/**
* @param int $id - User ID
*
* @return \yii\web\Response
*/
public function actionSetRoles($id)
{
if (!Yii::$app->user->isSuperadmin and Yii::$app->user->id == $id) {
Yii::$app->session->setFlash('error', UserManagementModule::t('back', 'You can not change own permissions'));
return $this->redirect(['set', 'id' => $id]);
}
$oldAssignments = array_keys(Role::getUserRoles($id));
// To be sure that user didn't attempt to assign himself some unavailable roles
$newAssignments = array_intersect(Role::getAvailableRoles(Yii::$app->user->isSuperAdmin, true), Yii::$app->request->post('roles', []));
$toAssign = array_diff($newAssignments, $oldAssignments);
$toRevoke = array_diff($oldAssignments, $newAssignments);
foreach ($toRevoke as $role) {
User::revokeRole($id, $role);
}
foreach ($toAssign as $role) {
User::assignRole($id, $role);
}
Yii::$app->session->setFlash('success', UserManagementModule::t('back', 'Saved'));
return $this->redirect(['set', 'id' => $id]);
}
/**
* Registration logic
*
* @return string
*/
public function actionRegistration()
{
if (!Yii::$app->user->isGuest) {
return $this->goHome();
}
$model = new $this->module->registrationFormClass();
if (Yii::$app->request->isAjax and $model->load(Yii::$app->request->post())) {
Yii::$app->response->format = Response::FORMAT_JSON;
// Ajax validation breaks captcha. See https://github.com/yiisoft/yii2/issues/6115
// Thanks to TomskDiver
$validateAttributes = $model->attributes;
unset($validateAttributes['captcha']);
return ActiveForm::validate($model, $validateAttributes);
}
if ($model->load(Yii::$app->request->post()) and $model->validate()) {
// Trigger event "before registration" and checks if it's valid
if ($this->triggerModuleEvent(UserAuthEvent::BEFORE_REGISTRATION, ['model' => $model])) {
$user = $model->registerUser(false);
// Trigger event "after registration" and checks if it's valid
if ($this->triggerModuleEvent(UserAuthEvent::AFTER_REGISTRATION, ['model' => $model, 'user' => $user])) {
if ($user) {
if (Yii::$app->getModule('user-management')->useEmailAsLogin and Yii::$app->getModule('user-management')->emailConfirmationRequired) {
return $this->renderIsAjax('registrationWaitForEmailConfirmation', compact('user'));
} else {
$roles = (array) $this->module->rolesAfterRegistration;
foreach ($roles as $role) {
User::assignRole($user->id, $role);
}
Yii::$app->user->login($user);
return $this->redirect(Yii::$app->user->returnUrl);
}
}
}
}
}
return $this->renderIsAjax('registration', compact('model'));
}
/**
* Check received confirmation token and if user found - activate it, set username, roles and log him in
*
* @param string $token
*
* @return bool|User
*/
public function checkConfirmationToken($token)
{
$user = User::findInactiveByConfirmationToken($token);
if ($user) {
$user->username = $user->email;
$user->status = User::STATUS_ACTIVE;
$user->email_confirmed = 1;
$user->removeConfirmationToken();
$user->save(false);
$roles = (array) Yii::$app->getModule(\Yii::$app->user->moduleAliasName)->rolesAfterRegistration;
foreach ($roles as $role) {
User::assignRole($user->id, $role);
}
Yii::$app->user->login($user);
return $user;
}
return false;
}
protected function changeRoleAction($model)
{
if (!($user = User::findOne(['username' => $model->profile_id]))) {
return;
}
switch ($model->role) {
case 'admin':
User::assignRole($user->id, 'unicredQuestionListSystemAdmin');
User::revokeRole($user->id, 'unicredQuestionListSystemCommercialDirector');
User::revokeRole($user->id, 'unicredQuestionListSystemManager');
break;
case 'manager':
User::assignRole($user->id, 'unicredQuestionListSystemManager');
User::revokeRole($user->id, 'unicredQuestionListSystemCommercialDirector');
User::revokeRole($user->id, 'unicredQuestionListSystemAdmin');
break;
case 'empl':
User::assignRole($user->id, 'unicredQuestionListSystemManager');
User::revokeRole($user->id, 'unicredQuestionListSystemCommercialDirector');
User::revokeRole($user->id, 'unicredQuestionListSystemAdmin');
break;
case 'comdir':
User::assignRole($user->id, 'unicredQuestionListSystemCommercialDirector');
User::revokeRole($user->id, 'unicredQuestionListSystemManager');
User::revokeRole($user->id, 'unicredQuestionListSystemAdmin');
break;
}
}
