public function run() { $query = ProjectRole::find(); if ($this->projectId !== null) { $query->byProjectId($this->projectId); } return $query->all(); }
/** @inheritdoc */ protected function beforeModify($data) { $role = ProjectRole::find()->byId($data['role_id'])->one(); $project = $this->project; if ($role->getProjectId() != $project->getId()) { throw new ForbiddenHttpException("Role '{$role->getId()}' doesn't owned by project '{$project->getId()}'."); // todo-rbac } return true; }
public function init() { parent::init(); $this->userTbl = User::tableName(); $this->projectTbl = Project::tableName(); $this->memberTbl = ProjectMember::tableName(); $this->roleTbl = ProjectRole::tableName(); $this->ticketTbl = Ticket::tableName(); $this->ticketGroupTbl = TicketGroup::tableName(); $this->tokenTbl = Token::tableName(); $this->projectUserFk = $this->createFkData($this->projectTbl, 'owner_id', $this->userTbl, 'id', 'cascade', 'cascade'); $this->memberUserFk = $this->createFkData($this->memberTbl, 'user_id', $this->userTbl, 'id', 'cascade', 'cascade'); $this->memberRoleFk = $this->createFkData($this->memberTbl, 'role_id', $this->roleTbl, 'id', 'restrict', 'cascade'); $this->memberProjectFk = $this->createFkData($this->memberTbl, 'project_id', $this->projectTbl, 'id', 'cascade', 'cascade'); $this->ticketUserFk = $this->createFkData($this->ticketTbl, 'creator_id', $this->userTbl, 'id', 'cascade', 'cascade'); $this->ticketGroupFk = $this->createFkData($this->ticketTbl, 'group_id', $this->ticketGroupTbl, 'id', 'restrict', 'cascade'); $this->ticketProjectFk = $this->createFkData($this->ticketTbl, 'project_id', $this->projectTbl, 'id', 'cascade', 'cascade'); $this->roleProjectFk = $this->createFkData($this->roleTbl, 'project_id', $this->projectTbl, 'id', 'cascade', 'cascade'); $this->groupProjectFk = $this->createFkData($this->ticketGroupTbl, 'project_id', $this->projectTbl, 'id', 'cascade', 'cascade'); $this->tokenUserFk = $this->createFkData($this->tokenTbl, 'user_id', $this->userTbl, 'id', 'cascade', 'cascade'); }
/** * @param int $project_id * @param int $role_id * @return ProjectRole * @throws ModelValidateException * @throws NotFoundHttpException * @throws ForbiddenHttpException */ public function actionUpdate($project_id, $role_id) { $project = Project::find()->byId($project_id)->oneOrThrow(); if ($project->getOwnerId() != \Yii::$app->getUser()->getId()) { throw new ForbiddenHttpException(); // todo-rbac } $data = \Yii::$app->getRequest()->post(); $role = ProjectRole::find()->byId($role_id)->oneOrThrow(); if ($project->getId() != $role->getProjectId()) { throw new ForbiddenHttpException(); } if ($role->modify($data)) { return $role; } else { throw new ModelValidateException($role); } }