/** * @inheritdoc */ public function checkAccess($action, $model = null, $params = []) { if (Yii::$app->request->get('access-token')) { $user = User::findIdentityByAccessToken(Yii::$app->request->get('access-token')); if (!$user) { throw new ForbiddenHttpException(); } } else { throw new ForbiddenHttpException(); } return true; }
/** * @inheritdoc */ public function checkAccess($action, $model = null, $params = []) { if (Yii::$app->request->get('access-token')) { $user = User::findIdentityByAccessToken(Yii::$app->request->get('access-token')); if (!$user) { throw new ForbiddenHttpException(); } } else { throw new ForbiddenHttpException(); } if ($action === "update" || $action === "delete") { if (!$user || !$model || $user->id !== $model->trainer_id) { throw new ForbiddenHttpException(); } } return true; }
public function actionLike($id) { $this->checkAccess("like"); $user = User::findIdentityByAccessToken(Yii::$app->request->get('access-token')); if ($like = GalleryLike::findOne(['user_id' => $user->id, 'image_id' => $id])) { if (!$like->delete()) { return ApiHelper::errorResponse($like->getErrors(), 422); } } else { $like = new GalleryLike(); $like->user_id = $user->id; $like->image_id = $id; if (!$like->save()) { return ApiHelper::errorResponse($like->getErrors(), 422); } } return ApiHelper::successResponse(['message' => 'success']); }
/** * @inheritdoc */ public function checkAccess($action, $model = null, $params = []) { if (Yii::$app->request->get('access-token')) { $user = User::findIdentityByAccessToken(Yii::$app->request->get('access-token')); if (!$user) { throw new ForbiddenHttpException(); } } else { throw new ForbiddenHttpException(); } if ($action === 'message') { if (!$model) { throw new ForbiddenHttpException(); } $class = Classes::findOne(['class_stream' => $model->stream_id]); if (!(is_object($class) && $class->canStudy($user))) { throw new ForbiddenHttpException(); } } return true; }
public function actionAdminAutologin() { $model = new $this->modelClass(); $post = \Yii::$app->request->post(); $data = User::findByPasswordResetToken($post['token']); if ($data && Yii::$app->user->loginByAccessToken($data->user_auth_key)) { $modelU = new $this->modelClass(); $modelU->setLoginTime(\Yii::$app->user->identity->getUserId()); $udata = $modelU->getUserInfo(\Yii::$app->user->identity->getUserId()); $model->generatePasswordResetToken(); return ApiHelper::successResponse(array(['auth' => \Yii::$app->user->identity->getAuthKey(), 'udata' => $udata, 'role' => \Yii::$app->user->identity->getUserRole()])); } return ApiHelper::errorResponse(["Incorrect Access."], 422); }
public function actionGetEarningPdf() { $this->checkAccess("create"); $user = User::findIdentityByAccessToken(Yii::$app->request->get('access-token')); $type = Yii::$app->request->get('type'); switch ($type) { case 'week': $period_start = (int) Yii::$app->request->get('period_start'); $period_end = (int) Yii::$app->request->get('period_end'); if ($period_start && $period_end) { $data = Classes::getWeekEarningPdf($user->user_id, $period_start, $period_end); if (!$data) { throw new ForbiddenHttpException(); } $sum = Classes::getWeekEarning($user->user_id, $period_start, $period_end); $sum = round($sum - $sum / 100 * (int) $user->user_fees, 2); $this->layout = 'main-login'; $pdf = Yii::$app->pdf; $dataProvider = new ActiveDataProvider(['query' => $data, 'sort' => false]); $pdf->content = $this->render('invoice_week', ['data' => $dataProvider, 'sum' => $sum, 'user_fees' => (int) $user->user_fees]); return $pdf->render(); } break; case 'class': $class = (int) Yii::$app->request->get('class'); $data = Classes::findOne($class); if ($data) { $this->layout = 'main-login'; $pdf = Yii::$app->pdf; $data = $data->toArray(); $dataProvider = new ActiveDataProvider(['query' => Classes::find()->where(['class_id' => $class]), 'sort' => false]); $sum = round((int) $data['pay_sum'] - (int) $data['pay_sum'] / 100 * (int) $user->user_fees, 2); $pdf->content = $this->render('invoice_class', ['data' => $dataProvider, 'sum' => $sum, 'class_id' => $data['class_id'], 'user_fees' => (int) $user->user_fees]); return $pdf->render(); } break; } }