public function testIsSuperUser()
{
$authItem = new AuthItem();
expect_not($authItem->isSuperUser());
$authItem->name = User::ROLE_SUPERUSER;
expect_that($authItem->isSuperUser());
}
public static function getTeacherRole()
{
foreach (AuthItem::getRoles() as $item_name) {
if ($item_name->name === 'teacher') {
$role = $item_name->name;
}
}
return $role;
}
/**
* Search by request criteria.
*
* @param array|null Filter params.
* @return ActiveDataProvider Data provider.
*/
public function search($params)
{
$query = AuthItem::find();
$dataProvider = new ActiveDataProvider(['query' => $query, 'sort' => ['defaultOrder' => ['name' => SORT_ASC]], 'pagination' => ['pageSize' => 50]]);
$query->andFilterWhere(['type' => \yii\rbac\Item::TYPE_ROLE]);
if (!($this->load($params) && $this->validate())) {
return $dataProvider;
}
$query->andFilterWhere(['like', 'name', $this->name]);
return $dataProvider;
}
public function actionSignup()
{
$model = new SignupForm();
$authItems = AuthItem::find()->all();
if ($model->load(Yii::$app->request->post())) {
if ($user = $model->signup()) {
if (Yii::$app->getUser()->login($user)) {
return $this->goHome();
}
}
}
return $this->render('signup', ['model' => $model, 'authItems' => $authItems]);
}
/**
* Creates data provider instance with search query applied
*
* @param array $params
*
* @return ActiveDataProvider
*/
public function search($params)
{
$query = AuthItem::find();
$dataProvider = new ActiveDataProvider(['query' => $query, 'pagination' => ['pageSize' => 5], 'sort' => ['attributes' => ['Name', 'Type']]]);
$this->load($params);
if (!$this->validate()) {
// uncomment the following line if you do not want to return any records when validation fails
// $query->where('0=1');
return $dataProvider;
}
$query->andFilterWhere(['type' => $this->type, 'created_at' => $this->created_at, 'updated_at' => $this->updated_at]);
$query->andFilterWhere(['ilike', 'name', $this->name])->andFilterWhere(['ilike', 'description', $this->description])->andFilterWhere(['ilike', 'rule_name', $this->rule_name])->andFilterWhere(['ilike', 'data', $this->data]);
return $dataProvider;
}
public function getRootRoles()
{
$raw = AuthItem::find()->where(['type' => 1])->asArray()->all();
$allRoles = array();
foreach ($raw as $row) {
$allRoles[$row['name']] = $row['name'];
}
$sql = 'SELECT DISTINCT auth_item.name FROM 13027272d.auth_item, 13027272d.auth_item_child
WHERE 13027272d.auth_item.name = 13027272d.auth_item_child.child
AND type = 1';
$raw = AuthItem::findBySql($sql)->asArray()->all();
$chileRoles = array();
foreach ($raw as $row) {
$chileRoles[$row['name']] = $row['name'];
}
return array_diff($allRoles, $chileRoles);
}
/**
* Finds the AuthItem model based on its primary key value.
* If the model is not found, a 404 HTTP exception will be thrown.
* @param string $id
* @return AuthItem the loaded model
* @throws NotFoundHttpException if the model cannot be found
*/
protected function findModel($id)
{
if (($model = AuthItem::findOne($id)) !== null) {
return $model;
} else {
throw new NotFoundHttpException('The requested page does not exist.');
}
}
/**
* @return \yii\db\ActiveQuery
*/
public function getAuthItems()
{
return $this->hasMany(AuthItem::className(), ['rule_name' => 'name']);
}
/**
* Update an existing User model. If update is successful, the browser
* will be redirected to the 'view' page.
* @param string $id
* @return mixed
*/
public function actionUpdate($id)
{
if ((Yii::$app->user->can("update-user") || Yii::$app->user->can("user")) && $id != 1) {
$permissoes = AuthItem::getListToDropDownList();
// set up user and profile
$user = $this->findModel($id);
$user->setScenario("admin");
$profile = $user->profile;
$mensagem = "";
//Informa ao usuário mensagens de erro na view
//Permissão do usuário
$authAssignment = new AuthAssignment();
$authItensUser = AuthAssignment::find()->where(['user_id' => $id])->all();
$permissoesUser = [];
foreach ($authItensUser as $aiu) {
array_push($permissoesUser, $aiu->item_name);
}
//Recebe as permissões salvas do usuário
$authAssignment->item_name = $permissoesUser;
// load post data and validate
$post = Yii::$app->request->post();
if ($user->load($post) && $user->validate() && $profile->load($post) && $profile->validate()) {
//Inicia a transação:
$transaction = \Yii::$app->db->beginTransaction();
try {
$itensInseridos = true;
if (isset($post['AuthAssignment']['item_name']) && !empty($post['AuthAssignment']['item_name'])) {
Yii::$app->db->createCommand("DELETE from auth_assignment WHERE \n user_id = :iduser ", [':iduser' => $user->id])->execute();
$roles = $post['AuthAssignment']['item_name'];
foreach ($roles as $role) {
$user->alterarPermissoes($role, $user->id);
}
} else {
Yii::$app->db->createCommand("DELETE from auth_assignment WHERE \n user_id = :iduser ", [':iduser' => $user->id])->execute();
}
if (!$user->save()) {
$mensagem = "Não foi possível salvar os dados";
$transaction->rollBack();
//desfaz alterações no BD
$itensInseridos = false;
}
if (!$profile->setUser($user->id)->save()) {
$mensagem = "Não foi possível salvar os dados";
$transaction->rollBack();
//desfaz alterações no BD
$itensInseridos = false;
}
if ($itensInseridos) {
$transaction->commit();
return $this->redirect(['view', 'id' => $user->id]);
}
} catch (\Exception $exception) {
$transaction->rollBack();
$mensagem = "Ocorreu uma falha inesperada ao tentar salvar";
}
}
// render
return $this->render('update', compact('user', 'profile', 'permissoes', 'permissoesUser', 'mensagem', 'authAssignment'));
} else {
throw new ForbiddenHttpException("Acesso negado!");
}
}
/**
* @return \yii\db\ActiveQuery
*/
public function getChild0()
{
return $this->hasOne(AuthItem::className(), ['name' => 'child']);
}
<?php
$form = ActiveForm::begin();
?>
<div class="col-xs-12 col-lg-12 no-padding">
<p> </p>
</div>
<div class="col-xs-12 col-lg-12 no-padding">
<div class="col-sm-6">
<?php
echo $form->field($model, 'parent')->dropDownList(ArrayHelper::map(AuthItem::find()->where(['type' => 1])->all(), 'name', 'name'), ['prompt' => 'Select Role'])->label('');
?>
</div>
<div class="col-sm-6">
<?php
echo $form->field($model, 'child')->dropDownList(ArrayHelper::map(AuthItem::find()->where(['type' => 2])->all(), 'name', 'name'), ['prompt' => 'Assign Permission'])->label('');
?>
</div>
<div class="form-group col-xs-12 col-sm-6 col-lg-4 no-padding">
<div class="col-xs-6">
<?php
echo Html::submitButton($model->isNewRecord ? 'Create' : 'Update', ['class' => 'btn btn-block btn-primary']);
?>
</div>
<div class="col-xs-6">
<?php
echo Html::resetButton('Reset', ['class' => 'btn btn-default btn-block']);
?>
</div>
</div>
/**
* Display registration page
*/
public function actionRegister()
{
/** @var \amnah\yii2\user\models\User $user */
/** @var \amnah\yii2\user\models\Profile $profile */
/** @var \amnah\yii2\user\models\Role $role */
// AuthAssigment
// set up new user/profile objects
$user = $this->module->model("User", ["scenario" => "register"]);
$profile = $this->module->model("Profile");
// load post data
$post = Yii::$app->request->post();
if ($user->load($post)) {
// ensure profile data gets loaded
$profile->load($post);
// validate for ajax request
if (Yii::$app->request->isAjax) {
Yii::$app->response->format = Response::FORMAT_JSON;
return ActiveForm::validate($user, $profile);
}
// var_dump($post);
if (isset($post['roles'])) {
// $aux = $post['User']['role_id'];
// $roles = explode(',', $aux);
$roles = $post['roles'];
// var_dump($post['User']['role_id']);
// $roles = $post['User']['role_id'];
}
// validate for normal request
if ($user->validate() && $profile->validate()) {
// perform registration
$role = $this->module->model("Role");
// VEJA AQUI !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
$user->setRegisterAttributes($role::ROLE_USER, $user::STATUS_ACTIVE)->save();
// $user->setPermissoes(1,$user->id);
$profile->setUser($user->id)->save();
$idUser = $user->id;
// var_dump($idUser);
foreach ($roles as $role) {
$user->setPermissoes($role, $idUser);
}
// $this->afterRegister($user);
// set flash
// don't use $this->refresh() because user may automatically be logged in and get 403 forbidden
$successText = Yii::t("user", "Successfully registered [ {displayName} ]", ["displayName" => $user->getDisplayName()]);
$guestText = "";
if (Yii::$app->user->isGuest) {
//$guestText = Yii::t("user", " - Please check your email to confirm your account");
}
Yii::$app->session->setFlash("Register-success", $successText . $guestText);
}
}
$permissoes = AuthItem::getListToDropDownList();
return $this->render("register", compact("user", "profile", "permissoes", "macroauthitems", "permissoesRegister"));
}
?>
<div class="form-group">
<label class="control-label col-md-3"><?php
echo $model->getAttributeLabel('is_active');
?>
</label>
<div class="col-md-9">
<?php
echo $form->field($model, 'is_active')->checkbox(['class' => 'make-switch', 'data-size' => 'normal'], false)->label(false);
?>
</div>
</div>
<?php
echo $form->field($model, 'user_role')->dropDownList(['' => 'Select user role ...'] + ArrayHelper::map(AuthItem::find()->where(['type' => Role::TYPE_ROLE])->all(), 'name', 'name'));
?>
<?php
echo $form->field($model, 'title')->textInput(['maxlength' => true]);
?>
<?php
echo $form->field($model, 'route')->textInput(['maxlength' => true]);
?>
<?php
echo $form->field($model, 'params')->textInput(['maxlength' => true]);
?>
<?php
/**
* Updates an existing User model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id
* @return mixed
*/
public function actionUpdate($id)
{
$modelUser = $this->findModel($id);
$modelProfile = $this->findModelProfile($id);
$roles = AuthItem::find()->all();
$arrayRoles = ArrayHelper::map($roles, 'name', 'description');
$regions = Region::find()->all();
$arrayRegions = ArrayHelper::map($regions, 'id', 'name');
if (!empty($modelUser->password_hash)) {
$modelUser->password_hash = NULL;
}
$modelUser->worker_name = $modelProfile->worker_name;
$modelUser->telephone = $modelProfile->telephone;
$modelUser->head_position = $modelProfile->head_position;
$modelUser->head_name = $modelProfile->head_name;
$modelUser->region = $modelProfile->region_id;
$modelUser->access = $modelUser->role->item_name;
if ($modelUser->load(Yii::$app->request->post())) {
if ($modelUser->validate()) {
if ($modelUser->password_hash |= NULL) {
$modelUser->setPassword($modelUser->password_hash);
} else {
$modelUser->password_hash = $modelUser->getOldAttribute('password_hash');
}
if ($modelUser->save(false)) {
$modelProfile->user_id = $modelUser->id;
$modelProfile->worker_name = $modelUser->worker_name;
$modelProfile->telephone = $modelUser->telephone;
$modelProfile->head_position = $modelUser->head_position;
$modelProfile->head_name = $modelUser->head_name;
$modelProfile->region_id = $modelUser->region;
if ($modelProfile->save(false)) {
$auth = Yii::$app->authManager;
$auth->revokeAll($modelUser->id);
$role = $auth->getRole($modelUser->access);
if ($auth->assign($role, $modelUser->id)) {
return $this->redirect(['view', 'id' => $modelUser->id]);
}
}
}
}
}
return $this->render('update', ['model' => $modelUser, 'arrayRoles' => $arrayRoles, 'arrayRegions' => $arrayRegions]);
}
public function getItemName()
{
return $this->hasOne(AuthItem::className(), ['name' => 'item_name']);
}
/**
* Updates an existing User model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id
* @return mixed
*/
public function actionUpdate($id)
{
if (Yii::$app->user->can('userUpdate')) {
//The permission name
//The actions...
$model = $this->findModel($id);
$role = new AuthItem();
$auth = Yii::$app->authManager;
$currentRole = $auth->getRolesByUser($model->getId());
$role->name = key($currentRole);
$password = $model->password;
$model->password = '';
if ($model->load(Yii::$app->request->post())) {
if ($model->password == '') {
$model->password = $password;
}
if ($model->save()) {
$role->load(Yii::$app->request->post());
$newRole = $auth->getRole($role->name);
if ($newRole != $currentRole) {
$auth->revokeAll($model->getId());
$auth->assign($newRole, $model->getId());
}
return $this->redirect(['view', 'id' => $model->id]);
}
} else {
return $this->render('update', ['model' => $model, 'role' => $role]);
}
} else {
if (Yii::$app->user->isGuest) {
Yii::$app->user->loginRequired();
} else {
throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
}
}
}
/**
* @return array|null
* Gera a lista de Permissões com optgroups
*/
public static function getListToDropDownList()
{
$options = [];
$optGroups = AuthItem::find()->where("name not like '%-%' and name <> 'admin' and name <> 'alterarprodutovenda' \n and name <> 'produtosvenda' and name <> 'cadastrarprodutovenda'\n and name <> 'avaliacaoproduto'\n and name <> 'listadeinsumos'\n and name <> 'listadeprodutosporinsumo'\n and name <>'definirvalorprodutovenda'")->distinct()->orderBy('type ASC')->all();
foreach ($optGroups as $macroPermissao) {
$permissao = [];
$sqlWhere = "name <> 'admin' and name like 'index-" . $macroPermissao->name . "' or " . "name = '" . $macroPermissao->name . "" . "' or " . "name like 'view-" . $macroPermissao->name . "" . "' or " . "name like 'create-" . $macroPermissao->name . "" . "' or " . "name like 'delete-" . $macroPermissao->name . "" . "' or " . "name like 'index-" . $macroPermissao->name . "" . "' or " . "name like 'update-" . $macroPermissao->name . "'";
$auxPermissoes = AuthItem::find()->where($sqlWhere)->orderBy('type ASC')->all();
foreach ($auxPermissoes as $p) {
$key = $p->name;
$permissao[$key] = $p->description;
}
$options[strtoupper(Yii::t('app', $macroPermissao->name))] = $permissao;
}
return $options;
}
?>
<?php
echo $form->field($model, 'first_name')->textInput(['maxlength' => true]);
?>
<?php
echo $form->field($model, 'last_name')->textInput(['maxlength' => true]);
?>
<?php
echo $form->field($model, 'email')->textInput(['maxlength' => true]);
?>
<?php
echo $form->field($role, 'name')->dropDownList(\app\models\AuthItem::getRootRoles(), array('prompt' => '-- Select a User Type --'));
?>
<?php
echo $form->field($model, 'address')->textInput(['maxlength' => true]);
?>
<?php
echo $form->field($model, 'city')->textInput(['maxlength' => true]);
?>
<?php
echo $form->field($model, 'country')->dropDownList(\app\models\Country::getCountryOptions(), array('prompt' => '-- Select a Title --'));
?>
<?php
<div class=" box view-item col-xs-12 col-lg-12">
<div class="console-users-form">
<?php
$form = ActiveForm::begin();
?>
<div class="col-xs-12 col-lg-12 no-padding">
<p> </p>
</div>
<?php
if (\Yii::$app->user->can('admin')) {
?>
<div class="col-xs-12 col-lg-12 no-padding">
<div class="col-sm-6">
<?php
echo $form->field($model, 'user_level')->dropDownList(ArrayHelper::map(AuthItem::find()->where(['type' => 1])->all(), 'name', 'description'), ['id' => 'user_level', 'prompt' => 'Type of User'])->label('');
?>
</div>
<div class="col-sm-6" id="parent_insurance">
<?php
echo $form->field($model, 'parent_insurance_company')->dropDownList(ArrayHelper::map(InsuranceCompanies::find()->all(), 'id', 'code'), ['id' => 'parent_ins', 'prompt' => 'Select Insurance Company'])->label('');
?>
</div>
</div>
<?php
}
?>
<div class="col-xs-12 col-lg-12 no-padding">
<div class="col-sm-6">
<?php
/**
* Retorna permissões cadastradas
* @return null|string
*/
public function getPermissoes()
{
if (is_null($this->cachePermissoes)) {
$obj = AuthAssignment::find()->where(['user_id' => $this->id])->all();
if (!is_null($obj)) {
if (count($obj) > 0) {
$authitem = new AuthItem();
$this->cachePermissoes = $obj;
$aux = array();
foreach ($obj as $p) {
array_push($aux, $authitem->getDescriptionByName($p->item_name)->description);
}
return join(', ', $aux);
} else {
return "Não há permissões cadastradas";
}
} else {
return null;
}
} else {
return $this->cachePermissoes;
}
}
/**
* @return \yii\db\ActiveQuery
*/
public function getItemNames()
{
return $this->hasMany(AuthItem::className(), ['name' => 'item_name'])->viaTable('auth_assignment', ['user_id' => 'id']);
}
/**
* @return \yii\db\ActiveQuery
*/
public function getItem()
{
return $this->hasOne(AuthItem::className(), ['item_id' => 'item_id']);
}
/**
* @return \yii\db\ActiveQuery
*/
public function getUserRole()
{
return $this->hasOne(AuthItem::className(), ['name' => 'user_role']);
}
public function testAssignRole()
{
$user = $this->tester->grabFixture('user', 'user-2');
$role = new AuthItem(['type' => \yii\rbac\Item::TYPE_ROLE, 'name' => 'test', 'description' => 'test_description']);
expect_that($role->save());
$user->role = $role->name;
expect_that($user->save());
$user = User::findByEmail($user->email);
$auth = Yii::$app->authManager;
$auth->assign($auth->getRole($user->role), $user->id);
expect_that($user->roles->name === $role->name);
expect($user->role)->equals($role->name);
expect(key($auth->getRolesByUser($user->id)))->equals($role->name);
$role->delete();
}
