b/backend/controllers/BackendController.php index 0cb1a83..3905997 100644 --- a/backend/controllers/BackendController.php +++ b/backend/controllers/BackendController.php @@ -28,7 +28,7 @@ class BackendController extends Controller [ 'actions' => ['create','index','view','update'], 'allow' => true, - 'roles' => ['@'], + 'roles' => ['admin','employee','reception'], ], // everything else is denied ], diff --git a/backend/controllers/CollectionController.php b/backend/controllers/CollectionController.php index a7b517c..6db22eb 100644 --- a/backend/controllers/CollectionController.php +++ b/backend/controllers/CollectionController.php @@ -47,7 +47,7 @@ class CollectionController extends \backend\controllers\BackendController $searchModel->accounts = Account::read(); $searchModel->accountMap = Account::toAccaountMap($searchModel->accounts); - $searchModel->users = User::find()->all( ); + $searchModel->users = User::read(); $dataProvider = $searchModel->search(Yii::$app->request->queryParams); $searchModel->searchTotal(); diff --git a/backend/controllers/DiscountController.php b/backend/controllers/DiscountController.php index 5da9ce1..1b7b4f0 100644 --- a/backend/controllers/DiscountController.php +++ b/backend/controllers/DiscountController.php @@ -14,6 +14,30 @@ use yii\filters\VerbFilter; */ class DiscountController extends \backend\controllers\BackendController { + + public function behaviors() + { + return [ + 'access' => [ + 'class' => \yii\filters\AccessControl::className(), + 'rules' => [ + // allow authenticated users + [ + 'actions' => [ 'index','view' ], + 'allow' => true, + 'roles' => ['admin','employee','reception'], + ], + [ + 'actions' => ['create','update'], + 'allow' => true, + 'roles' => ['admin' ], + ], + // everything else is denied + ], + ], + ]; + } + /** * Lists all Discount models. diff --git a/backend/controllers/ProcurementController.php b/backend/controllers/ProcurementController.php index 6cab09f..1acb89d 100644 --- a/backend/controllers/ProcurementController.php +++ b/backend/controllers/ProcurementController.php @@ -11,6 +11,7 @@ use yii\filters\VerbFilter; use common\models\Warehouse; use common\models\Product; use common\models\User; +use common\components\Helper; /** * ProcurementController implements the CRUD actions for Procurement model. @@ -118,14 +119,21 @@ class ProcurementController extends \backend\controllers\BackendController $transaction->commit(); } else { $transaction->rollback(); + Helper::flash('error', "Hiba történt!"); + throw new NotFoundHttpException( Yii::t('common/procurement' ,'Failed to fullfill procurement.' )); } + Helper::flash('success', Yii::t('backend/procurement', 'Beszerzés mentve')); } catch (\Exception $e) { $transaction->rollback(); throw $e; } - return $this->redirect(['index' ]); + if ( isset($_POST['_next'])){ + return $this->redirect(['create' ]); + }else{ + return $this->redirect(['index' ]); + } } else { return $this->render('create', [ 'model' => $model, diff --git a/backend/controllers/ProductController.php b/backend/controllers/ProductController.php index d2e742d..178fd0f 100644 --- a/backend/controllers/ProductController.php +++ b/backend/controllers/ProductController.php @@ -55,7 +55,7 @@ class ProductController extends \backend\controllers\BackendController $model = new Product(); $model->stock = 0; $model->status = Product::STATUS_ACTIVE; - $accounts = Account::readAccounts(null); + $accounts = Account::read(null); $categories = ProductCategory::read(null); if ($model->load(Yii::$app->request->post()) && $model->save()) { diff --git a/backend/controllers/TicketTypeController.php b/backend/controllers/TicketTypeController.php index d3f1c51..a1be1ab 100644 --- a/backend/controllers/TicketTypeController.php +++ b/backend/controllers/TicketTypeController.php @@ -15,6 +15,31 @@ use common\models\Account; */ class TicketTypeController extends \backend\controllers\BackendController { + + + public function behaviors() + { + return [ + 'access' => [ + 'class' => \yii\filters\AccessControl::className(), + 'rules' => [ + // allow authenticated users + [ + 'actions' => [ 'index','view'], + 'allow' => true, + 'roles' => ['admin','employee','reception'], + ], + [ + 'actions' => ['create' , 'update'], + 'allow' => true, + 'roles' => ['admin' ], + ], + // everything else is denied + ], + ], + ]; + } + /** * Lists all TicketType models. diff --git a/backend/controllers/TransferController.php b/backend/controllers/TransferController.php index 90806d6..17327b5 100644 --- a/backend/controllers/TransferController.php +++ b/backend/controllers/TransferController.php @@ -25,7 +25,7 @@ class TransferController extends \backend\controllers\BackendController [ 'actions' => [ 'index','view' ], 'allow' => true, - 'roles' => ['@'], + 'roles' => ['admin','employee','reception'], ], // everything else is denied ], @@ -43,7 +43,7 @@ class TransferController extends \backend\controllers\BackendController $searchModel = new TransferSearch(); $dataProvider = $searchModel->search(Yii::$app->request->queryParams); - $accounts = Account::readAccounts(); + $accounts = Account::read(); $searchModel->totalsTransfers(); @@ -54,7 +54,6 @@ class TransferController extends \backend\controllers\BackendController 'dataProvider' => $dataProvider, 'accounts' => $accounts, 'users' => $users, -// 'totals' =>$totals ]); } diff --git a/backend/controllers/UserController.php b/backend/controllers/UserController.php index d437bf3..6a41097 100644 --- a/backend/controllers/UserController.php +++ b/backend/controllers/UserController.php @@ -13,6 +13,7 @@ use yii\base\Object; use backend\models\UserUpdate; use common\models\Account; use common\models\UserAccountAssignment; +use common\components\RoleDefinition; /** * UserController implements the CRUD actions for User model. @@ -21,6 +22,31 @@ class UserController extends \backend\controllers\BackendController { + public function behaviors() + { + return [ + 'access' => [ + 'class' => \yii\filters\AccessControl::className(), + 'rules' => [ + // allow authenticated users + [ + 'actions' => [ 'index','view' ], + 'allow' => true, + 'roles' => ['employee','admin','reception'], + ], + // allow authenticated users + [ + 'actions' => [ 'create', 'update'], + 'allow' => true, + 'roles' => ['admin'], + ], + // everything else is denied + ], + ], + ]; + } + + /** * Lists all User models. * @return mixed @@ -99,6 +125,14 @@ class UserController extends \backend\controllers\BackendController { $model = UserUpdate::findOne(['id' => $id]); + if ( Yii::$app->authManager->checkAccess($model->id, 'admin')){ + $model->role = 'admin'; + } else if ( Yii::$app->authManager->checkAccess($model->id, 'employee')){ + $model->role = 'employee'; + }else if ( Yii::$app->authManager->checkAccess($model->id, 'reception')){ + $model->role = 'reception'; + } + if ( $model == null ){ throw new NotFoundHttpException('The requested page does not exist.'); } diff --git a/backend/models/AccountSearch.php b/backend/models/AccountSearch.php index 7543b38..63095d3 100644 --- a/backend/models/AccountSearch.php +++ b/backend/models/AccountSearch.php @@ -6,6 +6,7 @@ use Yii; use yii\base\Model; use yii\data\ActiveDataProvider; use common\models\Account; +use common\components\RoleDefinition; /** * AccountSearch represents the model behind the search form about `common\models\Account`. @@ -43,6 +44,12 @@ class AccountSearch extends Account { $query = Account::find(); + + if ( !RoleDefinition::isAdmin() ){ + $query->innerJoin("user_account_assignment",'account.id_account = user_account_assignment.id_account' ); + $query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]); + } + $dataProvider = new ActiveDataProvider([ 'query' => $query, ]); diff --git a/backend/models/AccountStateSearch.php b/backend/models/AccountStateSearch.php index 9e18585..c11b175 100644 --- a/backend/models/AccountStateSearch.php +++ b/backend/models/AccountStateSearch.php @@ -6,6 +6,7 @@ use Yii; use yii\base\Model; use yii\data\ActiveDataProvider; use common\models\AccountState; +use common\components\RoleDefinition; /** * AccountStateSearch represents the model behind the search form about `common\models\AccountState`. @@ -53,6 +54,12 @@ class AccountStateSearch extends AccountState { $query = AccountState::find(); + + if ( !RoleDefinition::isAdmin() ){ + $query->innerJoin("user_account_assignment",'account_state.id_account = user_account_assignment.id_account' ); + $query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]); + } + $dataProvider = new ActiveDataProvider([ 'query' => $query, 'sort' => false, diff --git a/backend/models/CollectionSearch.php b/backend/models/CollectionSearch.php index 8656fbe..a07a715 100644 --- a/backend/models/CollectionSearch.php +++ b/backend/models/CollectionSearch.php @@ -7,6 +7,7 @@ use yii\base\Model; use yii\data\ActiveDataProvider; use common\models\Collection; use common\components\Helper; +use common\components\RoleDefinition; /** * CollectionSearch represents the model behind the search form about `common\models\Collection`. @@ -31,7 +32,7 @@ class CollectionSearch extends Collection { return [ [[ 'start', ], 'date', 'format' =>Yii::$app->formatter->datetimeFormat , 'timestampAttribute' => 'timestampStart' ,'timestampAttributeFormat' => 'yyyy-MM-dd HH:mm' ,'timeZone' => 'UTC' ], - [[ 'end' , ], 'date' ,'format' =>Yii::$app->formatter->datetimeFormat , 'timestampAttribute' => 'timestampEnd' ,'timestampAttributeFormat' => 'yyyy-MM-dd HH:mm' ,'timeZone' => 'UTC' ], + [[ 'end' , ], 'date' ,'format' =>Yii::$app->formatter->datetimeFormat , 'timestampAttribute' => 'timestampEnd' ,'timestampAttributeFormat' => 'yyyy-MM-dd HH:mm' ,'timeZone' => 'UTC' ], [['id_account','id_user'],'integer'] ]; } @@ -56,6 +57,12 @@ class CollectionSearch extends Collection { $query = Collection::find(); + + if ( !RoleDefinition::isAdmin() ){ + $query->innerJoin("user_account_assignment",'collection.id_account = user_account_assignment.id_account' ); + $query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]); + } + $dataProvider = new ActiveDataProvider([ 'query' => $query, ]); @@ -69,8 +76,8 @@ class CollectionSearch extends Collection } $query->andFilterWhere([ - 'id_user' => $this->id_user, - 'id_account' => $this->id_account, + 'collection.id_user' => $this->id_user, + 'collection.id_account' => $this->id_account, ]); Helper::inInterval($query, 'collection.end', $this->timestampStart, $this->timestampEnd); diff --git a/backend/models/ProcurementSearch.php b/backend/models/ProcurementSearch.php index eac7970..6e6a42c 100644 --- a/backend/models/ProcurementSearch.php +++ b/backend/models/ProcurementSearch.php @@ -6,6 +6,7 @@ use Yii; use yii\base\Model; use yii\data\ActiveDataProvider; use common\models\Procurement; +use common\components\RoleDefinition; /** * ProcurementSearch represents the model behind the search form about `common\models\Procurement`. @@ -55,6 +56,10 @@ class ProcurementSearch extends Procurement 'query' => $query, ]); + if ( RoleDefinition::isReception()){ + $query->andWhere(['id_user' => Yii::$app->user->id ]); + } + $this->load($params); if (!$this->validate()) { diff --git a/backend/models/ProductSearch.php b/backend/models/ProductSearch.php index a74a216..44319eb 100644 --- a/backend/models/ProductSearch.php +++ b/backend/models/ProductSearch.php @@ -6,6 +6,7 @@ use Yii; use yii\base\Model; use yii\data\ActiveDataProvider; use common\models\Product; +use common\components\RoleDefinition; /** * ProductSearch represents the model behind the search form about `common\models\Product`. @@ -43,6 +44,11 @@ class ProductSearch extends Product { $query = Product::find(); + if ( !RoleDefinition::isAdmin() ){ + $query->innerJoin("user_account_assignment",'product.id_account = user_account_assignment.id_account' ); + $query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]); + } + $dataProvider = new ActiveDataProvider([ 'query' => $query, ]); @@ -56,9 +62,9 @@ class ProductSearch extends Product } $query->andFilterWhere([ - 'id_product_category' => $this->id_product_category, - 'id_account' => $this->id_account, - 'status' => $this->status, + 'product.id_product_category' => $this->id_product_category, + 'product.id_account' => $this->id_account, + 'product.status' => $this->status, ]); $query->andFilterWhere(['like', 'product_number', $this->product_number]) diff --git a/backend/models/TransferSearch.php b/backend/models/TransferSearch.php index f91ce60..c76bc00 100644 --- a/backend/models/TransferSearch.php +++ b/backend/models/TransferSearch.php @@ -12,6 +12,7 @@ use yii\db\Query; use yii\helpers\ArrayHelper; use common\models\Account; use common\components\Helper; +use common\components\RoleDefinition; /** * TransferSearch represents the model behind the search form about `common\models\Transfer`. @@ -67,6 +68,12 @@ class TransferSearch extends Transfer { $query = Transfer::find(); + + if ( !RoleDefinition::isAdmin() ){ + $query->innerJoin("user_account_assignment",'transfer.id_account = user_account_assignment.id_account' ); + $query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]); + } + $dataProvider = new ActiveDataProvider([ 'query' => $query, ]); @@ -105,7 +112,7 @@ class TransferSearch extends Transfer ]; - $accounts = Account::find()->orderBy("name asc")->all(); + $accounts = Account::read(); $accountMap = ArrayHelper::map( $accounts ,'id_account','name' ); $idUser = Yii::$app->user->id; diff --git a/backend/views/account/index.php b/backend/views/account/index.php index e6405a1..982ff19 100644 --- a/backend/views/account/index.php +++ b/backend/views/account/index.php @@ -2,6 +2,7 @@ use yii\helpers\Html; use yii\grid\GridView; +use common\components\RoleDefinition; /* @var $this yii\web\View */ /* @var $searchModel backend\models\AccountSearch */ @@ -15,9 +16,11 @@ $this->params['breadcrumbs'][] = $this->title;

title) ?>

render('_search', ['model' => $searchModel]); ?> +

'btn btn-success']) ?>

+ $dataProvider, @@ -35,7 +38,7 @@ $this->params['breadcrumbs'][] = $this->title; 'updated_at:datetime', ['class' => 'yii\grid\ActionColumn', - 'template' => '{view} {update}' + 'template' => RoleDefinition::getRoleTemplate( ['admin' => '{view} {update}','employee' => '{view}' , 'reception' => '{view}']), ], ], diff --git a/backend/views/account/view.php b/backend/views/account/view.php index 16a1f80..f277bd0 100644 --- a/backend/views/account/view.php +++ b/backend/views/account/view.php @@ -2,6 +2,7 @@ use yii\helpers\Html; use yii\widgets\DetailView; +use common\components\RoleDefinition; /* @var $this yii\web\View */ /* @var $model common\models\Account */ @@ -14,18 +15,11 @@ $this->params['breadcrumbs'][] = $this->title;

title) ?>

+

$model->id_account], ['class' => 'btn btn-primary']) ?> - $model->id_account], [ - 'class' => 'btn btn-danger', - 'data' => [ - 'confirm' => Yii::t('common/account', 'Are you sure you want to delete this item?'), - 'method' => 'post', - ], - ]) */ - ?>

+ $model, diff --git a/backend/views/discount/index.php b/backend/views/discount/index.php index ea37fc9..1307d05 100644 --- a/backend/views/discount/index.php +++ b/backend/views/discount/index.php @@ -2,6 +2,7 @@ use yii\helpers\Html; use yii\grid\GridView; +use common\components\RoleDefinition; /* @var $this yii\web\View */ /* @var $searchModel backend\models\DiscountSearch */ @@ -15,9 +16,11 @@ $this->params['breadcrumbs'][] = $this->title;

title) ?>

render('_search', ['model' => $searchModel]); ?> +

'btn btn-success']) ?>

+ $dataProvider, @@ -37,7 +40,7 @@ $this->params['breadcrumbs'][] = $this->title; [ 'class' => 'yii\grid\ActionColumn', - 'template' => '{view} {update}' + 'template' => RoleDefinition::getRoleTemplate( ['admin' => '{view} {update}','employee' => '{view}' , 'reception' => '{view}']), ], ], ]); ?> diff --git a/backend/views/discount/view.php b/backend/views/discount/view.php index 5ce89f3..f1df9b9 100644 --- a/backend/views/discount/view.php +++ b/backend/views/discount/view.php @@ -2,6 +2,7 @@ use yii\helpers\Html; use yii\widgets\DetailView; +use common\components\RoleDefinition; /* @var $this yii\web\View */ /* @var $model common\models\Discount */ @@ -14,18 +15,11 @@ $this->params['breadcrumbs'][] = $this->title;

title) ?>

-

- $model->id_discount], ['class' => 'btn btn-primary']) ?> - $model->id_discount], [ - 'class' => 'btn btn-danger', - 'data' => [ - 'confirm' => Yii::t('common/discount', 'Are you sure you want to delete this item?'), - 'method' => 'post', - ], - ])*/ - ?> -

+ +

+ $model->id_discount], ['class' => 'btn btn-primary']) ?> +

+ $model, diff --git a/backend/views/layouts/main.php b/backend/views/layouts/main.php index 0a2b5e6..24c6332 100644 --- a/backend/views/layouts/main.php +++ b/backend/views/layouts/main.php @@ -10,6 +10,7 @@ use yii\bootstrap\NavBar; use yii\widgets\Breadcrumbs; use common\widgets\Alert; use backend\components\AdminMenuStructure; +use kartik\widgets\AlertBlock; AppAsset::register($this); @@ -49,7 +50,14 @@ $items = $adminMenu->run(); isset($this->params['breadcrumbs']) ? $this->params['breadcrumbs'] : [], ]) ?> - + + true, + 'type' => AlertBlock::TYPE_GROWL, + 'delay' => '1' + ]); + ?> diff --git a/backend/views/procurement/_form.php b/backend/views/procurement/_form.php index b402e8a..3035e6a 100644 --- a/backend/views/procurement/_form.php +++ b/backend/views/procurement/_form.php @@ -31,6 +31,7 @@ $warehouseOptions = ArrayHelper::map($warehouses, 'id_warehouse', 'name') ;
isNewRecord ? Yii::t('common/procurement', 'Create') : Yii::t('common/procurement', 'Update'), ['class' => $model->isNewRecord ? 'btn btn-success' : 'btn btn-primary']) ?> + 'btn btn-primary' ,'name' => '_next']) ?>
diff --git a/backend/views/product/_search.php b/backend/views/product/_search.php index 0ce8aa3..5186a56 100644 --- a/backend/views/product/_search.php +++ b/backend/views/product/_search.php @@ -23,7 +23,7 @@ $statusOptions = mkOptions( Product::statuses() ); $productCategories = mkOptions( ArrayHelper::map( ProductCategory::read(null) ,'id_product_category','name') ); -$accounts = mkOptions( ArrayHelper::map( Account::readAccounts(null) ,'id_account','name')); +$accounts = mkOptions( ArrayHelper::map( Account::read(null) ,'id_account','name')); ?>
diff --git a/backend/views/ticket-type/index.php b/backend/views/ticket-type/index.php index 4db42f4..96abced 100644 --- a/backend/views/ticket-type/index.php +++ b/backend/views/ticket-type/index.php @@ -2,6 +2,7 @@ use yii\helpers\Html; use yii\grid\GridView; +use common\components\RoleDefinition; /* @var $this yii\web\View */ /* @var $searchModel backend\models\TicketTypeSearch */ @@ -13,11 +14,12 @@ $this->params['breadcrumbs'][] = $this->title;

title) ?>

- render('_search', ['model' => $searchModel]); ?> +

'btn btn-success']) ?>

+ $dataProvider, @@ -51,7 +53,7 @@ $this->params['breadcrumbs'][] = $this->title; [ 'class' => 'yii\grid\ActionColumn', - 'template' =>'{view} {update}' + 'template' => RoleDefinition::getRoleTemplate( ['admin' => '{view} {update}','employee' => '{view}' , 'reception' => '{view}']), ], ], diff --git a/backend/views/ticket-type/view.php b/backend/views/ticket-type/view.php index 3483836..edd246a 100644 --- a/backend/views/ticket-type/view.php +++ b/backend/views/ticket-type/view.php @@ -2,6 +2,7 @@ use yii\helpers\Html; use yii\widgets\DetailView; +use common\components\RoleDefinition; /* @var $this yii\web\View */ /* @var $model common\models\TicketType */ @@ -14,20 +15,11 @@ $this->params['breadcrumbs'][] = $this->title;

title) ?>

+

$model->id_ticket_type], ['class' => 'btn btn-primary']) ?> - $model->id_ticket_type], [ - 'class' => 'btn btn-danger', - 'data' => [ - 'confirm' => Yii::t('common/ticket_type', 'Are you sure you want to delete this item?'), - 'method' => 'post', - ], - ]) - */ - ?>

+ $model, diff --git a/backend/views/user/index.php b/backend/views/user/index.php index 792fa55..6ecfb7f 100644 --- a/backend/views/user/index.php +++ b/backend/views/user/index.php @@ -16,9 +16,12 @@ $this->params['breadcrumbs'][] = $this->title;

title) ?>

render('_search', ['model' => $searchModel]); ?> +

'btn btn-success']) ?>

+ + $dataProvider, @@ -39,7 +42,7 @@ $this->params['breadcrumbs'][] = $this->title; ] , ['class' => 'yii\grid\ActionColumn', - 'template' => '{view} {update}' + 'template' => RoleDefinition::getRoleTemplate([ 'admin' => '{view} {update}', 'employee' => '{view}' ] ) ], ], ]); ?> diff --git a/backend/views/user/update.php b/backend/views/user/update.php index 802d116..3508fd2 100644 --- a/backend/views/user/update.php +++ b/backend/views/user/update.php @@ -5,12 +5,10 @@ use yii\helpers\Html; /* @var $this yii\web\View */ /* @var $model common\models\User */ -$this->title = Yii::t('app', 'Update {modelClass}: ', [ - 'modelClass' => 'User', -]) . ' ' . $model->id; -$this->params['breadcrumbs'][] = ['label' => Yii::t('app', 'Users'), 'url' => ['index']]; -$this->params['breadcrumbs'][] = ['label' => $model->id, 'url' => ['view', 'id' => $model->id]]; -$this->params['breadcrumbs'][] = Yii::t('app', 'Update'); +$this->title = Yii::t('backend/user', 'Edit user' ); +$this->params['breadcrumbs'][] = ['label' => Yii::t('backend/user', 'Users'), 'url' => ['index']]; +$this->params['breadcrumbs'][] = ['label' => $model->username, 'url' => ['view', 'id' => $model->id]]; +$this->params['breadcrumbs'][] = Yii::t('backend/user', 'Update'); ?>
diff --git a/backend/views/user/view.php b/backend/views/user/view.php index 2b76d2b..0b13262 100644 --- a/backend/views/user/view.php +++ b/backend/views/user/view.php @@ -2,21 +2,24 @@ use yii\helpers\Html; use yii\widgets\DetailView; +use common\components\RoleDefinition; /* @var $this yii\web\View */ /* @var $model common\models\User */ -$this->title = $model->id; -$this->params['breadcrumbs'][] = ['label' => Yii::t('app', 'Felhasználók'), 'url' => ['index']]; +$this->title = $model->username; +$this->params['breadcrumbs'][] = ['label' => Yii::t('backend/user', 'Users'), 'url' => ['index']]; $this->params['breadcrumbs'][] = $this->title; ?>

title) ?>

+

- $model->id], ['class' => 'btn btn-primary']) ?> + $model->id], ['class' => 'btn btn-primary']) ?>

+ $model, diff --git a/common/components/AccountTotalWidget.php b/common/components/AccountTotalWidget.php index 93f9dbd..00d1ee7 100644 --- a/common/components/AccountTotalWidget.php +++ b/common/components/AccountTotalWidget.php @@ -5,8 +5,8 @@ use yii\base\Widget; class AccountTotalWidget extends Widget{ - public $totalHeading = 'Össesen'; - public $panelHeading = 'Össesen'; + public $totalHeading = 'Összesen'; + public $panelHeading = 'Összesen'; public $panelType = 'panel-info'; public $statistic = ['total' => 0, 'accounts' => [] ]; diff --git a/common/components/Helper.php b/common/components/Helper.php index 4255b7f..639f67d 100644 --- a/common/components/Helper.php +++ b/common/components/Helper.php @@ -45,6 +45,10 @@ class Helper ]; } + public static function flash($mode,$message){ + \Yii::$app->session->setFlash($mode, $message ); + } + } \ No newline at end of file diff --git a/common/components/RoleDefinition.php b/common/components/RoleDefinition.php index b208c46..0816437 100644 --- a/common/components/RoleDefinition.php +++ b/common/components/RoleDefinition.php @@ -60,6 +60,49 @@ class RoleDefinition{ return $result; } + public static function can($role){ + $result = false; + if ( !Yii::$app->user->isGuest ){ + if ( isset( $role)){ + if ( is_array($role)){ + foreach ($role as $r){ + $result |= Yii::$app->user->can($r); + } + }else if ( is_string($role)){ + $result = Yii::$app->user->can($role); + } + } + } + return $result; + } + public static function isAdmin(){ + return self::can('admin'); + } + + public static function isReception(){ + return self::can('reception'); + } + + public static function isEmployee(){ + return self::can('employee'); + } + + /* + * [ + * 'role1' => 'template1', + * 'role2' => 'template2, + * ] + * */ + public static function getRoleTemplate($templates){ + $result = ""; + foreach ($templates as $role => $template ){ + if ( Yii::$app->user->can($role)){ + $result = $template; + break; + } + } + return $result; + } } \ No newline at end of file diff --git a/common/models/Account.php b/common/models/Account.php index bfab0d5..e778f8c 100644 --- a/common/models/Account.php +++ b/common/models/Account.php @@ -131,6 +131,7 @@ class Account extends \yii\db\ActiveRecord public static function read($forceIncludeAccount = null){ $accounts = null; $query = Account::find(); + $query->innerJoinWith('userAccountAssignments'); $query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id]); if ( $forceIncludeAccount == null){ diff --git a/common/models/Collection.php b/common/models/Collection.php index 9372b54..4914f53 100644 --- a/common/models/Collection.php +++ b/common/models/Collection.php @@ -9,6 +9,7 @@ use yii\helpers\ArrayHelper; use yii\behaviors\TimestampBehavior; use yii\db\Query; use yii\db\Expression; +use common\components\RoleDefinition; /** * This is the model class for table "collection". @@ -115,6 +116,11 @@ public static function mkTotalQuery($mode = 'reception', $start,$end,$idUser,$ty $query = new Query(); + if ( !RoleDefinition::isAdmin() ){ + $query->innerJoin("user_account_assignment",'collection.id_account = user_account_assignment.id_account' ); + $query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]); + } + $query->addSelect( [ new Expression( ' collection.id_account as account'), new Expression( ' COALESCE(sum( collection.money ) ,0) as money /** collections total money */' ) @@ -126,8 +132,8 @@ public static function mkTotalQuery($mode = 'reception', $start,$end,$idUser,$ty 'id_account' => $idAccount, ]); - $query->andFilterWhere(['id_user' => $idUser]); - $query->andFilterWhere(['in' ,'type', $types]); + $query->andFilterWhere(['collection.id_user' => $idUser]); + $query->andFilterWhere(['in' ,'collection.type', $types]); self::inInterval($query, 'collection.end' , $start, $end); $query->groupBy('collection.id_account'); diff --git a/common/models/Transfer.php b/common/models/Transfer.php index 6373bfc..8d33d9c 100644 --- a/common/models/Transfer.php +++ b/common/models/Transfer.php @@ -12,6 +12,7 @@ use common\components\DiscountAwareBehavior; use common\components\CustomerAwareBehavior; use yii\db\Query; use yii\db\Expression; +use common\components\RoleDefinition; /** * This is the model class for table "transfer". @@ -488,18 +489,23 @@ class Transfer extends \common\models\BaseFitnessActiveRecord $query->addSelect( [ new Expression( 'transfer.id_account as account'), - new Expression( ' COALESCE(sum( ( case when direction = '.Transfer::DIRECTION_OUT.' then -1 else 1 end )* transfer.money ),0) as money /** '. $mode.'*/' ) + new Expression( ' COALESCE(sum( ( case when direction = '.Transfer::DIRECTION_OUT.' then -1 else 1 end )* transfer.money ),0) as money /** --'. $mode.'*/' ) ]); $query->from('transfer'); + if ( !RoleDefinition::isAdmin() ){ + $query->innerJoin("user_account_assignment", 'transfer.id_account = user_account_assignment.id_account' ); + $query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]); + } + $query->andFilterWhere([ - 'id_account' => $idAccount, + 'transfer.id_account' => $idAccount, ]); - $query->andFilterWhere(['id_user' => $idUser]); + $query->andFilterWhere(['transfer.id_user' => $idUser]); - $query->andFilterWhere(['in' ,'type', $types]); + $query->andFilterWhere(['in' ,'transfer.type', $types]); if ( $mode == 'created_at'){ diff --git a/common/models/User.php b/common/models/User.php index d255786..7da2036 100644 --- a/common/models/User.php +++ b/common/models/User.php @@ -214,6 +214,7 @@ class User extends ActiveRecord implements IdentityInterface 'email' => Yii::t('backend/user', 'E-Mail'), 'created_at' => Yii::t('backend/user', 'Created at'), 'role' => Yii::t('backend/user', 'Role'), + 'statusHuman' => Yii::t('backend/user', 'Status'), ]; } @@ -239,15 +240,20 @@ class User extends ActiveRecord implements IdentityInterface * $param int $forceIncludeAccount id warehouse, that should be included in list, even if it is inactive * */ public static function read($forceIncludeObjectWithId = null){ - $warehouses = null; - + $users = null; + $query = User::find(); + + if ( RoleDefinition::isReception()){ + $query->andWhere(['id' => Yii::$app->user->id ]); + } + if ( $forceIncludeObjectWithId == null){ - $warehouses = User::find()->andWhere(['status' => User::STATUS_ACTIVE])->all(); + $users = $query->andWhere(['status' => User::STATUS_ACTIVE])->all(); }else{ - $warehouses = User::find()->andWhere( ['or', ['status' => User::STATUS_ACTIVE], ['id' => $forceIncludeObjectWithId ] ])->all(); + $users = $query->andWhere( ['or', ['status' => User::STATUS_ACTIVE], ['id' => $forceIncludeObjectWithId ] ])->all(); } - return $warehouses; + return $users; } } diff --git a/common/models/UserSoldItem.php b/common/models/UserSoldItem.php index b74dbe2..63653a4 100644 --- a/common/models/UserSoldItem.php +++ b/common/models/UserSoldItem.php @@ -70,7 +70,7 @@ class UserSoldItem extends \yii\db\ActiveRecord new Expression( ' COALESCE(sum( transfer.money ) ,0) as money /** total unpaid reception cart */' ) ]); - $query->innerJoin('transfer',['user_sold_item.id_transfer' =>'transfer.id_transfer']); + $query->innerJoin('transfer','user_sold_item.id_transfer = transfer.id_transfer'); $query->from('user_sold_item'); diff --git a/console/migrations/m151105_114421_add__role__employee.php b/console/migrations/m151105_114421_add__role__employee.php new file mode 100644 index 0000000..a37fef8 --- /dev/null +++ b/console/migrations/m151105_114421_add__role__employee.php @@ -0,0 +1,31 @@ +authManager->createRole('employee'); + Yii::$app->authManager->add($role); + } + + public function down() + { + echo "m151105_114421_add__role__employee cannot be reverted.\n"; + + return false; + } + + /* + // Use safeUp/safeDown to run migration code within a transaction + public function safeUp() + { + } + + public function safeDown() + { + } + */ +} diff --git a/console/migrations/m151105_151357_add__role__reception.php b/console/migrations/m151105_151357_add__role__reception.php new file mode 100644 index 0000000..56c57fa --- /dev/null +++ b/console/migrations/m151105_151357_add__role__reception.php @@ -0,0 +1,31 @@ +authManager->createRole('reception'); + Yii::$app->authManager->add($role); + } + + public function down() + { + echo "m151105_151357_add__role__reception cannot be reverted.\n"; + + return false; + } + + /* + // Use safeUp/safeDown to run migration code within a transaction + public function safeUp() + { + } + + public function safeDown() + { + } + */ +} diff --git a/frontend/controllers/ProductController.php b/frontend/controllers/ProductController.php index 19942ea..abb7a33 100644 --- a/frontend/controllers/ProductController.php +++ b/frontend/controllers/ProductController.php @@ -73,7 +73,7 @@ class ProductController extends Controller $currencies = Currency::find()->all(); - $accounts = Account::readAccounts(); + $accounts = Account::read(); $discounts = Discount::read();