/** * @param $id * @return string * @throws InvalidConfigException * @throws \yii\web\HttpException */ public function run($id) { $this->model = CmsContentElement::findOne(['id' => $id]); //Пробуем рендерить view для текущего типа страницы if ($this->model) { $cmsContent = $this->model->cmsContent; if ($cmsContent) { if ($cmsContent->viewFile) { $this->view = $cmsContent->viewFile; } else { $this->view = $cmsContent->code; } if ($cmsContent->access_check_element == 'Y') { /** * @var $filter CmsAccessControl */ $filter = \Yii::createObject(['class' => CmsAccessControl::className(), 'only' => [$this->id], 'rules' => [['allow' => true, 'matchCallback' => function ($rule, $action) { //Если такая привилегия заведена, нужно ее проверять. if ($permission = \Yii::$app->authManager->getPermission($this->model->permissionName)) { if (!\Yii::$app->user->can($permission->name)) { return false; } } return true; }]]]); $result = $filter->beforeAction($this); } } } return $this->_go(); }
public function behaviors() { return ArrayHelper::merge(parent::behaviors(), ['viewAccess' => ['class' => CmsAccessControl::className(), 'only' => ['view'], 'rules' => [['allow' => true, 'matchCallback' => function ($rule, $action) { if ($this->model->cmsContent && $this->model->cmsContent->access_check_element == 'Y') { //Если такая привилегия заведена, нужно ее проверять. if ($permission = \Yii::$app->authManager->getPermission($this->model->permissionName)) { if (!\Yii::$app->user->can($permission->name)) { return false; } } } return true; }]]]]); }
/** * @return array */ public function behaviors() { return ArrayHelper::merge(parent::behaviors(), ['accessToView' => ['class' => CmsAccessControl::className(), 'only' => ['view'], 'rules' => [['allow' => true, 'matchCallback' => function ($rule, $action) { $id = \Yii::$app->request->get('id'); $shopOrder = V3toysOrder::findOne($id); if (\Yii::$app->user->isGuest) { return false; } if ($shopOrder->user_id == \Yii::$app->user->identity->id) { return true; } return false; }]]], 'accessToList' => ['class' => CmsAccessControl::className(), 'only' => ['list'], 'rules' => [['allow' => true, 'roles' => ['@']]]]]); }
/** * @return array */ public function behaviors() { return ['access' => ['class' => CmsAccessControl::className(), 'rules' => [['allow' => true, 'matchCallback' => function ($rule, $action) { return $this->isOwner; }]]]]; }
public function behaviors() { return ArrayHelper::merge(parent::behaviors(), ['access-no-guests' => ['class' => CmsAccessControl::className(), 'rules' => [['allow' => true, 'roles' => ['@']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['upload' => ['post'], 'remote-upload' => ['post'], 'link-to-model' => ['post'], 'link-to-models' => ['post']]]]); }
/** * @return array */ public function behaviors() { return ['access' => ['class' => CmsAccessControl::className(), 'rules' => [['allow' => true, 'roles' => ['@'], 'actions' => ['index']]]]]; }