Exemplo n.º 1
0
 static function findUserRole($userId = NULL)
 {
     if (empty($userId)) {
         $userId = \Yii::$app->user->getId();
     }
     $userRoleData = \vendor\codefire\cfusermgmt\models\AuthAssignment::find()->where(["user_id" => $userId])->one();
     return !empty($userRoleData) ? $userRoleData->item_name : NULL;
 }
Exemplo n.º 2
0
<?php

return ['layoutPath' => dirname(__DIR__) . '/views/layouts/', 'components' => ['user' => ['identityClass' => 'vendor\\codefire\\cfusermgmt\\models\\User', 'enableAutoLogin' => true], 'authManager' => ['class' => 'yii\\rbac\\DbManager', 'defaultRoles' => [DEFAULT_ROLE_NAME]], 'custom' => ['class' => 'vendor\\codefire\\cfusermgmt\\components\\Custom']], 'params' => ['home_base_path' => __DIR__ . '/../../../../'], 'modules' => ['usermgmt' => ['class' => 'vendor\\codefire\\cfusermgmt\\Module']], 'aliases' => ['@cfusermgmt' => '@app/../vendor/codefire/cfusermgmt', '@cfusermgmtView' => '@vendor/codefire/cfusermgmt/views', "@cfusermgmtWeb" => "vendor/codefire/cfusermgmt/web", '@SITE_URL' => "Your Site url Goes Here"], 'on beforeAction' => function ($event) {
    vendor\codefire\cfusermgmt\models\UserActivity::actionSave($event);
    $permission = \vendor\codefire\cfusermgmt\models\User::CheckPermission($event);
    if (Yii::$app->user->isGuest && !$permission) {
        Yii::$app->session->setFlash("danger", FLASH_1041, true);
        Yii::$app->session->set("currentUrl", yii\helpers\Url::current());
        header("location:" . yii\helpers\Url::home(true) . 'usermgmt/user/login');
        exit;
        //return Yii::$app->controller->redirect(['/usermgmt/user/login']);
    } elseif (!$permission) {
        return Yii::$app->controller->redirect(['/usermgmt/user/permission-denied']);
    }
    $userRoleData = \vendor\codefire\cfusermgmt\models\AuthAssignment::find()->where(['user_id' => Yii::$app->user->getId()])->one();
    if (in_array(Yii::$app->controller->module->id, array('usermgmt', 'content'))) {
        $setLayout =& Yii::$app->controller->module->module;
    } else {
        $setLayout =& Yii::$app->controller->module;
    }
    if (!empty($userRoleData)) {
        $userRoleName = $userRoleData->item_name;
        if (in_array($userRoleName, array(ADMIN_ROLE_ALIAS, SUPERADMIN_ROLE_ALIAS))) {
            $setLayout->layout = ADMIN_LAYOUT;
        } else {
            $setLayout->layout = DEFAULT_LAYOUT;
        }
    } else {
        $setLayout->layout = DEFAULT_LAYOUT;
    }
}];
Exemplo n.º 3
0
 public static function CheckPermission($event)
 {
     $method = $event->action->actionMethod;
     $methodName = substr($method, 6);
     $objectName = $event->action->controller->id;
     $class = explode('\\', $objectName);
     $module = $event->action->controller->module->id;
     $modulePos = explode('app-', $module);
     if (!empty($modulePos[0])) {
         $dbAction = $modulePos[0] . ':' . $objectName . ':' . $methodName;
     } else {
         $dbAction = $modulePos[1] . ':' . $objectName . ':' . $methodName;
     }
     $status = false;
     $user = AuthAssignment::find()->onCondition(['user_id' => Yii::$app->user->getId()])->andWhere(['IN', 'item_name', [SUPERADMIN_ROLE_ALIAS, ADMIN_ROLE_ALIAS, ADMIN_ROLE_NAME]])->one();
     // Here Yii did not get the user id for guest user....so that we need to fetch actions from database allowed to perform by guest and need to check for that array
     $guestAllowedOnly = AuthItemChild::find()->where(['parent' => GUEST_ROLE_ALIAS])->asArray()->all();
     $guestAllowedArr = [];
     foreach ($guestAllowedOnly as $guestAllowed) {
         $guestAllowedArr[] = $guestAllowed['child'];
     }
     if (!in_array('usermgmt:user:Login', $guestAllowedArr)) {
         $guestAllowedArr[] = 'usermgmt:user:Login';
     }
     if (!empty($user) && in_array($user->item_name, array(SUPERADMIN_ROLE_ALIAS, ADMIN_ROLE_ALIAS, ADMIN_ROLE_NAME)) && (!CHECK_PERMISSIONS_FOR_ADMIN || Yii::$app->user->can($dbAction))) {
         $status = true;
     } elseif (!USE_PERMISSIONS_FOR_USERS || in_array($dbAction, $guestAllowedArr) || Yii::$app->user->can($dbAction)) {
         $status = true;
     }
     return $status;
 }