diff --git a/backend/components/AdminMenuStructure.php b/backend/components/AdminMenuStructure.php index 88d4379..d0bcf7f 100644 --- a/backend/components/AdminMenuStructure.php +++ b/backend/components/AdminMenuStructure.php @@ -29,43 +29,42 @@ class AdminMenuStructure{ $userMainMenu = null; $items = []; - - //$today = \Yii::$app->formatter->asDate( time() ); - $today = \Yii::$app->formatter->asDate( strtotime('today UTC') ); - $tomorrow = \Yii::$app->formatter->asDate( ( 60 *60 *24 + time())); - -// if ( $this->can('backend.user.index')){ - $items[] = ['label' => 'Felhasználók', 'url' =>['/user/index']]; -// } - - $items[] = ['label' => 'Raktárak', 'url' =>['/warehouse/index']]; - $items[] = ['label' => 'Kasszák', 'url' =>['/account/index']]; - $items[] = ['label' => 'Kedvezmények', 'url' => ['/discount/index'] ]; - $items[] = ['label' => 'Termék kategóriák', 'url' => ['/product-category/index'] ]; - $items[] = ['label' => 'Bérlet típusok', 'url' => ['/ticket-type/index'] ]; - $items[] = ['label' => 'Termékek', 'url' => ['/product/index'] ]; - $items[] = ['label' => 'Beszerzések', 'url' => ['/procurement/index'] ]; - $items[] = ['label' => 'Vendégek', 'url' => ['/customer/index'] ]; - $items[] = ['label' => 'Bérletkártyák', 'url' => ['/card/index'] ]; - $items[] = ['label' => 'Pénznem', 'url' => ['/currency/index'] ]; + if (!Yii::$app->user->isGuest) { - - - $items[] = ['label' => 'Tranzakciók', 'url' => ['/transfer/index' , 'TransferSearch[start]' =>$today,'TransferSearch[end]' => $tomorrow ] ]; - $items[] = ['label' => 'Kassza müveletek', 'url' => ['/account-state/index'] ]; - - if ( count($items) > 0 ){ - $userMainMenu = ['label' => 'Beállítások', 'url' => null, - 'items' => $items - ]; + //$today = \Yii::$app->formatter->asDate( time() ); + $today = \Yii::$app->formatter->asDate( strtotime('today UTC') ); + $tomorrow = \Yii::$app->formatter->asDate( ( 60 *60 *24 + time())); + + // if ( $this->can('backend.user.index')){ + $items[] = ['label' => 'Felhasználók', 'url' =>['/user/index']]; + // } + + $items[] = ['label' => 'Raktárak', 'url' =>['/warehouse/index']]; + $items[] = ['label' => 'Kasszák', 'url' =>['/account/index']]; + $items[] = ['label' => 'Kedvezmények', 'url' => ['/discount/index'] ]; + $items[] = ['label' => 'Termék kategóriák', 'url' => ['/product-category/index'] ]; + $items[] = ['label' => 'Bérlet típusok', 'url' => ['/ticket-type/index'] ]; + $items[] = ['label' => 'Termékek', 'url' => ['/product/index'] ]; + $items[] = ['label' => 'Beszerzések', 'url' => ['/procurement/index'] ]; + $items[] = ['label' => 'Vendégek', 'url' => ['/customer/index'] ]; + $items[] = ['label' => 'Bérletkártyák', 'url' => ['/card/index'] ]; + $items[] = ['label' => 'Pénznem', 'url' => ['/currency/index'] ]; + + $items[] = ['label' => 'Tranzakciók', 'url' => ['/transfer/index' , 'TransferSearch[start]' =>$today,'TransferSearch[end]' => $tomorrow ] ]; + $items[] = ['label' => 'Kassza müveletek', 'url' => ['/account-state/index'] ]; + + if ( count($items) > 0 ){ + $userMainMenu = ['label' => 'Beállítások', 'url' => null, + 'items' => $items + ]; + } + + if ( isset($userMainMenu)){ + $this->menuItems[] = $userMainMenu; + } } - if ( isset($userMainMenu)){ - $this->menuItems[] = $userMainMenu; - } - - } diff --git a/backend/controllers/AccountController.php b/backend/controllers/AccountController.php index 3a9d660..6140193 100644 --- a/backend/controllers/AccountController.php +++ b/backend/controllers/AccountController.php @@ -12,31 +12,8 @@ use yii\filters\VerbFilter; /** * AccountController implements the CRUD actions for Account model. */ -class AccountController extends Controller +class AccountController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - 'access' => [ - 'class' => \yii\filters\AccessControl::className(), - 'only' => [ 'index','view','create','update'], - 'rules' => [ - // allow authenticated users - [ - 'allow' => true, - 'roles' => ['@'], - ], - // everything else is denied - ], - ], - ]; - } /** * Lists all Account models. @@ -102,18 +79,6 @@ class AccountController extends Controller } } - /** - * Deletes an existing Account model. - * If deletion is successful, the browser will be redirected to the 'index' page. - * @param integer $id - * @return mixed - */ -// public function actionDelete($id) -// { -// $this->findModel($id)->delete(); - -// return $this->redirect(['index']); -// } /** * Finds the Account model based on its primary key value. diff --git a/backend/controllers/AccountStateController.php b/backend/controllers/AccountStateController.php index df77cd8..2fcad74 100644 --- a/backend/controllers/AccountStateController.php +++ b/backend/controllers/AccountStateController.php @@ -14,19 +14,8 @@ use common\models\User; /** * AccountStateController implements the CRUD actions for AccountState model. */ -class AccountStateController extends Controller +class AccountStateController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - ]; - } /** * Lists all AccountState models. @@ -104,13 +93,13 @@ class AccountStateController extends Controller * If deletion is successful, the browser will be redirected to the 'index' page. * @param integer $id * @return mixed - */ public function actionDelete($id) { $this->findModel($id)->delete(); return $this->redirect(['index']); } + */ /** * Finds the AccountState model based on its primary key value. diff --git a/backend/controllers/BackendController.php b/backend/controllers/BackendController.php new file mode 100644 index 0000000..0cb1a83 --- /dev/null +++ b/backend/controllers/BackendController.php @@ -0,0 +1,40 @@ + [ + 'class' => \yii\filters\AccessControl::className(), + 'rules' => [ + // allow authenticated users + [ + 'actions' => ['create','index','view','update'], + 'allow' => true, + 'roles' => ['@'], + ], + // everything else is denied + ], + ], + ]; + } + + +} diff --git a/backend/controllers/CardController.php b/backend/controllers/CardController.php index eb5777d..5b537a8 100644 --- a/backend/controllers/CardController.php +++ b/backend/controllers/CardController.php @@ -16,19 +16,26 @@ use yii\helpers\Json; /** * CardController implements the CRUD actions for Card model. */ -class CardController extends Controller +class CardController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - ]; - } + + public function behaviors() + { + return [ + 'access' => [ + 'class' => \yii\filters\AccessControl::className(), + 'rules' => [ + // allow authenticated users + [ + 'actions' => ['create','index','view','update','list'], + 'allow' => true, + 'roles' => ['@'], + ], + // everything else is denied + ], + ], + ]; + } /** * Lists all Card models. diff --git a/backend/controllers/CityController.php b/backend/controllers/CityController.php index 4a22b53..4437598 100644 --- a/backend/controllers/CityController.php +++ b/backend/controllers/CityController.php @@ -15,19 +15,26 @@ use yii\helpers\Json; /** * CityController implements the CRUD actions for City model. */ -class CityController extends Controller +class CityController extends \backend\controllers\BackendController { - public function behaviors() + public function behaviors() { return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], + 'access' => [ + 'class' => \yii\filters\AccessControl::className(), + 'rules' => [ + // allow authenticated users + [ + 'actions' => [ 'create','index','view','update','name-list','zip-list'], + 'allow' => true, + 'roles' => ['@'], + ], + // everything else is denied + ], + ], ]; } + /** * Lists all City models. diff --git a/backend/controllers/CurrencyController.php b/backend/controllers/CurrencyController.php index 6f77f3a..f21e26f 100644 --- a/backend/controllers/CurrencyController.php +++ b/backend/controllers/CurrencyController.php @@ -12,19 +12,8 @@ use yii\filters\VerbFilter; /** * CurrencyController implements the CRUD actions for Currency model. */ -class CurrencyController extends Controller +class CurrencyController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - ]; - } /** * Lists all Currency models. diff --git a/backend/controllers/CustomerController.php b/backend/controllers/CustomerController.php index e6e23e5..c18a626 100644 --- a/backend/controllers/CustomerController.php +++ b/backend/controllers/CustomerController.php @@ -15,19 +15,8 @@ use backend\models\CustomerUpdate; /** * CustomerController implements the CRUD actions for Customer model. */ -class CustomerController extends Controller +class CustomerController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - ]; - } /** * Lists all Customer models. @@ -105,7 +94,6 @@ class CustomerController extends Controller * If deletion is successful, the browser will be redirected to the 'index' page. * @param integer $id * @return mixed - */ public function actionDelete($id) { $this->findModel($id)->delete(); @@ -113,6 +101,7 @@ class CustomerController extends Controller return $this->redirect(['index']); } + */ /** * Finds the Customer model based on its primary key value. * If the model is not found, a 404 HTTP exception will be thrown. diff --git a/backend/controllers/DiscountController.php b/backend/controllers/DiscountController.php index da298d8..5da9ce1 100644 --- a/backend/controllers/DiscountController.php +++ b/backend/controllers/DiscountController.php @@ -12,31 +12,8 @@ use yii\filters\VerbFilter; /** * DiscountController implements the CRUD actions for Discount model. */ -class DiscountController extends Controller +class DiscountController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - 'access' => [ - 'class' => \yii\filters\AccessControl::className(), - 'only' => [ 'index','view','create','update'], - 'rules' => [ - // allow authenticated users - [ - 'allow' => true, - 'roles' => ['@'], - ], - // everything else is denied - ], - ], - ]; - } /** * Lists all Discount models. diff --git a/backend/controllers/ProcurementController.php b/backend/controllers/ProcurementController.php index e73b687..6cab09f 100644 --- a/backend/controllers/ProcurementController.php +++ b/backend/controllers/ProcurementController.php @@ -15,32 +15,29 @@ use common\models\User; /** * ProcurementController implements the CRUD actions for Procurement model. */ -class ProcurementController extends Controller +class ProcurementController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - 'access' => [ - 'class' => \yii\filters\AccessControl::className(), - 'only' => [ 'index','view','create','update'], - 'rules' => [ - // allow authenticated users - [ - 'allow' => true, - 'roles' => ['@'], - ], - // everything else is denied - ], - ], - ]; - } + + public function behaviors() + { + return [ + 'access' => [ + 'class' => \yii\filters\AccessControl::className(), + 'rules' => [ + // allow authenticated users + [ + 'actions' => ['create','index','view', 'create-product'], + 'allow' => true, + 'roles' => ['@'], + ], + // everything else is denied + ], + ], + ]; + } + + /** * Lists all Procurement models. * @return mixed diff --git a/backend/controllers/ProductCategoryController.php b/backend/controllers/ProductCategoryController.php index bde97af..5ed8385 100644 --- a/backend/controllers/ProductCategoryController.php +++ b/backend/controllers/ProductCategoryController.php @@ -12,32 +12,8 @@ use yii\filters\VerbFilter; /** * ProductCategoryController implements the CRUD actions for ProductCategory model. */ -class ProductCategoryController extends Controller +class ProductCategoryController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - 'access' => [ - 'class' => \yii\filters\AccessControl::className(), - 'only' => [ 'index','view','create','update'], - 'rules' => [ - // allow authenticated users - [ - 'allow' => true, - 'roles' => ['@'], - ], - // everything else is denied - ], - ], - - ]; - } /** * Lists all ProductCategory models. diff --git a/backend/controllers/ProductController.php b/backend/controllers/ProductController.php index 736c907..d2e742d 100644 --- a/backend/controllers/ProductController.php +++ b/backend/controllers/ProductController.php @@ -14,31 +14,8 @@ use common\models\ProductCategory; /** * ProductController implements the CRUD actions for Product model. */ -class ProductController extends Controller +class ProductController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - 'access' => [ - 'class' => \yii\filters\AccessControl::className(), - 'only' => [ 'index','view','create','update'], - 'rules' => [ - // allow authenticated users - [ - 'allow' => true, - 'roles' => ['@'], - ], - // everything else is denied - ], - ], - ]; - } /** diff --git a/backend/controllers/TicketController.php b/backend/controllers/TicketController.php index 39b2f67..9c80307 100644 --- a/backend/controllers/TicketController.php +++ b/backend/controllers/TicketController.php @@ -15,19 +15,8 @@ use common\models\Account; /** * TicketController implements the CRUD actions for Ticket model. */ -class TicketController extends Controller +class TicketController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - ]; - } /** * Lists all Ticket models. diff --git a/backend/controllers/TicketTypeController.php b/backend/controllers/TicketTypeController.php index 01009c3..d3f1c51 100644 --- a/backend/controllers/TicketTypeController.php +++ b/backend/controllers/TicketTypeController.php @@ -13,31 +13,8 @@ use common\models\Account; /** * TicketTypeController implements the CRUD actions for TicketType model. */ -class TicketTypeController extends Controller +class TicketTypeController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - 'access' => [ - 'class' => \yii\filters\AccessControl::className(), - 'only' => [ 'index','view','create','update'], - 'rules' => [ - // allow authenticated users - [ - 'allow' => true, - 'roles' => ['@'], - ], - // everything else is denied - ], - ], - ]; - } /** * Lists all TicketType models. diff --git a/backend/controllers/TransferController.php b/backend/controllers/TransferController.php index 682f990..4d02a83 100644 --- a/backend/controllers/TransferController.php +++ b/backend/controllers/TransferController.php @@ -14,19 +14,26 @@ use common\models\User; /** * TransferController implements the CRUD actions for Transfer model. */ -class TransferController extends Controller +class TransferController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - ]; - } + public function behaviors() + { + return [ + 'access' => [ + 'class' => \yii\filters\AccessControl::className(), + 'rules' => [ + // allow authenticated users + [ + 'actions' => [ 'index','view' ], + 'allow' => true, + 'roles' => ['@'], + ], + // everything else is denied + ], + ], + ]; + } + /** * Lists all Transfer models. @@ -71,7 +78,6 @@ class TransferController extends Controller * If update is successful, the browser will be redirected to the 'view' page. * @param integer $id * @return mixed - */ public function actionUpdate($id) { $model = $this->findModel($id); @@ -85,6 +91,7 @@ class TransferController extends Controller } } + */ /** * Finds the Transfer model based on its primary key value. diff --git a/backend/controllers/UserController.php b/backend/controllers/UserController.php index 19aa76e..93759f4 100644 --- a/backend/controllers/UserController.php +++ b/backend/controllers/UserController.php @@ -17,32 +17,9 @@ use common\models\UserAccountAssignment; /** * UserController implements the CRUD actions for User model. */ -class UserController extends Controller +class UserController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - 'access' => [ - 'class' => \yii\filters\AccessControl::className(), - 'only' => [ 'index', 'create','update','view'], - 'rules' => [ - // allow authenticated users - [ - 'allow' => true, - 'roles' => ['@'], - ], - // everything else is denied - ], - ], - ]; - } /** * Lists all User models. diff --git a/backend/controllers/WarehouseController.php b/backend/controllers/WarehouseController.php index fe34b2d..b0a1cc6 100644 --- a/backend/controllers/WarehouseController.php +++ b/backend/controllers/WarehouseController.php @@ -13,31 +13,8 @@ use yii\base\Object; /** * WarehouseController implements the CRUD actions for Warehouse model. */ -class WarehouseController extends Controller +class WarehouseController extends \backend\controllers\BackendController { - public function behaviors() - { - return [ - 'verbs' => [ - 'class' => VerbFilter::className(), - 'actions' => [ - 'delete' => ['post'], - ], - ], - 'access' => [ - 'class' => \yii\filters\AccessControl::className(), - 'only' => [ 'create','update','view','index'], - 'rules' => [ - // allow authenticated users - [ - 'allow' => true, - 'roles' => ['@'], - ], - // everything else is denied - ], - ], - ]; - } /** * Lists all Warehouse models.