/** * Gather all user permissions and roles and store them in the session * * @param UserIdentity $identity */ public static function updatePermissions($identity) { $session = Yii::$app->session; // Clear data first in case we want to refresh permissions $session->remove(self::SESSION_PREFIX_ROLES); $session->remove(self::SESSION_PREFIX_PERMISSIONS); $session->remove(self::SESSION_PREFIX_ROUTES); // Set permissions last mod time $session->set(self::SESSION_PREFIX_LAST_UPDATE, filemtime(self::getPermissionsLastModFile())); // Save roles, permissions and routes in session $session->set(self::SESSION_PREFIX_ROLES, array_keys(Role::getUserRoles($identity->id))); $session->set(self::SESSION_PREFIX_PERMISSIONS, array_keys(Permission::getUserPermissions($identity->id))); $session->set(self::SESSION_PREFIX_ROUTES, Route::getUserRoutes($identity->id)); }
/** * @param int $id - User ID * * @return \yii\web\Response */ public function actionSetRoles($id) { if (!Yii::$app->user->isSuperadmin and Yii::$app->user->id == $id) { Yii::$app->session->setFlash('error', Yii::t('yee/user', 'You can not change own permissions')); return $this->redirect(['set', 'id' => $id]); } $oldAssignments = array_keys(Role::getUserRoles($id)); // To be sure that user didn't attempt to assign himself some unavailable roles $newAssignments = array_intersect(Role::getAvailableRoles(Yii::$app->user->isSuperAdmin, true), Yii::$app->request->post('roles', [])); $toAssign = array_diff($newAssignments, $oldAssignments); $toRevoke = array_diff($oldAssignments, $newAssignments); foreach ($toRevoke as $role) { User::revokeRole($id, $role); } foreach ($toAssign as $role) { User::assignRole($id, $role); } Yii::$app->session->setFlash('crudMessage', Yii::t('yee', 'Saved')); return $this->redirect(['set', 'id' => $id]); }
<div class="panel panel-default"> <div class="panel-heading"> <strong> <span class="glyphicon glyphicon-th"></span> <?php echo Yii::t('yee/user', 'Roles'); ?> </strong> </div> <div class="panel-body"> <?php echo Html::beginForm(['set-roles', 'id' => $user->id]); ?> <?php echo Html::checkboxList('roles', ArrayHelper::map(Role::getUserRoles($user->id), 'name', 'name'), ArrayHelper::map(Role::getAvailableRoles(), 'name', 'description'), ['item' => function ($index, $label, $name, $checked, $value) { $list = '<ul style="padding-left: 10px">'; foreach (Role::getPermissionsByRole($value) as $permissionName => $permissionDescription) { $list .= $permissionDescription ? "<li>{$permissionDescription}</li>" : "<li>{$permissionName}</li>"; } $list .= '</ul>'; $helpIcon = Html::beginTag('span', ['title' => Yii::t('yee/user', 'Permissions for "{role}" role', ['role' => $label]), 'data-content' => $list, 'data-html' => 'true', 'role' => 'button', 'style' => 'margin: 0 30px 5px 0; padding: 0 5px;', 'class' => 'btn btn-sm btn-default role-help-btn']); $helpIcon .= '?'; $helpIcon .= Html::endTag('span'); $checkbox = Html::checkbox($name, $checked, ['label' => $label, 'value' => $value]); return "<div><div class='pull-left' style='margin-right: 15px;'>{$checkbox}</div><div>{$helpIcon}</div></div>"; }]); ?> <br/> <?php