/** * Returns true or false to say if a user does or * does not have the specified permission. * * It is used by the AccessControl and User classes * in order to correctly filter out certain actions * depending on whether or not the user has the * permissions for that page. * * @param string $permission The permission that * the user is being * tested for * @return boolean Whether the user has the * permission or not * */ public function has($permission) { if (!strpos($permission, ":")) { // Not a DB permission, must be a user type switch ($permission) { case 'user': $minUserType = 10; break; case 'moderator': case 'mod': $minUserType = 20; break; case 'administrator': case 'admin': $minUserType = 30; break; case 'founder': $minUserType = 40; break; default: // Unknown permission, deny access return false; } } else { $group = substr($permission, 0, strpos($permission, ':')); $perm = substr($permission, strpos($permission, ':') + 1, strlen($permission)); // Extract the user types permission $perm = UserTypePermission::find()->where(['group' => $group, 'permission' => $perm])->one(); if ($perm == null) { return false; } $minUserType = $perm->min_user_type; } // Check core user type has permission if (Yii::$app->user->identity->user_type >= $minUserType) { return true; } else { // Check if the user has individual permissions set // Check if a separate user group has permissions set return false; } }
public function actionDeleteTypePermission() { $data = Yii::$app->request->post(); $perm = UserTypePermission::findOne(['group' => $data['group'], 'permission' => $data['permission']]); $perm->delete(); }
public function getPermissions() { return UserTypePermission::find()->where(['<=', 'min_user_type', $this->type_id])->orderBy('group ASC, min_user_type ASC, permission ASC')->all(); }