public function actionUpdate($id) { $model = LoanDrawRequest::findOne($id); $model->status = 2; $model->save(); //根据id_loan字段更新loan表中的balance字段 $id_loan = $model->id_loan; $loanModel = Loan::findOne($id_loan); if (Yii::$app->params['should_update_balance']) { $loanModel->balance = $loanModel->balance + $model->amount; $loanModel->save(); } //send draw request approval email to client() SendEmail::email(DictEmail::EMAIL_LETTER_ABOUT_LINE, [DictEmail::LETTER_DRAW_REQUEST_APPROVAL, $loanModel->id_application, DictEmail::DRAW_REQUEST_TYPE_CLIENT, $model]); //send draw request approval email to advisor SendEmail::email(DictEmail::EMAIL_LETTER_ABOUT_LINE, [DictEmail::LETTER_DRAW_REQUEST_APPROVAL, $loanModel->id_application, DictEmail::DRAW_REQUEST_TYPE_ADVISOR, $model, $loanModel]); return $this->redirect('index'); }
public function actionDrawConfirm($id) { $model = new LoanDrawRequest(); $model->id_user = Yii::$app->user->getId(); $model->id_loan = $id; $model->status = 1; $loanModel = Loan::findOne($id); $loanBank = LoanBankAcount::find()->andWhere(['id_loan' => $id])->one(); if (!$loanModel->application->checkOnwerAccess(Yii::$app->user->getId()) && $this->user->id_user_role != Dict::USER_ROLE_BETTERDEBT) { throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page."); } $request = LoanDrawRequest::find()->where(['id_loan' => $loanModel->id_loan, 'status' => 1])->one(); $request = is_null($request) ? [] : $request; if (count($request) > 0) { $model->addError('amount', 'Your draw request was submitted successfully!Better Debt is working on it.'); } if ($model->load(Yii::$app->request->post()) && $model->save()) { //send draw request email to client (and cc to co_applicant).Method email($email_type,[$letter_type,$id_application,$user_type,$drawModel]) SendEmail::email(DictEmail::EMAIL_LETTER_ABOUT_LINE, [DictEmail::LETTER_DRAW_REQUEST, $loanModel->id_application, DictEmail::DRAW_REQUEST_TYPE_CLIENT, $model]); //send draw request email to advisor.Method email($email_type,[$letter_type,$id_application,$user_type,$drawModel,$loanModel]) SendEmail::email(DictEmail::EMAIL_LETTER_ABOUT_LINE, [DictEmail::LETTER_DRAW_REQUEST, $loanModel->id_application, DictEmail::DRAW_REQUEST_TYPE_ADVISOR, $model, $loanModel]); //send draw request email to betterdebt.Method email($email_type,[$letter_type,$id_application,$user_type,$drawModel,$loanModel]) SendEmail::email(DictEmail::EMAIL_LETTER_ABOUT_LINE, [DictEmail::LETTER_DRAW_REQUEST, $loanModel->id_application, DictEmail::DRAW_REQUEST_TYPE_LOAN_OFFICER, $model, $loanModel]); return $this->render('draw_success'); } else { return $this->render('draw_confirm', ['model' => $model, 'loanModel' => $loanModel, 'loanBank' => is_null($loanBank) ? new LoanBankAcount() : $loanBank, 'request' => $request]); } }
public function beforeAction($action) { // ID $ctrl_id = $action->controller->id; $action_id = $action->id; $behaviour = $ctrl_id . '/' . $action_id; if (parent::beforeAction($action)) { // 判断 id_application 权限 if (isset($_GET['id_application']) && !isset($_GET['id_app_task'])) { $application = Application::findOne($_GET['id_application']); if (!$application->checkOnwerAccess($this->user->id_user)) { if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) { $this->AUTH = Dict::AUTH_READ; $app_task = AppTask::findOne(['id_application' => $application->id_application, 'id_app_task_type' => DictTask::TYPE_APPLICATION_FORM]); if (($app_task->status != DictTask::STATUS_ACTIVE || $app_task->application->id_application_status != DictApplication::STATUS_ACTIVE) && !in_array($behaviour, ['task-sign/close', 'task-supplemental-information/view-file'])) { if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT || $this->user->id_user_role == Dict::USER_ROLE_ADVISOR) { $this->redirect(['/application/view', 'id' => $app_task->id_application]); } else { if ($this->user->id_user_role == Dict::USER_ROLE_CLIENT) { $this->redirect(['/loan/application']); } } return false; } } else { throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page."); } } else { // app-form 特殊判断 if ($ctrl_id == 'app-form') { $app_task = AppTask::findOne(['id_application' => $application->id_application, 'id_app_task_type' => DictTask::TYPE_APPLICATION_FORM]); if ($app_task->status != DictTask::STATUS_ACTIVE || $app_task->application->id_application_status != DictApplication::STATUS_ACTIVE) { if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT || $this->user->id_user_role == Dict::USER_ROLE_ADVISOR) { $this->redirect(['/application/view', 'id' => $app_task->id_application]); } else { if ($this->user->id_user_role == Dict::USER_ROLE_CLIENT) { $this->redirect(['/loan/application']); } } return false; } if ($app_task->owner_type == DictTask::$userRoleToOwner[$this->user->id_user_role]) { $this->AUTH = Dict::AUTH_OPERATE; } else { $this->AUTH = Dict::AUTH_READ; } } else { if ($behaviour == 'task-sign/close') { $betterdebt = Betterdebt::findOne(['id_user' => $this->user->id_user]); if ($betterdebt->is_in_service_team == Dict::BD_SERVICE_TEAM_YES) { $this->AUTH = Dict::AUTH_OPERATE; } else { $this->AUTH = Dict::AUTH_READ; } } else { $this->AUTH = Dict::AUTH_READ; } } } } // 判断 id_app_task 权限 if (isset($_GET['id_app_task'])) { $app_task = AppTask::findOne($_GET['id_app_task']); if ($app_task->application->checkOnwerAccess($this->user->id_user)) { if (!AppTask::checkOnwerAccess($app_task, $behaviour)) { throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page."); } else { if (in_array($behaviour, ['task-sign/close', 'task/assign-to', 'task-sign/remind'])) { $this->AUTH = Dict::AUTH_OPERATE; } else { if (DictTask::$ownerToUserRole[$app_task->owner_type] == $this->user->id_user_role) { $this->AUTH = Dict::AUTH_OPERATE; } else { $this->AUTH = Dict::AUTH_READ; } } } } else { if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) { $this->AUTH = Dict::AUTH_READ; } else { throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page."); } } $loan = Loan::findOne(['id_application' => $app_task->id_application]); // 如果任务不是正在进行中,则跳转 if ($app_task->status != DictTask::STATUS_ACTIVE || $app_task->application->id_application_status != DictApplication::STATUS_ACTIVE || isset($loan) && $loan->status == Dict::LOAN_STATUS_CLOSED) { if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT || $this->user->id_user_role == Dict::USER_ROLE_ADVISOR) { $this->redirect(['/application/view', 'id' => $app_task->id_application]); } else { if ($this->user->id_user_role == Dict::USER_ROLE_CLIENT) { $this->redirect(['/loan/application']); } } return false; } } // 判断 id_app_form_collateral_account 权限 if (isset($_GET['id_app_form_collateral_account'])) { $collateral_account = AppFormCollateralAccount::findOne($_GET['id_app_form_collateral_account']); if (!$collateral_account->application->checkOnwerAccess($this->user->id_user)) { if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) { $this->AUTH = Dict::AUTH_READ; } else { throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page."); } } else { $this->AUTH = Dict::AUTH_OPERATE; } } // 判断 id_app_task_checkpoint 权限 if (isset($_GET['id_app_task_checkpoint'])) { $checkpoint = AppTaskCheckpoint::findOne($_GET['id_app_task_checkpoint']); if (!$checkpoint->appTask->application->checkOnwerAccess($this->user->id_user) || !AppTask::checkOnwerAccess($checkpoint->appTask, $behaviour)) { if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) { $this->AUTH = Dict::AUTH_READ; } else { throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page."); } } else { $this->AUTH = Dict::AUTH_OPERATE; } } } return true; }