/** * Check if user has access to current route * * @param Action $action the action to be executed. * * @return boolean whether the action should continue to be executed. */ public function beforeAction($action) { if ($action->id == 'captcha') { return true; } $route = '/' . $action->uniqueId; if (Route::isFreeAccess($route, $action)) { return true; } if (Yii::$app->user->isGuest) { $this->denyAccess(); } // If user has been deleted, then destroy session and redirect to home page if (!Yii::$app->user->isGuest and Yii::$app->user->identity === null) { Yii::$app->getSession()->destroy(); $this->denyAccess(); } // Superadmin owns everyone if (Yii::$app->user->isSuperadmin) { return true; } if (Yii::$app->user->identity and Yii::$app->user->identity->status != User::STATUS_ACTIVE) { Yii::$app->user->logout(); Yii::$app->getResponse()->redirect(Yii::$app->getHomeUrl()); } if (User::canRoute($route)) { return true; } if (isset($this->denyCallback)) { call_user_func($this->denyCallback, null, $action); } else { $this->denyAccess(); } return false; }
/** * Useful for Menu widget * * <example> * ... * [ 'label'=>'Some label', 'url'=>['/site/index'], 'visible'=>User::canRoute(['/site/index']) ] * ... * </example> * * @param string|array $route * @param bool $superAdminAllowed * * @return bool */ public static function canRoute($route, $superAdminAllowed = true) { if ($superAdminAllowed and Yii::$app->user->isSuperadmin) { return true; } $baseRoute = AuthHelper::unifyRoute($route); if (Route::isFreeAccess($baseRoute)) { return true; } AuthHelper::ensurePermissionsUpToDate(); return Route::isRouteAllowed($baseRoute, Yii::$app->session->get(AuthHelper::SESSION_PREFIX_ROUTES, [])); }