/** * @param int $id - User ID * * @return \yii\web\Response */ public function actionSetRoles($id) { if (!Yii::$app->user->isSuperadmin and Yii::$app->user->id == $id) { Yii::$app->session->setFlash('error', UserManagementModule::t('back', 'You can not change own permissions')); return $this->redirect(['set', 'id' => $id]); } $oldAssignments = array_keys(Role::getUserRoles($id)); // To be sure that user didn't attempt to assign himself some unavailable roles $newAssignments = array_intersect(Role::getAvailableRoles(Yii::$app->user->isSuperAdmin, true), Yii::$app->request->post('roles', [])); $toAssign = array_diff($newAssignments, $oldAssignments); $toRevoke = array_diff($oldAssignments, $newAssignments); foreach ($toRevoke as $role) { User::revokeRole($id, $role); } foreach ($toAssign as $role) { User::assignRole($id, $role); } Yii::$app->session->setFlash('success', UserManagementModule::t('back', 'Saved')); return $this->redirect(['set', 'id' => $id]); }
/** * Registration logic * * @return string */ public function actionRegistration() { if (!Yii::$app->user->isGuest) { return $this->goHome(); } $model = new $this->module->registrationFormClass(); if (Yii::$app->request->isAjax and $model->load(Yii::$app->request->post())) { Yii::$app->response->format = Response::FORMAT_JSON; // Ajax validation breaks captcha. See https://github.com/yiisoft/yii2/issues/6115 // Thanks to TomskDiver $validateAttributes = $model->attributes; unset($validateAttributes['captcha']); return ActiveForm::validate($model, $validateAttributes); } if ($model->load(Yii::$app->request->post()) and $model->validate()) { // Trigger event "before registration" and checks if it's valid if ($this->triggerModuleEvent(UserAuthEvent::BEFORE_REGISTRATION, ['model' => $model])) { $user = $model->registerUser(false); // Trigger event "after registration" and checks if it's valid if ($this->triggerModuleEvent(UserAuthEvent::AFTER_REGISTRATION, ['model' => $model, 'user' => $user])) { if ($user) { if (Yii::$app->getModule('user-management')->useEmailAsLogin and Yii::$app->getModule('user-management')->emailConfirmationRequired) { return $this->renderIsAjax('registrationWaitForEmailConfirmation', compact('user')); } else { $roles = (array) $this->module->rolesAfterRegistration; foreach ($roles as $role) { User::assignRole($user->id, $role); } Yii::$app->user->login($user); return $this->redirect(Yii::$app->user->returnUrl); } } } } } return $this->renderIsAjax('registration', compact('model')); }
/** * Check received confirmation token and if user found - activate it, set username, roles and log him in * * @param string $token * * @return bool|User */ public function checkConfirmationToken($token) { $user = User::findInactiveByConfirmationToken($token); if ($user) { $user->username = $user->email; $user->status = User::STATUS_ACTIVE; $user->email_confirmed = 1; $user->removeConfirmationToken(); $user->save(false); $roles = (array) Yii::$app->getModule(\Yii::$app->user->moduleAliasName)->rolesAfterRegistration; foreach ($roles as $role) { User::assignRole($user->id, $role); } Yii::$app->user->login($user); return $user; } return false; }
protected function changeRoleAction($model) { if (!($user = User::findOne(['username' => $model->profile_id]))) { return; } switch ($model->role) { case 'admin': User::assignRole($user->id, 'unicredQuestionListSystemAdmin'); User::revokeRole($user->id, 'unicredQuestionListSystemCommercialDirector'); User::revokeRole($user->id, 'unicredQuestionListSystemManager'); break; case 'manager': User::assignRole($user->id, 'unicredQuestionListSystemManager'); User::revokeRole($user->id, 'unicredQuestionListSystemCommercialDirector'); User::revokeRole($user->id, 'unicredQuestionListSystemAdmin'); break; case 'empl': User::assignRole($user->id, 'unicredQuestionListSystemManager'); User::revokeRole($user->id, 'unicredQuestionListSystemCommercialDirector'); User::revokeRole($user->id, 'unicredQuestionListSystemAdmin'); break; case 'comdir': User::assignRole($user->id, 'unicredQuestionListSystemCommercialDirector'); User::revokeRole($user->id, 'unicredQuestionListSystemManager'); User::revokeRole($user->id, 'unicredQuestionListSystemAdmin'); break; } }