public function checkAccess($action, $model = null, $params = [])
{
$newModel = null;
if (array_key_exists('newModel', $params)) {
$newModel = $params['newModel'];
unset($params['newModel']);
}
$query = null;
if (array_key_exists('query', $params)) {
$query = $params['query'];
unset($params['query']);
}
switch ($action) {
case 'create':
case 'create-form':
$allowed = ModelHelper::canCreate($this->modelClass, $params, $newModel);
break;
case 'view':
case 'read-form':
$allowed = ModelHelper::canRead($model);
break;
case 'update':
case 'update-form':
$allowed = ModelHelper::canUpdate($model);
break;
case 'delete':
case 'delete-form':
$allowed = ModelHelper::canDelete($model);
break;
case 'index':
case 'list':
$allowed = ModelHelper::canList($this->modelClass, $params, $query);
break;
case 'change-position':
$allowed = ModelHelper::canChangePosition($model);
break;
default:
$allowed = false;
}
if (!$allowed) {
$user = Yii::$app->getUser();
throw new ForbiddenHttpException(Yii::t('mozayka', 'Permission denied for user "{user}" to perform action "{action}".', ['user' => $user->getIsGuest() ? Yii::t('mozayka', 'Guest') : $user->getIdentity()->username, 'action' => $this->id . '/' . $action]));
}
}
