/** * Updates an existing User model. * If update is successful, the browser will be redirected to the 'view' page. * * @param integer $id The user id. * @return string|\yii\web\Response * * @throws NotFoundHttpException */ public function actionUpdate($id) { // get role $role = Role::findOne(['user_id' => $id]); // get user details $user = $this->findModel($id); // only The Creator can update everyone`s roles // admin will not be able to update role of theCreator if (!Yii::$app->user->can('theCreator')) { if ($role->item_name === 'theCreator') { return $this->goHome(); } } // load user data with role and validate them if ($user->load(Yii::$app->request->post()) && $role->load(Yii::$app->request->post()) && Model::validateMultiple([$user, $role])) { // only if user entered new password we want to hash and save it if ($user->password) { $user->setPassword($user->password); } // if admin is activating user manually we want to remove account activation token if ($user->status == User::STATUS_ACTIVE && $user->account_activation_token != null) { $user->removeAccountActivationToken(); } $user->save(false); $role->save(false); return $this->redirect(['view', 'id' => $user->id]); } else { return $this->render('update', ['user' => $user, 'role' => $role]); } }
/** * Set user role assigment if it not set in auth_assignment */ public static function checkRoleAssignment() { $user = Yii::$app->getUser()->getIdentity(); $id = $user->getId(); if (empty($id)) { return; } if (null === Role::findOne(['user_id' => $id])) { $role = new Role(); $role->item_name = $user->user_role; $role->user_id = $id; $role->save(false); } }