/**
* Specifies the access control rules.
* This method is used by the 'accessControl' filter.
* @return array access control rules
*/
public function accessRules()
{
return array(
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('clearpcstoreviewsession'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('index', 'detail', 'getlistbysearchquery', 'getpcinfo', 'addpcsitemstosession',
'printdocument', 'setdocidtoprintdocument', 'senddocumentbyemail'),
'expression'=>function() {
$users = array('admin', 'user', 'approver', 'processor', 'db_admin', 'client_admin');
$clientID = isset(Yii::app()->user->clientID) ? Yii::app()->user->clientID : 0;
$companyServiceLevel = ClientServiceSettings::getClientServiceSettings($clientID);
$tier_settings = isset(Yii::app()->user->tier_settings) ? Yii::app()->user->tier_settings : null ;//array of aggregated settings for current user
if (isset(Yii::app()->user->id)
&& in_array(Yii::app()->user->id, $users)
&& $companyServiceLevel
&& isset($tier_settings['pc'])
&& $companyServiceLevel->Active_To >= date('Y-m-d')) {
return true;
}
return false;
},
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
