public function actionUpdate($id)
 {
     $model = LoanDrawRequest::findOne($id);
     $model->status = 2;
     $model->save();
     //根据id_loan字段更新loan表中的balance字段
     $id_loan = $model->id_loan;
     $loanModel = Loan::findOne($id_loan);
     if (Yii::$app->params['should_update_balance']) {
         $loanModel->balance = $loanModel->balance + $model->amount;
         $loanModel->save();
     }
     //send draw request approval email to client()
     SendEmail::email(DictEmail::EMAIL_LETTER_ABOUT_LINE, [DictEmail::LETTER_DRAW_REQUEST_APPROVAL, $loanModel->id_application, DictEmail::DRAW_REQUEST_TYPE_CLIENT, $model]);
     //send draw request approval email to advisor
     SendEmail::email(DictEmail::EMAIL_LETTER_ABOUT_LINE, [DictEmail::LETTER_DRAW_REQUEST_APPROVAL, $loanModel->id_application, DictEmail::DRAW_REQUEST_TYPE_ADVISOR, $model, $loanModel]);
     return $this->redirect('index');
 }
Esempio n. 2
0
 public function actionDrawConfirm($id)
 {
     $model = new LoanDrawRequest();
     $model->id_user = Yii::$app->user->getId();
     $model->id_loan = $id;
     $model->status = 1;
     $loanModel = Loan::findOne($id);
     $loanBank = LoanBankAcount::find()->andWhere(['id_loan' => $id])->one();
     if (!$loanModel->application->checkOnwerAccess(Yii::$app->user->getId()) && $this->user->id_user_role != Dict::USER_ROLE_BETTERDEBT) {
         throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
     }
     $request = LoanDrawRequest::find()->where(['id_loan' => $loanModel->id_loan, 'status' => 1])->one();
     $request = is_null($request) ? [] : $request;
     if (count($request) > 0) {
         $model->addError('amount', 'Your draw request was submitted successfully!Better Debt is working on it.');
     }
     if ($model->load(Yii::$app->request->post()) && $model->save()) {
         //send draw request email to client (and cc to co_applicant).Method email($email_type,[$letter_type,$id_application,$user_type,$drawModel])
         SendEmail::email(DictEmail::EMAIL_LETTER_ABOUT_LINE, [DictEmail::LETTER_DRAW_REQUEST, $loanModel->id_application, DictEmail::DRAW_REQUEST_TYPE_CLIENT, $model]);
         //send draw request email to advisor.Method email($email_type,[$letter_type,$id_application,$user_type,$drawModel,$loanModel])
         SendEmail::email(DictEmail::EMAIL_LETTER_ABOUT_LINE, [DictEmail::LETTER_DRAW_REQUEST, $loanModel->id_application, DictEmail::DRAW_REQUEST_TYPE_ADVISOR, $model, $loanModel]);
         //send draw request email to betterdebt.Method email($email_type,[$letter_type,$id_application,$user_type,$drawModel,$loanModel])
         SendEmail::email(DictEmail::EMAIL_LETTER_ABOUT_LINE, [DictEmail::LETTER_DRAW_REQUEST, $loanModel->id_application, DictEmail::DRAW_REQUEST_TYPE_LOAN_OFFICER, $model, $loanModel]);
         return $this->render('draw_success');
     } else {
         return $this->render('draw_confirm', ['model' => $model, 'loanModel' => $loanModel, 'loanBank' => is_null($loanBank) ? new LoanBankAcount() : $loanBank, 'request' => $request]);
     }
 }
 public function beforeAction($action)
 {
     // ID
     $ctrl_id = $action->controller->id;
     $action_id = $action->id;
     $behaviour = $ctrl_id . '/' . $action_id;
     if (parent::beforeAction($action)) {
         // 判断 id_application 权限
         if (isset($_GET['id_application']) && !isset($_GET['id_app_task'])) {
             $application = Application::findOne($_GET['id_application']);
             if (!$application->checkOnwerAccess($this->user->id_user)) {
                 if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) {
                     $this->AUTH = Dict::AUTH_READ;
                     $app_task = AppTask::findOne(['id_application' => $application->id_application, 'id_app_task_type' => DictTask::TYPE_APPLICATION_FORM]);
                     if (($app_task->status != DictTask::STATUS_ACTIVE || $app_task->application->id_application_status != DictApplication::STATUS_ACTIVE) && !in_array($behaviour, ['task-sign/close', 'task-supplemental-information/view-file'])) {
                         if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT || $this->user->id_user_role == Dict::USER_ROLE_ADVISOR) {
                             $this->redirect(['/application/view', 'id' => $app_task->id_application]);
                         } else {
                             if ($this->user->id_user_role == Dict::USER_ROLE_CLIENT) {
                                 $this->redirect(['/loan/application']);
                             }
                         }
                         return false;
                     }
                 } else {
                     throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
                 }
             } else {
                 // app-form 特殊判断
                 if ($ctrl_id == 'app-form') {
                     $app_task = AppTask::findOne(['id_application' => $application->id_application, 'id_app_task_type' => DictTask::TYPE_APPLICATION_FORM]);
                     if ($app_task->status != DictTask::STATUS_ACTIVE || $app_task->application->id_application_status != DictApplication::STATUS_ACTIVE) {
                         if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT || $this->user->id_user_role == Dict::USER_ROLE_ADVISOR) {
                             $this->redirect(['/application/view', 'id' => $app_task->id_application]);
                         } else {
                             if ($this->user->id_user_role == Dict::USER_ROLE_CLIENT) {
                                 $this->redirect(['/loan/application']);
                             }
                         }
                         return false;
                     }
                     if ($app_task->owner_type == DictTask::$userRoleToOwner[$this->user->id_user_role]) {
                         $this->AUTH = Dict::AUTH_OPERATE;
                     } else {
                         $this->AUTH = Dict::AUTH_READ;
                     }
                 } else {
                     if ($behaviour == 'task-sign/close') {
                         $betterdebt = Betterdebt::findOne(['id_user' => $this->user->id_user]);
                         if ($betterdebt->is_in_service_team == Dict::BD_SERVICE_TEAM_YES) {
                             $this->AUTH = Dict::AUTH_OPERATE;
                         } else {
                             $this->AUTH = Dict::AUTH_READ;
                         }
                     } else {
                         $this->AUTH = Dict::AUTH_READ;
                     }
                 }
             }
         }
         // 判断 id_app_task 权限
         if (isset($_GET['id_app_task'])) {
             $app_task = AppTask::findOne($_GET['id_app_task']);
             if ($app_task->application->checkOnwerAccess($this->user->id_user)) {
                 if (!AppTask::checkOnwerAccess($app_task, $behaviour)) {
                     throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
                 } else {
                     if (in_array($behaviour, ['task-sign/close', 'task/assign-to', 'task-sign/remind'])) {
                         $this->AUTH = Dict::AUTH_OPERATE;
                     } else {
                         if (DictTask::$ownerToUserRole[$app_task->owner_type] == $this->user->id_user_role) {
                             $this->AUTH = Dict::AUTH_OPERATE;
                         } else {
                             $this->AUTH = Dict::AUTH_READ;
                         }
                     }
                 }
             } else {
                 if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) {
                     $this->AUTH = Dict::AUTH_READ;
                 } else {
                     throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
                 }
             }
             $loan = Loan::findOne(['id_application' => $app_task->id_application]);
             // 如果任务不是正在进行中,则跳转
             if ($app_task->status != DictTask::STATUS_ACTIVE || $app_task->application->id_application_status != DictApplication::STATUS_ACTIVE || isset($loan) && $loan->status == Dict::LOAN_STATUS_CLOSED) {
                 if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT || $this->user->id_user_role == Dict::USER_ROLE_ADVISOR) {
                     $this->redirect(['/application/view', 'id' => $app_task->id_application]);
                 } else {
                     if ($this->user->id_user_role == Dict::USER_ROLE_CLIENT) {
                         $this->redirect(['/loan/application']);
                     }
                 }
                 return false;
             }
         }
         // 判断 id_app_form_collateral_account 权限
         if (isset($_GET['id_app_form_collateral_account'])) {
             $collateral_account = AppFormCollateralAccount::findOne($_GET['id_app_form_collateral_account']);
             if (!$collateral_account->application->checkOnwerAccess($this->user->id_user)) {
                 if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) {
                     $this->AUTH = Dict::AUTH_READ;
                 } else {
                     throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
                 }
             } else {
                 $this->AUTH = Dict::AUTH_OPERATE;
             }
         }
         // 判断 id_app_task_checkpoint 权限
         if (isset($_GET['id_app_task_checkpoint'])) {
             $checkpoint = AppTaskCheckpoint::findOne($_GET['id_app_task_checkpoint']);
             if (!$checkpoint->appTask->application->checkOnwerAccess($this->user->id_user) || !AppTask::checkOnwerAccess($checkpoint->appTask, $behaviour)) {
                 if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) {
                     $this->AUTH = Dict::AUTH_READ;
                 } else {
                     throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
                 }
             } else {
                 $this->AUTH = Dict::AUTH_OPERATE;
             }
         }
     }
     return true;
 }