public function checkAccess($action, $model = null, $params = []) { switch ($action) { case 'index': case 'view': $type = false; break; case 'create': $type = Auth::CAN_CREATE; break; case 'update': $type = Auth::CAN_UPDATE; break; case 'delete': $type = Auth::CAN_DELETE; break; default: throw new ForbiddenHttpException("Invalid RESPI Api action call."); break; } UserOnline::refreshUser($this->userAuthClass()->getIdentity()->id, $this->id); if (!Yii::$app->auth->matchApi($this->userAuthClass()->getIdentity()->id, $this->id, $type)) { throw new ForbiddenHttpException('you are unable to access this controller due to access restrictions.'); } }
/** * Returns the rules for the AccessControl filter behavior. * * The rules are applied as following: * * + Must be logged in. * + Apply to all actions. * + Ignore if disabledPermissionCheck is enabled. * + Check permission with `\admin\components\Auth::matchRoute()`. * + By default not logged in users. * * @return array Rule-Definitions * @see yii\filters\AccessControl */ public function getRules() { return [['allow' => true, 'actions' => [], 'roles' => ['@'], 'matchCallback' => function ($rule, $action) { if (!Yii::$app->adminuser->isGuest) { Yii::$app->luyaLanguage = Yii::$app->adminuser->identity->setting->get('luyadminlanguage', Yii::$app->luyaLanguage); } // see if a controller property has been defined to disabled the permission checks if ($action->controller->disablePermissionCheck) { return true; } // get the route based on the current $action object $route = implode('/', [$action->controller->module->id, $action->controller->id, $action->id]); UserOnline::refreshUser(Yii::$app->adminuser->getId(), $route); // check the access inside auth->matchRoute and return true/false. return Yii::$app->auth->matchRoute(Yii::$app->adminuser->getId(), $route); }]]; }
public function login() { if ($this->validate()) { $user = $this->getUser(); $user->detachBehavior('LogBehavior'); $user->scenario = 'login'; $user->force_reload = 0; $user->auth_token = Yii::$app->security->hashData(Yii::$app->security->generateRandomString(), $user->password_salt); $user->save(); $login = new UserLogin(); $login->setAttributes(['auth_token' => $user->auth_token, 'user_id' => $user->id]); $login->insert(); UserOnline::refreshUser($user->id, 'login'); return $user; } else { return false; } }