/**
* @inheritdoc
*/
public function allows($action, $user, $request)
{
$return = parent::allows($action, $user, $request);
if ($return === true) {
//получаем координаты текущего экшэна
$actionId = $action->id;
$controllerId = $action->controller->id;
$moduleId = $action->controller->module !== null ? $action->controller->module->id : null;
//получаем все права, которые нужно проверить для данного экшэна
$toTest = ['*/*/*'];
if ($moduleId) {
$toTest[] = "{$moduleId}/*/*";
$toTest[] = "{$moduleId}/{$controllerId}/*";
$toTest[] = "{$moduleId}/{$controllerId}/{$actionId}";
} else {
$toTest[] = "{$controllerId}/*";
$toTest[] = "{$controllerId}/{$actionId}";
}
//проверяем все права
$passed = false;
foreach ($toTest as $rule) {
if (!\Yii::$app->user->can($rule)) {
continue;
}
$passed = true;
break;
}
return $passed;
} else {
return $return;
}
}
/**
* @see http://www.yiiframework.com/doc-2.0/yii-filters-accessrule.html#allows()-detail
*
* Extends allows method with user role check
*/
public function allows($action, $user, $request)
{
if (parent::allows($action, $user, $request) !== null && $this->matchUserRoles($user)) {
return $this->allow ? true : false;
}
return null;
}
public function allows($action, $user, $request)
{
if ($this->matchActionAccess($action, $user, $request)) {
return parent::allows($action, $user, $request);
}
return null;
}
/**
* @inheritdoc
*/
protected function matchRole($user)
{
if (System::loadConfig('enable_memmber_login')) {
return parent::matchRole($user);
} else {
Yii::$app->user->logout();
Yii::$app->getResponse()->redirect('/site/login');
}
}
public function allows($action, $user, $request)
{
$parentRes = parent::allows($action, $user, $request);
// $parentRes can be `null`, `false` or `true`.
// True means the parent rule matched and allows access.
if ($parentRes !== true) {
return $parentRes;
}
// admins are allowed to edit entries from other organizations
if ($user->identity->isAdmin() && $this->allowAdminAllAccess) {
return true;
}
return $this->getOrganizationId($action, $request) == $user->identity->organizer_id;
}
protected function matchRole($user)
{
if (parent::matchRole($user)) {
return true;
}
if (isset(Yii::$app->controller->model)) {
$this->params = ['model' => Yii::$app->controller->model];
foreach ($this->roles as $role) {
if ($user->can($role, $this->params)) {
return true;
}
}
}
return false;
}
/** @inheritdoc */
public function behaviors()
{
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post'], 'confirm' => ['post'], 'ban' => ['post']]], 'access' => ['class' => AccessControl::className(), 'ruleConfig' => ['class' => AccessRule::className()], 'rules' => [['allow' => true, 'roles' => ['users:admin-access']]]]];
}
public function behaviors()
{
// $this->layout = "/main.twig";
return ['access' => ['class' => AccessControl::className(), 'ruleConfig' => ['class' => AccessRule::className()], 'only' => ['logout'], 'rules' => [['actions' => ['create'], 'allow' => true, 'roles' => ['admin']], ['actions' => ['logout'], 'allow' => true, 'roles' => ['@']], ['actions' => ['view', 'search'], 'allow' => true, 'roles' => ['?', '*', 'admin']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['logout' => ['post']]]];
}
public function behaviors()
{
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['edit-battle' => ['head', 'get', 'post'], '*' => ['head', 'get']]], 'access' => ['class' => AccessControl::className(), 'only' => ['edit-battle'], 'rules' => [['actions' => ['edit-battle'], 'roles' => ['@'], 'allow' => true]], 'ruleConfig' => ['class' => AccessRule::className(), 'matchCallback' => function ($rule, $action) {
return $action->isEditable;
}]]];
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['access' => ['class' => AccessControl::className(), 'ruleConfig' => ['class' => AccessRule::className()], 'rules' => [['actions' => ['index', 'create', 'update', 'delete', 'bulk-action', 'ajax-search'], 'allow' => true, 'roles' => ['subscriber']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post'], 'bulk-action' => ['post'], 'ajax-search' => ['post']]]];
}
public function behaviors()
{
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]], 'access' => ['class' => AccessControl::className(), 'ruleConfig' => ['class' => AccessRule::className()], 'rules' => [['actions' => ['view', 'search', 'index', 'create', 'update', 'delete'], 'allow' => true, 'roles' => ['admin']]]]];
}
/**
* Specifies the access control rules.
* This method is used by the 'accessControl' filter.
* @return array access control rules
*/
public function behaviors()
{
return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post'], 'AjaxUpdateStatus' => ['post'], 'AjaxUpdateSetNew' => ['post'], 'AjaxUpdateSetOld' => ['post'], 'AjaxDelete' => ['post']]], 'access' => ['class' => AccessControl::className(), 'ruleConfig' => ['class' => AccessRule::className()], 'rules' => [['allow' => \Yii::$app->getModule('comments')->isSuperuser() ? true : false, 'roles' => ['@']]]]];
}
public function behaviors()
{
// $this->layout = "/admin.php";
return ['access' => ['class' => AccessControl::className(), 'ruleConfig' => ['class' => AccessRule::className()], 'rules' => [['allow' => true, 'roles' => ['manager']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['logout' => ['post']]]];
}