add role checking to controllers

backend/models/ProductSearch.php

@@ -6,6 +6,7 @@ use Yii;
 use yii\base\Model;
 use yii\data\ActiveDataProvider;
 use common\models\Product;
+use common\components\RoleDefinition;
 
 /**
  * ProductSearch represents the model behind the search form about `common\models\Product`.
@@ -43,6 +44,11 @@ class ProductSearch extends Product
     {
         $query = Product::find();
 
+        if ( !RoleDefinition::isAdmin() ){
+        	$query->innerJoin("user_account_assignment",'product.id_account = user_account_assignment.id_account' );
+        	$query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]);
+        }
+        
         $dataProvider = new ActiveDataProvider([
             'query' => $query,
         ]);
@@ -56,9 +62,9 @@ class ProductSearch extends Product
         }
 
         $query->andFilterWhere([
-            'id_product_category' => $this->id_product_category,
-            'id_account' => $this->id_account,
-            'status' => $this->status,
+            'product.id_product_category' => $this->id_product_category,
+            'product.id_account' => $this->id_account,
+            'product.status' => $this->status,
         ]);
 
         $query->andFilterWhere(['like', 'product_number', $this->product_number])