/**
* Performs access check for this user.
* @param string $operation the name of the operation that need access check.
* @param array $params name-value pairs that would be passed to business rules associated
* with the tasks and roles assigned to the user.
* @param boolean $allowCaching whether to allow caching the result of access check.
* @return boolean whether the operations can be performed by this user.
*/
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
if ($this->getIsAdmin()) {
return true;
}
return parent::checkAccess($operation, $params, $allowCaching);
}
public function checkAccess($operation, $params=array(), $allowCaching=true)
{
if(!Yum::hasModule('role') || Yum::module('role')->useYiiCheckAccess )
return parent::checkAccess($operation, $params, $allowCaching);
return $this->can($operation);
}
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
if ($operation === 'admin') {
return $this->isAdmin();
}
return parent::checkAccess($operation, $params, $allowCaching);
}
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
if ($operation == 'administrator') {
return Permission::model()->hasGlobalPermission('superadmin', 'read');
} else {
return parent::checkAccess($operation, $params, $allowCaching);
}
}
public function isCustomer()
{
if ($this->_isCustomer === null) {
$customer_user_role = Yii::app()->getModule('user')->customerUser['role'];
$this->_isCustomer = parent::checkAccess($customer_user_role);
}
return $this->_isCustomer;
}
public function checkAccess($auth_item_name, $params = array(), $allow_caching = true)
{
return true;
if (Yii::app()->user->isRootRole()) {
return true;
}
$auth_item = AuthItem::model()->findByPk($auth_item_name);
if ($auth_item && $auth_item['allow_for_all']) {
return true;
}
return parent::checkAccess($auth_item_name, $params, $allow_caching);
}
public function checkAccess($name, $userId = array())
{
if (!Yii::app()->user->isAdmin) {
return false;
}
switch ($name) {
case 'view':
case 'update':
case 'create':
case 'delete':
return parent::checkAccess($name . '_' . ucfirst(Yii::app()->controller->id));
}
return parent::checkAccess($name, $userId);
}
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
if (Yii::app()->getModule('srbac')->isInstalled()) {
//Always allow access if $access is in the allowedAccess array
if (in_array($operation, $this->allowedAccess())) {
return true;
}
//Allow access when srbac is in debug mode
if (Yii::app()->getModule('srbac')->debug) {
return true;
}
}
return parent::checkAccess($operation, $params, $allowCaching);
}
/**
* Performs access check for this user.
* Overloads the parent method in order to allow superusers access implicitly.
* @param string $operation the name of the operation that need access check.
* @param array $params name-value pairs that would be passed to business rules associated
* with the tasks and roles assigned to the user.
* @param boolean $allowCaching whether to allow caching the result of access checki.
* This parameter has been available since version 1.0.5. When this parameter
* is true (default), if the access check of an operation was performed before,
* its result will be directly returned when calling this method to check the same operation.
* If this parameter is false, this method will always call {@link CAuthManager::checkAccess}
* to obtain the up-to-date access result. Note that this caching is effective
* only within the same request.
* @return boolean whether the operations can be performed by this user.
*/
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
// Allow superusers access implicitly and do CWebUser::checkAccess for others.
return $this->isSuperuser === true ? true : parent::checkAccess($operation, $params, $allowCaching);
}
/**
* Performs access check for this user.
* Overloads the parent method in order to allow superusers access implicitly.
* @param string $operation the name of the operation that need access check.
* @param array $params name-value pairs that would be passed to business rules associated
* with the tasks and roles assigned to the user.
* @param boolean $allowCaching whether to allow caching the result of access checki.
* This parameter has been available since version 1.0.5. When this parameter
* is true (default), if the access check of an operation was performed before,
* its result will be directly returned when calling this method to check the same operation.
* If this parameter is false, this method will always call {@link CAuthManager::checkAccess}
* to obtain the up-to-date access result. Note that this caching is effective
* only within the same request.
* @return boolean whether the operations can be performed by this user.
*/
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
return $this->isSuperuser === true ? true : parent::checkAccess($operation, $params, $allowCaching);
}
/**
* Check if we have the access keys in the db
*
*/
public function checkAccess($operation, $params = array())
{
// First make sure we haven't already added it
// without looking in the db
$missingRoles = array();
if (Yii::app()->cache) {
$missingRoles = Yii::app()->cache->get('missing_roles');
if ($missingRoles === false) {
$missingRoles = array();
}
}
// Do we have that roles in the array
if (!in_array($operation, $missingRoles)) {
// We don't so look up the db
$roleExists = AuthItem::model()->find('name=:name', array(':name' => $operation));
if (!$roleExists) {
// Figure out the type first
if (strpos($operation, 'op_') !== false) {
$type = CAuthItem::TYPE_OPERATION;
} elseif (strpos($operation, 'task_') !== false) {
$type = CAuthItem::TYPE_TASK;
} else {
$type = CAuthItem::TYPE_ROLE;
}
// Create new auth item
Yii::app()->authManager->createAuthItem($operation, $type, $operation, null, null);
}
$missingRoles[$operation] = $operation;
// Save
if (Yii::app()->cache) {
Yii::app()->cache->set('missing_roles', $missingRoles);
}
}
// In case we are in debug mode then return true all the time
if (YII_DEBUG) {
return true;
}
// Return parent check access
return parent::checkAccess($operation, $params);
}
public function checkAccessWithCache($operation, $params = array(), $allowCaching = true)
{
$permissions = Yii::app()->cache->get('permission-cache');
if ($permissions !== false) {
if (!array_key_exists($operation, $permissions)) {
return false;
}
if ($this->executeBizRule($permissions[$operation]['bizrule'], $params, $permissions[$operation]['data'])) {
//Check with default Roles
if (in_array(app()->authManager->defaultRoles, $permissions[$operation]['roles'])) {
return true;
}
//Check if allow user id for current operation
if (array_key_exists($this->getId(), $permissions[$operation]['users'])) {
$uid = $this->getId();
if ($this->executeBizRule($permissions[$operation]['users'][$uid]['bizrule'], $params, $permissions[$operation]['users'][$uid]['data'])) {
return true;
}
}
if ($this->getState('current_roles')) {
//Check if allow user id for current operation
$check_roles = array_intersect($this->getState('current_roles'), $permissions[$operation]['roles']);
return count($check_roles) > 0;
} else {
return false;
}
}
} else {
parent::checkAccess($operation, $params, $allowCaching);
}
}
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
return parent::checkAccess($operation, $params, $allowCaching);
}
