rschneider/fitness-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add role checking to controllers

Browse Source
This commit is contained in:
rocho
2015-11-05 17:24:09 +01:00
parent 43d5598f23
commit cc83ccf761
39 changed files with 362 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
backend/models/TransferSearch.php
View File

@@ -12,6 +12,7 @@ use yii\db\Query;
use yii\helpers\ArrayHelper;
use common\models\Account;
use common\components\Helper;
use common\components\RoleDefinition;
/**
* TransferSearch represents the model behind the search form about `common\models\Transfer`.
@@ -67,6 +68,12 @@ class TransferSearch extends Transfer
{
$query = Transfer::find();
if ( !RoleDefinition::isAdmin() ){
$query->innerJoin("user_account_assignment",'transfer.id_account = user_account_assignment.id_account' );
$query->andWhere(['user_account_assignment.id_user' => Yii::$app->user->id ]);
}
$dataProvider = new ActiveDataProvider([
'query' => $query,
]);
@@ -105,7 +112,7 @@ class TransferSearch extends Transfer
];
$accounts = Account::find()->orderBy("name asc")->all();
$accounts = Account::read();
$accountMap = ArrayHelper::map( $accounts ,'id_account','name' );
$idUser = Yii::$app->user->id;