/** * Check if controller has $freeAccess = true or $action in $freeAccessActions * Or it's login, logout, error page * * @param string $route * @param Action|null $action * * @return bool */ public static function isFreeAccess($route, $action = null) { if ($action) { $controller = $action->controller; if ($controller->hasProperty('freeAccess') and $controller->freeAccess === true) { return true; } if ($controller->hasProperty('freeAccessActions') and in_array($action->id, $controller->freeAccessActions)) { return true; } } $systemPages = ['/user/auth/logout', AuthHelper::unifyRoute(Yii::$app->errorHandler->errorAction), AuthHelper::unifyRoute(Yii::$app->user->loginUrl)]; if (in_array($route, $systemPages)) { return true; } // Registration can be enabled either by this option or by adding '/user/auth/registration' route to guest permissions if ($route == '/user/auth/registration' && Yii::$app->getModule('user')->enableRegistration === true) { return true; } if (static::isInCommonPermission($route)) { return true; } return false; }
public static function canRoute($route, $superAdminAllowed = true) { if ($superAdminAllowed and @Yii::$app->user->identity->isSuperadmin) { return true; } $baseRoute = AuthHelper::unifyRoute($route); if (Route::isFreeAccess($baseRoute)) { return true; } AuthHelper::ensurePermissionsUpToDate(); return Route::isRouteAllowed($baseRoute, Yii::$app->session->get(AuthHelper::SESSION_PREFIX_ROUTES, [])); }