static function findUserRole($userId = NULL)
{
if (empty($userId)) {
$userId = \Yii::$app->user->getId();
}
$userRoleData = \vendor\codefire\cfusermgmt\models\AuthAssignment::find()->where(["user_id" => $userId])->one();
return !empty($userRoleData) ? $userRoleData->item_name : NULL;
}
<?php
return ['layoutPath' => dirname(__DIR__) . '/views/layouts/', 'components' => ['user' => ['identityClass' => 'vendor\\codefire\\cfusermgmt\\models\\User', 'enableAutoLogin' => true], 'authManager' => ['class' => 'yii\\rbac\\DbManager', 'defaultRoles' => [DEFAULT_ROLE_NAME]], 'custom' => ['class' => 'vendor\\codefire\\cfusermgmt\\components\\Custom']], 'params' => ['home_base_path' => __DIR__ . '/../../../../'], 'modules' => ['usermgmt' => ['class' => 'vendor\\codefire\\cfusermgmt\\Module']], 'aliases' => ['@cfusermgmt' => '@app/../vendor/codefire/cfusermgmt', '@cfusermgmtView' => '@vendor/codefire/cfusermgmt/views', "@cfusermgmtWeb" => "vendor/codefire/cfusermgmt/web", '@SITE_URL' => "Your Site url Goes Here"], 'on beforeAction' => function ($event) {
vendor\codefire\cfusermgmt\models\UserActivity::actionSave($event);
$permission = \vendor\codefire\cfusermgmt\models\User::CheckPermission($event);
if (Yii::$app->user->isGuest && !$permission) {
Yii::$app->session->setFlash("danger", FLASH_1041, true);
Yii::$app->session->set("currentUrl", yii\helpers\Url::current());
header("location:" . yii\helpers\Url::home(true) . 'usermgmt/user/login');
exit;
//return Yii::$app->controller->redirect(['/usermgmt/user/login']);
} elseif (!$permission) {
return Yii::$app->controller->redirect(['/usermgmt/user/permission-denied']);
}
$userRoleData = \vendor\codefire\cfusermgmt\models\AuthAssignment::find()->where(['user_id' => Yii::$app->user->getId()])->one();
if (in_array(Yii::$app->controller->module->id, array('usermgmt', 'content'))) {
$setLayout =& Yii::$app->controller->module->module;
} else {
$setLayout =& Yii::$app->controller->module;
}
if (!empty($userRoleData)) {
$userRoleName = $userRoleData->item_name;
if (in_array($userRoleName, array(ADMIN_ROLE_ALIAS, SUPERADMIN_ROLE_ALIAS))) {
$setLayout->layout = ADMIN_LAYOUT;
} else {
$setLayout->layout = DEFAULT_LAYOUT;
}
} else {
$setLayout->layout = DEFAULT_LAYOUT;
}
}];
public static function CheckPermission($event)
{
$method = $event->action->actionMethod;
$methodName = substr($method, 6);
$objectName = $event->action->controller->id;
$class = explode('\\', $objectName);
$module = $event->action->controller->module->id;
$modulePos = explode('app-', $module);
if (!empty($modulePos[0])) {
$dbAction = $modulePos[0] . ':' . $objectName . ':' . $methodName;
} else {
$dbAction = $modulePos[1] . ':' . $objectName . ':' . $methodName;
}
$status = false;
$user = AuthAssignment::find()->onCondition(['user_id' => Yii::$app->user->getId()])->andWhere(['IN', 'item_name', [SUPERADMIN_ROLE_ALIAS, ADMIN_ROLE_ALIAS, ADMIN_ROLE_NAME]])->one();
// Here Yii did not get the user id for guest user....so that we need to fetch actions from database allowed to perform by guest and need to check for that array
$guestAllowedOnly = AuthItemChild::find()->where(['parent' => GUEST_ROLE_ALIAS])->asArray()->all();
$guestAllowedArr = [];
foreach ($guestAllowedOnly as $guestAllowed) {
$guestAllowedArr[] = $guestAllowed['child'];
}
if (!in_array('usermgmt:user:Login', $guestAllowedArr)) {
$guestAllowedArr[] = 'usermgmt:user:Login';
}
if (!empty($user) && in_array($user->item_name, array(SUPERADMIN_ROLE_ALIAS, ADMIN_ROLE_ALIAS, ADMIN_ROLE_NAME)) && (!CHECK_PERMISSIONS_FOR_ADMIN || Yii::$app->user->can($dbAction))) {
$status = true;
} elseif (!USE_PERMISSIONS_FOR_USERS || in_array($dbAction, $guestAllowedArr) || Yii::$app->user->can($dbAction)) {
$status = true;
}
return $status;
}
