public function beforeAction($action) { if (parent::beforeAction($action)) { if (isset($_GET['id_application'])) { $appTaskModel = AppTask::find()->andWhere(['id_application' => $_GET['id_application'], 'id_app_task_type' => 1])->one(); $this->appTaskModel = $appTaskModel; } return true; } }
public function beforeAction($action) { parent::beforeAction($action); if ($action->id == 'create' && $this->user->id_user_role != Dict::USER_ROLE_ADVISOR) { throw new BadRequestHttpException('Permission denied'); } if ($action->id == 'view' && $this->user->id_user_role == Dict::USER_ROLE_CLIENT) { throw new BadRequestHttpException('Permission denied'); } if (isset($_GET['id'])) { $this->application = $this->findModel($_GET['id']); if (!$this->application->checkOnwerAccess($this->user->id_user)) { if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) { $this->AUTH = Dict::AUTH_READ; } else { throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page."); } } else { $this->AUTH = Dict::AUTH_OPERATE; } } return true; }