allows() public method

Checks whether the Web user is allowed to perform the specified action.
public allows ( Action $action, User $user, Request $request ) : boolean | null
$action yii\base\Action the action to be performed
$user yii\web\User the user object
$request yii\web\Request
return boolean | null true if the user is allowed, false if the user is denied, null if the rule does not apply to the user
 /**
  * @see http://www.yiiframework.com/doc-2.0/yii-filters-accessrule.html#allows()-detail
  * 
  * Extends allows method with user role check
  */
 public function allows($action, $user, $request)
 {
     if (parent::allows($action, $user, $request) !== null && $this->matchUserRoles($user)) {
         return $this->allow ? true : false;
     }
     return null;
 }
Example #2
0
 /**
  * @inheritdoc
  */
 public function allows($action, $user, $request)
 {
     $return = parent::allows($action, $user, $request);
     if ($return === true) {
         //получаем координаты текущего экшэна
         $actionId = $action->id;
         $controllerId = $action->controller->id;
         $moduleId = $action->controller->module !== null ? $action->controller->module->id : null;
         //получаем все права, которые нужно проверить для данного экшэна
         $toTest = ['*/*/*'];
         if ($moduleId) {
             $toTest[] = "{$moduleId}/*/*";
             $toTest[] = "{$moduleId}/{$controllerId}/*";
             $toTest[] = "{$moduleId}/{$controllerId}/{$actionId}";
         } else {
             $toTest[] = "{$controllerId}/*";
             $toTest[] = "{$controllerId}/{$actionId}";
         }
         //проверяем все права
         $passed = false;
         foreach ($toTest as $rule) {
             if (!\Yii::$app->user->can($rule)) {
                 continue;
             }
             $passed = true;
             break;
         }
         return $passed;
     } else {
         return $return;
     }
 }
Example #3
0
 public function allows($action, $user, $request)
 {
     if ($this->matchActionAccess($action, $user, $request)) {
         return parent::allows($action, $user, $request);
     }
     return null;
 }
 public function allows($action, $user, $request)
 {
     $parentRes = parent::allows($action, $user, $request);
     // $parentRes can be `null`, `false` or `true`.
     // True means the parent rule matched and allows access.
     if ($parentRes !== true) {
         return $parentRes;
     }
     // admins are allowed to edit entries from other organizations
     if ($user->identity->isAdmin() && $this->allowAdminAllAccess) {
         return true;
     }
     return $this->getOrganizationId($action, $request) == $user->identity->organizer_id;
 }