static function findUserRole($userId = NULL) { if (empty($userId)) { $userId = \Yii::$app->user->getId(); } $userRoleData = \vendor\codefire\cfusermgmt\models\AuthAssignment::find()->where(["user_id" => $userId])->one(); return !empty($userRoleData) ? $userRoleData->item_name : NULL; }
<?php return ['layoutPath' => dirname(__DIR__) . '/views/layouts/', 'components' => ['user' => ['identityClass' => 'vendor\\codefire\\cfusermgmt\\models\\User', 'enableAutoLogin' => true], 'authManager' => ['class' => 'yii\\rbac\\DbManager', 'defaultRoles' => [DEFAULT_ROLE_NAME]], 'custom' => ['class' => 'vendor\\codefire\\cfusermgmt\\components\\Custom']], 'params' => ['home_base_path' => __DIR__ . '/../../../../'], 'modules' => ['usermgmt' => ['class' => 'vendor\\codefire\\cfusermgmt\\Module']], 'aliases' => ['@cfusermgmt' => '@app/../vendor/codefire/cfusermgmt', '@cfusermgmtView' => '@vendor/codefire/cfusermgmt/views', "@cfusermgmtWeb" => "vendor/codefire/cfusermgmt/web", '@SITE_URL' => "Your Site url Goes Here"], 'on beforeAction' => function ($event) { vendor\codefire\cfusermgmt\models\UserActivity::actionSave($event); $permission = \vendor\codefire\cfusermgmt\models\User::CheckPermission($event); if (Yii::$app->user->isGuest && !$permission) { Yii::$app->session->setFlash("danger", FLASH_1041, true); Yii::$app->session->set("currentUrl", yii\helpers\Url::current()); header("location:" . yii\helpers\Url::home(true) . 'usermgmt/user/login'); exit; //return Yii::$app->controller->redirect(['/usermgmt/user/login']); } elseif (!$permission) { return Yii::$app->controller->redirect(['/usermgmt/user/permission-denied']); } $userRoleData = \vendor\codefire\cfusermgmt\models\AuthAssignment::find()->where(['user_id' => Yii::$app->user->getId()])->one(); if (in_array(Yii::$app->controller->module->id, array('usermgmt', 'content'))) { $setLayout =& Yii::$app->controller->module->module; } else { $setLayout =& Yii::$app->controller->module; } if (!empty($userRoleData)) { $userRoleName = $userRoleData->item_name; if (in_array($userRoleName, array(ADMIN_ROLE_ALIAS, SUPERADMIN_ROLE_ALIAS))) { $setLayout->layout = ADMIN_LAYOUT; } else { $setLayout->layout = DEFAULT_LAYOUT; } } else { $setLayout->layout = DEFAULT_LAYOUT; } }];
public static function CheckPermission($event) { $method = $event->action->actionMethod; $methodName = substr($method, 6); $objectName = $event->action->controller->id; $class = explode('\\', $objectName); $module = $event->action->controller->module->id; $modulePos = explode('app-', $module); if (!empty($modulePos[0])) { $dbAction = $modulePos[0] . ':' . $objectName . ':' . $methodName; } else { $dbAction = $modulePos[1] . ':' . $objectName . ':' . $methodName; } $status = false; $user = AuthAssignment::find()->onCondition(['user_id' => Yii::$app->user->getId()])->andWhere(['IN', 'item_name', [SUPERADMIN_ROLE_ALIAS, ADMIN_ROLE_ALIAS, ADMIN_ROLE_NAME]])->one(); // Here Yii did not get the user id for guest user....so that we need to fetch actions from database allowed to perform by guest and need to check for that array $guestAllowedOnly = AuthItemChild::find()->where(['parent' => GUEST_ROLE_ALIAS])->asArray()->all(); $guestAllowedArr = []; foreach ($guestAllowedOnly as $guestAllowed) { $guestAllowedArr[] = $guestAllowed['child']; } if (!in_array('usermgmt:user:Login', $guestAllowedArr)) { $guestAllowedArr[] = 'usermgmt:user:Login'; } if (!empty($user) && in_array($user->item_name, array(SUPERADMIN_ROLE_ALIAS, ADMIN_ROLE_ALIAS, ADMIN_ROLE_NAME)) && (!CHECK_PERMISSIONS_FOR_ADMIN || Yii::$app->user->can($dbAction))) { $status = true; } elseif (!USE_PERMISSIONS_FOR_USERS || in_array($dbAction, $guestAllowedArr) || Yii::$app->user->can($dbAction)) { $status = true; } return $status; }