/** * @inheritdoc */ public function checkAccess($action, $model = null, $params = []) { if (Yii::$app->request->get('access-token')) { $user = User::findIdentityByAccessToken(Yii::$app->request->get('access-token')); if (!$user) { throw new ForbiddenHttpException(); } } else { throw new ForbiddenHttpException(); } if ($action === 'message') { if (!$model) { throw new ForbiddenHttpException(); } $class = Classes::findOne(['class_stream' => $model->stream_id]); if (!(is_object($class) && $class->canStudy($user))) { throw new ForbiddenHttpException(); } } return true; }
public function actionRefund() { $this->checkAccess("create"); $modelClass = new $this->modelClass(); $class_id = Yii::$app->request->get('class_id'); $class = Classes::findOne($class_id); if (!is_object($class)) { throw new Exception("Class not found", 404); } if ($class->class_stime - 3600 <= time()) { throw new Exception("You cannot do this, time out for refund.", 400); } $user = User::findIdentityByAccessToken(Yii::$app->request->get('access-token')); if ($user->user_type !== "student") { throw new Exception("You cannot do this", 404); } $order = $user->getRefundedClass($class); $modelClass->setRefund($order->transation_id); $user->setRefund($class->class_id); $transactionData = array("user_id" => $user->user_id, "description" => "Refunded class {$class->class_name}", "transation_id" => $order->transation_id, "status" => 'REFUNDED', "amount" => $order->amount * -1, "currency" => 'USD', "class_id" => $class->class_id, "transaction_refund" => true); $transactionHistoty = new TransactionHistory(); $transactionHistoty->load($transactionData, ''); if (!$transactionHistoty->save()) { return ApiHelper::errorResponse($transactionHistoty->getErrors(), 422); } $notification = new Notification(); $notification->load(array("user_id" => $user->user_id, "title" => "You successfuly refunded class {$class->class_name}", "text" => "You successfuly refunded class {$class->class_name}", "status" => "new"), ''); $notification->save(); $name = base64_encode($user->user_id); $notificationTrainer = new Notification(); $notificationTrainer->load(array("user_id" => $class->class_trainer_id, "title" => "User successfuly refunded your class.", "text" => "<a href='/public_profile/{$name}'>User</a> successfuly refunded your class '{$class->class_name}'.", "status" => "new"), ''); $notificationTrainer->save(); return ApiHelper::successResponse($transactionHistoty); }
public function actionGetEarningPdf() { $this->checkAccess("create"); $user = User::findIdentityByAccessToken(Yii::$app->request->get('access-token')); $type = Yii::$app->request->get('type'); switch ($type) { case 'week': $period_start = (int) Yii::$app->request->get('period_start'); $period_end = (int) Yii::$app->request->get('period_end'); if ($period_start && $period_end) { $data = Classes::getWeekEarningPdf($user->user_id, $period_start, $period_end); if (!$data) { throw new ForbiddenHttpException(); } $sum = Classes::getWeekEarning($user->user_id, $period_start, $period_end); $sum = round($sum - $sum / 100 * (int) $user->user_fees, 2); $this->layout = 'main-login'; $pdf = Yii::$app->pdf; $dataProvider = new ActiveDataProvider(['query' => $data, 'sort' => false]); $pdf->content = $this->render('invoice_week', ['data' => $dataProvider, 'sum' => $sum, 'user_fees' => (int) $user->user_fees]); return $pdf->render(); } break; case 'class': $class = (int) Yii::$app->request->get('class'); $data = Classes::findOne($class); if ($data) { $this->layout = 'main-login'; $pdf = Yii::$app->pdf; $data = $data->toArray(); $dataProvider = new ActiveDataProvider(['query' => Classes::find()->where(['class_id' => $class]), 'sort' => false]); $sum = round((int) $data['pay_sum'] - (int) $data['pay_sum'] / 100 * (int) $user->user_fees, 2); $pdf->content = $this->render('invoice_class', ['data' => $dataProvider, 'sum' => $sum, 'class_id' => $data['class_id'], 'user_fees' => (int) $user->user_fees]); return $pdf->render(); } break; } }