public function search($params)
{
$query = static::ITEM_TYPE == static::TYPE_ROLE ? Role::find() : Permission::find();
$query->joinWith(['group']);
$dataProvider = new ActiveDataProvider(['query' => $query, 'pagination' => ['pageSize' => \Yii::$app->request->cookies->getValue('_grid_page_size', 20)], 'sort' => ['defaultOrder' => ['created_at' => SORT_DESC]]]);
if (!($this->load($params) && $this->validate())) {
return $dataProvider;
}
$query->andFilterWhere(['like', Yii::$app->getModule('user')->auth_item_table . '.name', $this->name])->andFilterWhere(['like', Yii::$app->getModule('user')->auth_item_table . '.description', $this->description])->andFilterWhere([Yii::$app->getModule('user')->auth_item_table . '.group_code' => $this->group_code]);
return $dataProvider;
}
/**
* Gather all user permissions and roles and store them in the session
*
* @param UserIdentity $identity
*/
public static function updatePermissions($identity)
{
$session = Yii::$app->session;
// Clear data first in case we want to refresh permissions
$session->remove(self::SESSION_PREFIX_ROLES);
$session->remove(self::SESSION_PREFIX_PERMISSIONS);
$session->remove(self::SESSION_PREFIX_ROUTES);
// Set permissions last mod time
$session->set(self::SESSION_PREFIX_LAST_UPDATE, filemtime(self::getPermissionsLastModFile()));
// Save roles, permissions and routes in session
$session->set(self::SESSION_PREFIX_ROLES, array_keys(Role::getUserRoles($identity->id)));
$session->set(self::SESSION_PREFIX_PERMISSIONS, array_keys(Permission::getUserPermissions($identity->id)));
$session->set(self::SESSION_PREFIX_ROUTES, Route::getUserRoutes($identity->id));
}
/**
* @param int $id - User ID
*
* @return \yii\web\Response
*/
public function actionSetRoles($id)
{
if (!Yii::$app->user->identity->isSuperadmin and Yii::$app->user->id == $id) {
Yii::$app->session->setFlash('error', 'You can not change own permissions');
return $this->redirect(['set', 'id' => $id]);
}
$oldAssignments = array_keys(Role::getUserRoles($id));
// To be sure that user didn't attempt to assign himself some unavailable roles
$newAssignments = array_intersect(Role::getAvailableRoles(Yii::$app->user->identity->isSuperAdmin, true), Yii::$app->request->post('roles', []));
$toAssign = array_diff($newAssignments, $oldAssignments);
$toRevoke = array_diff($oldAssignments, $newAssignments);
foreach ($toRevoke as $role) {
User::revokeRole($id, $role);
}
foreach ($toAssign as $role) {
User::assignRole($id, $role);
}
Yii::$app->session->setFlash('success', 'Saved');
return $this->redirect(['set', 'id' => $id]);
}
<div class="col-sm-6 text-right">
<?php
echo GridPageSize::widget(['pjaxId' => 'user-grid-pjax']);
?>
</div>
</div>
<?php
Pjax::begin(['id' => 'user-grid-pjax']);
?>
<?php
echo GridView::widget(['id' => 'user-grid', 'dataProvider' => $dataProvider, 'pager' => ['options' => ['class' => 'pagination pagination-sm'], 'hideOnSinglePage' => true, 'lastPageLabel' => '>>', 'firstPageLabel' => '<<'], 'filterModel' => $searchModel, 'layout' => '{items}<div class="row"><div class="col-sm-8">{pager}</div><div class="col-sm-4 text-right">{summary}' . GridBulkActions::widget(['gridId' => 'user-grid', 'actions' => [Url::to(['bulk-activate', 'attribute' => 'status']) => GridBulkActions::t('app', 'Activate'), Url::to(['bulk-deactivate', 'attribute' => 'status']) => GridBulkActions::t('app', 'Deactivate'), '----' => [Url::to(['bulk-delete']) => GridBulkActions::t('app', 'Delete')]]]) . '</div></div>', 'columns' => [['class' => 'yii\\grid\\SerialColumn', 'options' => ['style' => 'width:30px']], ['class' => 'kuzmiand\\users\\components\\StatusColumn', 'attribute' => 'superadmin', 'visible' => Yii::$app->user->identity->isSuperadmin, 'options' => ['style' => 'width:100px']], ['attribute' => 'username', 'value' => function (User $model) {
return Html::a($model->username, ['view', 'id' => $model->id], ['data-pjax' => 0]);
}, 'format' => 'raw', 'options' => ['style' => 'width:auto']], ['attribute' => 'email', 'format' => 'raw', 'visible' => User::hasPermission('viewUserEmail'), 'options' => ['style' => 'width:auto']], ['attribute' => 'gridRoleSearch', 'filter' => ArrayHelper::map(Role::getAvailableRoles(Yii::$app->user->identity->isSuperAdmin), 'name', 'description'), 'value' => function (User $model) {
return implode(', ', ArrayHelper::map($model->roles, 'name', 'description'));
}, 'format' => 'raw', 'visible' => User::hasPermission('viewUserRoles')], ['attribute' => 'registration_ip', 'value' => function (User $model) {
return Html::a($model->registration_ip, "http://ipinfo.io/" . $model->registration_ip, ["target" => "_blank"]);
}, 'format' => 'raw', 'visible' => User::hasPermission('viewRegistrationIp'), 'options' => ['style' => 'width:100px']], ['value' => function (User $model) {
return GhostHtml::a('Roles and permissions', ['/user/user-permission/set', 'id' => $model->id], ['class' => 'btn btn-sm btn-primary', 'data-pjax' => 0]);
}, 'format' => 'raw', 'visible' => User::canRoute('/user/user-permission/set'), 'options' => ['width' => '165px']], ['class' => 'kuzmiand\\users\\components\\StatusColumn', 'attribute' => 'status', 'optionsArray' => [[User::STATUS_ACTIVE, 'Active', 'success'], [User::STATUS_NEW, 'Inactive', 'warning'], [User::STATUS_BLOCKED, 'Blocked', 'danger']]], ['class' => 'yii\\grid\\CheckboxColumn', 'options' => ['style' => 'width:30px']], ['class' => 'yii\\grid\\ActionColumn', 'contentOptions' => ['style' => 'width:70px; text-align:center;']]]]);
?>
<?php
Pjax::end();
?>
</div>
</div>
</div>
<div class="panel-heading">
<strong>
<span class="glyphicon glyphicon-th"></span> <?php
echo 'Child roles';
?>
</strong>
</div>
<div class="panel-body">
<?php
echo Html::beginForm(['set-child-roles', 'id' => $role->name]);
?>
<?php
echo Html::checkboxList('child_roles', ArrayHelper::map($childRoles, 'name', 'name'), ArrayHelper::map($allRoles, 'name', 'description'), ['item' => function ($index, $label, $name, $checked, $value) {
$list = '<ul style="padding-left: 10px">';
foreach (Role::getPermissionsByRole($value) as $permissionName => $permissionDescription) {
$list .= $permissionDescription ? "<li>{$permissionDescription}</li>" : "<li>{$permissionName}</li>";
}
$list .= '</ul>';
$helpIcon = Html::beginTag('span', ['title' => 'Permissions for role - "' . $label . '"', 'data-content' => $list, 'data-html' => 'true', 'role' => 'button', 'style' => 'margin-bottom: 5px; padding: 0 5px', 'class' => 'btn btn-sm btn-default role-help-btn']);
$helpIcon .= '?';
$helpIcon .= Html::endTag('span');
$isChecked = $checked ? 'checked' : '';
$checkbox = "<label><input type='checkbox' name='{$name}' value='{$value}' {$isChecked}> {$label}</label>";
return $helpIcon . ' ' . $checkbox;
}, 'separator' => '<br>']);
?>
<hr/>
<?php
echo Html::submitButton('<span class="glyphicon glyphicon-ok"></span> ' . 'Save', ['class' => 'btn btn-primary btn-sm']);
public function getRoles()
{
return $this->hasMany(Role::className(), ['name' => 'item_name'])->viaTable(Yii::$app->getModule('user')->auth_assignment_table, ['user_id' => 'id']);
}
/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
* @return mixed
*/
public function actionCreate()
{
$model = new Role();
$model->scenario = 'webInput';
if ($model->load(Yii::$app->request->post()) && $model->save()) {
return $this->redirect(['view', 'id' => $model->name]);
}
return $this->renderIsAjax('create', compact('model'));
}
/**
* Default unique validator search only within specific class (Role, Route or Permission) because of the overwritten find() method
*/
public function validateUniqueName($attribute)
{
if (Role::find()->where(['name' => $this->name])->exists()) {
$this->addError('name', Yii::t('yii', '{attribute} "{value}" has already been taken.', ['attribute' => $this->getAttributeLabel($attribute), 'value' => $this->{$attribute}]));
}
}