public function __construct($id, Module $module, array $config = [])
{
$this->categoryService = Yii::createObject('CategoryService');
$this->brandService = Yii::createObject('BrandService');
$this->productService = Yii::createObject('ProductService');
parent::__construct($id, $module, $config);
}
public function init()
{
parent::init();
$this->category = new Category();
$this->article = new Article();
//$this->categories = parent::$categoryArr;
$this->testEvent = new TestEvent();
}
public function init()
{
parent::init();
$this->request = Yii::$app->request;
$session = Yii::$app->session;
if (!$session->isActive) {
$session->open();
}
}
public function beforeAction($action)
{
//$msg='TEST2:'.$action;
//Yii::getLogger()->log('TEST2'.print_r($action, true), YII_DEBUG);
if ($action->id == 'settings') {
// Yii::getLogger()->log('TEST3', YII_DEBUG);
$this->enableCsrfValidation = false;
}
return parent::beforeAction($action);
}
public function beforeAction($action)
{
parent::beforeAction($action);
if ($action->id == 'index' && Yii::$app->user->getIdentity()->id_user_role != Dict::USER_ROLE_CLIENT) {
throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
}
if ($action->id == 'view' && Yii::$app->user->getIdentity()->id_user_role == Dict::USER_ROLE_CLIENT) {
throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
}
if ($action->id == 'view' && Yii::$app->user->getIdentity()->id_user_role == Dict::USER_ROLE_ADVISOR) {
$advisor = Advisor::find()->andWhere(['id_user' => $this->user->id])->one();
//find related groups
$id_groups = AdvisorGroup::find()->andWhere(['id_advisor' => $advisor['id_advisor']])->all();
$ids = [];
foreach ($id_groups as $value) {
$ids[] = $value['id_group'];
}
$applications = Application::find()->andWhere(['in', 'id_group', $ids])->all();
$id_applications = [];
foreach ($applications as $value) {
$id_applications[] = $value['id_application'];
}
$result = Loan::find()->andWhere(['in', 'id_application', $id_applications])->all();
if (count($result) == 0) {
//没有与该advisor在同一个group中的line
throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
}
}
$id_application = 0;
//根据用户id查出是否有无数据
$applicant = AppApplicant::find()->where(['id_user' => $this->user->id])->orderBy(['id_app_applicant' => SORT_DESC])->one();
if (!is_null($applicant)) {
$this->application = Application::findOne($applicant->id_application);
$this->loan = Loan::find()->where(['id_application' => $applicant->id_application])->one();
}
return true;
}
if (Yii::$app->user->isGuest) {
// $menuItems[] = ['label' => 'Signup', 'url' => ['/hem/signup']];
// $menuItems[] = ['label' => 'Login', 'url' => ['/hem/login']];
} else {
// $menuItems[] = [
// 'label' => 'Logout (' . Yii::$app->user->identity->username . ')',
// 'url' => ['/hem/logout'],
// 'linkOptions' => ['data-method' => 'post']
// ];
}
if (Yii::$app->language == 'en') {
$menuItems[] = ['label' => Yii::t('app', '' . Yii::$app->language . ''), 'items' => [['label' => 'Arm', 'url' => [BaseController::createLanguageUrl('am')]], ['label' => 'Rus', 'url' => [BaseController::createLanguageUrl('ru')]]]];
} elseif (Yii::$app->language == 'ru') {
$menuItems[] = ['label' => Yii::t('app', '' . Yii::$app->language . ''), 'items' => [['label' => 'Arm', 'url' => [BaseController::createLanguageUrl('am')]], ['label' => 'Eng', 'url' => [BaseController::createLanguageUrl('en')]]]];
} else {
$menuItems[] = ['label' => Yii::t('app', '' . Yii::$app->language . ''), 'items' => [['label' => 'Rus', 'url' => [BaseController::createLanguageUrl('ru')]], ['label' => 'Eng', 'url' => [BaseController::createLanguageUrl('en')]]]];
}
echo Nav::widget(['options' => ['class' => 'navbar-nav navbar-right'], 'items' => $menuItems]);
NavBar::end();
?>
</header>
</div>
<?php
echo Breadcrumbs::widget(['links' => isset($this->params['breadcrumbs']) ? $this->params['breadcrumbs'] : []]);
?>
<?php
echo Alert::widget();
?>
<?php
public function init()
{
parent::init();
$this->category = new Category();
}
public function beforeAction($action)
{
// ID
$ctrl_id = $action->controller->id;
$action_id = $action->id;
$behaviour = $ctrl_id . '/' . $action_id;
if (parent::beforeAction($action)) {
// 判断 id_application 权限
if (isset($_GET['id_application']) && !isset($_GET['id_app_task'])) {
$application = Application::findOne($_GET['id_application']);
if (!$application->checkOnwerAccess($this->user->id_user)) {
if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) {
$this->AUTH = Dict::AUTH_READ;
$app_task = AppTask::findOne(['id_application' => $application->id_application, 'id_app_task_type' => DictTask::TYPE_APPLICATION_FORM]);
if (($app_task->status != DictTask::STATUS_ACTIVE || $app_task->application->id_application_status != DictApplication::STATUS_ACTIVE) && !in_array($behaviour, ['task-sign/close', 'task-supplemental-information/view-file'])) {
if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT || $this->user->id_user_role == Dict::USER_ROLE_ADVISOR) {
$this->redirect(['/application/view', 'id' => $app_task->id_application]);
} else {
if ($this->user->id_user_role == Dict::USER_ROLE_CLIENT) {
$this->redirect(['/loan/application']);
}
}
return false;
}
} else {
throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
}
} else {
// app-form 特殊判断
if ($ctrl_id == 'app-form') {
$app_task = AppTask::findOne(['id_application' => $application->id_application, 'id_app_task_type' => DictTask::TYPE_APPLICATION_FORM]);
if ($app_task->status != DictTask::STATUS_ACTIVE || $app_task->application->id_application_status != DictApplication::STATUS_ACTIVE) {
if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT || $this->user->id_user_role == Dict::USER_ROLE_ADVISOR) {
$this->redirect(['/application/view', 'id' => $app_task->id_application]);
} else {
if ($this->user->id_user_role == Dict::USER_ROLE_CLIENT) {
$this->redirect(['/loan/application']);
}
}
return false;
}
if ($app_task->owner_type == DictTask::$userRoleToOwner[$this->user->id_user_role]) {
$this->AUTH = Dict::AUTH_OPERATE;
} else {
$this->AUTH = Dict::AUTH_READ;
}
} else {
if ($behaviour == 'task-sign/close') {
$betterdebt = Betterdebt::findOne(['id_user' => $this->user->id_user]);
if ($betterdebt->is_in_service_team == Dict::BD_SERVICE_TEAM_YES) {
$this->AUTH = Dict::AUTH_OPERATE;
} else {
$this->AUTH = Dict::AUTH_READ;
}
} else {
$this->AUTH = Dict::AUTH_READ;
}
}
}
}
// 判断 id_app_task 权限
if (isset($_GET['id_app_task'])) {
$app_task = AppTask::findOne($_GET['id_app_task']);
if ($app_task->application->checkOnwerAccess($this->user->id_user)) {
if (!AppTask::checkOnwerAccess($app_task, $behaviour)) {
throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
} else {
if (in_array($behaviour, ['task-sign/close', 'task/assign-to', 'task-sign/remind'])) {
$this->AUTH = Dict::AUTH_OPERATE;
} else {
if (DictTask::$ownerToUserRole[$app_task->owner_type] == $this->user->id_user_role) {
$this->AUTH = Dict::AUTH_OPERATE;
} else {
$this->AUTH = Dict::AUTH_READ;
}
}
}
} else {
if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) {
$this->AUTH = Dict::AUTH_READ;
} else {
throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
}
}
$loan = Loan::findOne(['id_application' => $app_task->id_application]);
// 如果任务不是正在进行中,则跳转
if ($app_task->status != DictTask::STATUS_ACTIVE || $app_task->application->id_application_status != DictApplication::STATUS_ACTIVE || isset($loan) && $loan->status == Dict::LOAN_STATUS_CLOSED) {
if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT || $this->user->id_user_role == Dict::USER_ROLE_ADVISOR) {
$this->redirect(['/application/view', 'id' => $app_task->id_application]);
} else {
if ($this->user->id_user_role == Dict::USER_ROLE_CLIENT) {
$this->redirect(['/loan/application']);
}
}
return false;
}
}
// 判断 id_app_form_collateral_account 权限
if (isset($_GET['id_app_form_collateral_account'])) {
$collateral_account = AppFormCollateralAccount::findOne($_GET['id_app_form_collateral_account']);
if (!$collateral_account->application->checkOnwerAccess($this->user->id_user)) {
if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) {
$this->AUTH = Dict::AUTH_READ;
} else {
throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
}
} else {
$this->AUTH = Dict::AUTH_OPERATE;
}
}
// 判断 id_app_task_checkpoint 权限
if (isset($_GET['id_app_task_checkpoint'])) {
$checkpoint = AppTaskCheckpoint::findOne($_GET['id_app_task_checkpoint']);
if (!$checkpoint->appTask->application->checkOnwerAccess($this->user->id_user) || !AppTask::checkOnwerAccess($checkpoint->appTask, $behaviour)) {
if ($this->user->id_user_role == Dict::USER_ROLE_BETTERDEBT) {
$this->AUTH = Dict::AUTH_READ;
} else {
throw new UnauthorizedHttpException("Sorry, you don't have permission to access this page.");
}
} else {
$this->AUTH = Dict::AUTH_OPERATE;
}
}
}
return true;
}
public function init()
{
parent::init();
$this->article = new Article();
}