示例#1
0
 /**
  * Performs access check before action is executed.
  * If access is denied - redirect to an appropriate page or display an empty screen.
  * See {@link getCheckAccessOnActions} for the list of actions to check access for.
  * @param CAction the action to be executed.
  */
 public function checkAccessBeforeAction()
 {
     $actionId = $this->action->id;
     $checkAccessOnActions = $this->getCheckAccessOnActions();
     if (array_key_exists($actionId, $checkAccessOnActions)) {
         $a = $checkAccessOnActions[$actionId];
         // first check whether it should be an ajax or a post request
         if (!isset($a['request']) || $a['request'] === 'ajax' && Yii::app()->request->isAjaxRequest || $a['request'] === 'post' && Yii::app()->request->isPostRequest) {
             // define route and other variables
             if (!isset($a['route']) && (isset($a['moduleId']) || isset($a['controllerId']) || isset($a['actionId']))) {
                 $routeA = array();
                 if (isset($a['moduleId']) || $this->module) {
                     $routeA['moduleId'] = isset($a['moduleId']) ? $a['moduleId'] : $this->module->id;
                 }
                 $routeA['controllerId'] = isset($a['controllerId']) ? $a['controllerId'] : $this->id;
                 $routeA['actionId'] = isset($a['actionId']) ? $a['actionId'] : $this->action->id;
                 $route = implode('/', $routeA);
             } else {
                 $route = isset($a['route']) ? $a['route'] : $this->route;
             }
             if (!isset($routeA)) {
                 // attempt to generate access route
                 $routeT = explode('/', $route);
                 if (count($routeT) == 2) {
                     $routeA = array('controllerId' => $routeT[0], 'actionId' => $routeT[1]);
                 } else {
                     if (count($routeT) == 3) {
                         $routeA = array('moduleId' => $routeT[0], 'controllerId' => $routeT[1], 'actionId' => $routeT[2]);
                     }
                 }
                 unset($routeT);
             }
             $params = isset($a['params']) && is_array($a['params']) ? $a['params'] : array();
             foreach ($params as $key => $value) {
                 if (isset($value['call_user_func'])) {
                     $params[$key] = call_user_func(array($this, $value['call_user_func']));
                 }
             }
             // use power of rbac. see {@link _CUserIdentity::authorize} for assignment
             if (!Yii::app()->user->checkAccess($route, $params)) {
                 // access denied
                 // define error message variable
                 if (!isset($a['messageRoute']) && (isset($a['messageModuleId']) || isset($a['messageControllerId']) || isset($a['messageActionId']))) {
                     $routeM = array();
                     if (isset($a['messageModuleId']) || $this->module) {
                         $routeM['messageModuleId'] = isset($a['messageModuleId']) ? $a['messageModuleId'] : (isset($routeA['moduleId']) ? $routeA['moduleId'] : $this->module->id);
                     }
                     $routeM['messageControllerId'] = isset($a['messageControllerId']) ? $a['messageControllerId'] : (isset($routeA['controllerId']) ? $routeA['controllerId'] : $this->id);
                     if (isset($a['messageActionId'])) {
                         if (is_array($a['messageActionId'])) {
                             foreach ($a['messageActionId'] as $id => $bizRule) {
                                 if (empty($bizRule) || @eval($bizRule) != 0) {
                                     $routeM['messageActionId'] = $id;
                                 }
                             }
                         } else {
                             $routeM['messageActionId'] = $a['messageActionId'];
                         }
                     }
                     if (!isset($routeM['messageActionId'])) {
                         $routeM['messageActionId'] = isset($routeA['actionId']) ? $routeA['actionId'] : $this->action->id;
                     }
                     $messageRoute = implode('/', $routeM);
                 } else {
                     $messageRoute = isset($a['messageRoute']) ? $a['messageRoute'] : $route;
                 }
                 $message = Yii::t('accessDenied', $messageRoute);
                 // do what expected: exit or print json or redirect
                 if ($a === 'exit' || isset($a['do']) && $a['do'] === 'exit') {
                     // this results in an empty screen. good for simple ajax requests
                     return false;
                 } else {
                     if ($a === 'json' || isset($a['do']) && $a['do'] === 'json') {
                         // print out json document with error message.
                         // ideal for ajax requests that expect a status and a message to be returned
                         $this->printJsonExit(array('status' => 'error', 'message' => $message));
                         return false;
                     } else {
                         // set error message. should be displayed when redirect will be completed
                         MUserFlash::setTopError($message);
                         // FIXME
                         MUserFlash::setSidebarInfo(Yii::t('hint', 'Hint: Check <tt>components/_CUserIdentity:authorize()</tt> to change allowed actions.'));
                         // redirect now to user/login, user/show or to a more appropriate page
                         $this->redirect($this->getGotoUrl());
                     }
                 }
             }
         }
     }
     return true;
 }
示例#2
0
<?php

MParams::setPageLabel(Yii::t('page', 'Member not found'));
MUserFlash::setTopError(Yii::t('hint', 'The requested member does not exist.'));
MLinkList::set('sidebar', array('links' => array(array('text' => Yii::t('link', 'List of members'), 'url' => array('list'), 'icon' => 'grip-solid-horizontal', 'visible' => false), array('text' => Yii::t('link', 'Grid of members'), 'url' => array('grid'), 'icon' => 'calculator', 'visible' => Yii::app()->user->checkAccess($this->id . '/grid')), array('text' => Yii::t('link', 'Create a new member'), 'url' => array('create'), 'icon' => 'plus', 'visible' => Yii::app()->user->checkAccess($this->id . '/create')))));
MUserFlash::setSidebarInfo(Yii::t('hint', 'The requested member was deleted, inactivated or did not exist. Try to browse or search among all members.'));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('text' => Yii::t('link', 'Members'), 'url' => array($this->id . '/' . $this->defaultAction), 'active' => false, 'visible' => Yii::app()->user->checkAccess($this->id . '/' . $this->defaultAction)))));
示例#3
0
<?php

MParams::setPageLabel(Yii::t('page', 'Change interface'));
MUserFlash::setTopError(_CHtml::errorSummary($model));
if (Yii::app()->user->checkAccess(User::ADMINISTRATOR)) {
    MUserFlash::setSidebarInfo(Yii::t('hint', 'Required: {authRoles}.', array(1, '{authRoles}' => implode(', ', array(Yii::t('t', User::ADMINISTRATOR_T))))));
}
MLinkList::set('sidebar', array('links' => array(array('text' => Yii::t('link', 'Show my profile'), 'url' => !$pkIsPassed ? array('show') : array('show', 'id' => $model->id), 'icon' => 'person', 'visible' => $model->isMe), array('text' => Yii::t('link', 'Edit my profile'), 'url' => !$pkIsPassed ? array('update') : array('update', 'id' => $model->id), 'icon' => 'pencil', 'visible' => $model->isMe), array('text' => Yii::t('link', 'Show member'), 'url' => array('show', 'id' => $model->id), 'icon' => 'person', 'visible' => !$model->isMe && Yii::app()->user->checkAccess($this->id . '/show')), array('text' => Yii::t('link', 'Edit member\'s profile'), 'url' => array('update', 'id' => $model->id), 'icon' => 'pencil', 'visible' => !$model->isMe && Yii::app()->user->checkAccess($this->id . '/update')), array('text' => Yii::t('link', 'List of members'), 'url' => array('list'), 'icon' => 'grip-solid-horizontal', 'visible' => false), array('text' => Yii::t('link', 'Grid of members'), 'url' => array('grid'), 'icon' => 'calculator', 'visible' => Yii::app()->user->checkAccess($this->id . '/grid')), array('text' => Yii::t('link', 'Create a new member'), 'url' => array('create'), 'icon' => 'plus', 'visible' => Yii::app()->user->checkAccess($this->id . '/create')))));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('text' => Yii::t('link', 'Members'), 'url' => array($this->id . '/'), 'active' => false), array('text' => Yii::t('link', 'My profile'), 'url' => $pkIsPassed ? array('show', 'id' => $model->id) : array('show'), 'visible' => $model->isMe), array('text' => Yii::t('link', '"{screenName}" member', array('{screenName}' => $model->screenName)), 'url' => array('show', 'id' => $model->id), 'visible' => !$model->isMe), array('url' => $model->isMe && !$pkIsPassed ? array($this->action->id) : array($this->action->id, 'id' => $model->id), 'active' => true))));
?>
<div class="w3-main-form-box ui-widget-content ui-corner-all">

<?php 
echo _CHtml::beginForm('', 'post', array('class' => 'w3-main-form')) . "\n";
?>

<div class="w3-form-row w3-first">
  <div class="w3-form-row-input">
    <div class="w3-form-row-text">
      <?php 
echo _CHtml::activeRadioButtonList($model, 'interface', $model->getAttributeData('interface'), array('template' => '<div style="float: left; height: 145px; text-align: center; width: 160px;">{jqueryUIScreenshot}<br/>{input}&nbsp;{label}</div>', 'separator' => "\n")) . "\n";
?>
    </div>
  </div>
  <div class="clear">&nbsp;</div>
</div>
<div class="w3-form-row w3-last">
  <div class="w3-form-row-input w3-form-row-2columns w3-center">
    <div class="w3-form-row-text">
      <?php 
echo Yii::t('hint', '{saveButton} or {cancelLink}', array('{saveButton}' => _CHtml::submitButton(Yii::t('link', 'Apply selected user interface'), array('class' => 'w3-input-button w3-button-big ui-state-default ui-corner-all')), '{cancelLink}' => CHtml::link(Yii::t('link', 'Cancel[form]'), $model->isMe && !$pkIsPassed ? array('show') : array('show', 'id' => $model->id)))) . "\n";
示例#4
0
文件: grid.php 项目: megabr/web3cms
<?php

MParams::setPageLabel(Yii::t('page', 'Grid of time records'));
MUserFlash::setSidebarInfo(Yii::t('hint', 'Required: {authRoles}.', array(4, '{authRoles}' => implode(', ', array(Yii::t('t', User::CLIENT_T), Yii::t('t', User::CONSULTANT_T), Yii::t('t', User::MANAGER_T), Yii::t('t', User::ADMINISTRATOR_T))))));
MLinkList::set('sidebar', array('links' => array(array('text' => Yii::t('link', 'View as list'), 'url' => array('list'), 'icon' => 'grip-solid-horizontal', 'visible' => false), array('text' => Yii::t('link', 'Time report'), 'url' => array('report'), 'visible' => Yii::app()->user->checkAccess($this->id . '/report')), array('text' => Yii::t('link', 'Add a time record'), 'url' => array('create'), 'icon' => 'plus', 'visible' => Yii::app()->user->checkAccess($this->id . '/create')))));
$this->widget('application.components.WContentHeader', array('afterLabel' => false, 'breadcrumbs' => array(array('url' => array($this->action->id), 'active' => true))));
$this->widget('application.components.WPreItemActionBar', array('links' => array(array('dropDown' => array('links' => $allCompany), 'text' => CHtml::encode($companyLinkText), 'options' => array('title' => Yii::t('t', 'Company'))), array('dropDown' => array('links' => $allProject), 'text' => CHtml::encode($projectLinkText), 'options' => array('title' => Yii::t('t', 'Project'))), array('dropDown' => array('links' => $allTask, 'width' => 440), 'text' => CHtml::encode($taskLinkText), 'options' => array('title' => Yii::t('t', 'Task'))), array('dropDown' => array('links' => $allManager), 'text' => CHtml::encode($managerLinkText), 'options' => array('title' => Yii::t('t', 'Manager'))), array('dropDown' => array('links' => $allConsultant), 'text' => CHtml::encode($consultantLinkText), 'options' => array('title' => Yii::t('t', 'Consultant'))))));
$this->widget('application.components.WGrid', array('columns' => array(array('title' => CHtml::encode($sort->resolveLabel('company'))), array('title' => CHtml::encode($sort->resolveLabel('project'))), array('title' => CHtml::encode($sort->resolveLabel('task'))), array('title' => CHtml::encode($sort->resolveLabel('manager'))), array('title' => CHtml::encode($sort->resolveLabel('consultant'))), array('title' => CHtml::encode($sort->resolveLabel('timeDate'))), array('title' => CHtml::encode($sort->resolveLabel('spentMinute'))), array('title' => CHtml::encode($sort->resolveLabel('billedMinute'))), array('title' => CHtml::encode($sort->resolveLabel('title'))), array('title' => CHtml::encode(Yii::t('t', 'Actions')))), 'columnsModel' => array(array('name' => 'company', 'width' => 85), array('name' => 'project', 'width' => 85), array('name' => 'task', 'width' => 85), array('name' => 'manager', 'width' => 75), array('name' => 'consultant', 'width' => 75), array('name' => 'timeDate', 'width' => 70, 'align' => 'right'), array('name' => 'spentMinute', 'width' => 35), array('name' => 'billedMinute', 'width' => 35), array('name' => 'title', 'width' => 94), array('name' => 'actions', 'width' => 59, 'sortable' => false)), 'pages' => $pages, 'rowNum' => TimeController::GRID_PAGE_SIZE, 'rows' => $gridRows, 'sColumns' => array(array('title' => $sort->link('company')), array('title' => $sort->link('project')), array('title' => $sort->link('task')), array('title' => $sort->link('manager')), array('title' => $sort->link('consultant')), array('title' => $sort->link('timeDate')), array('title' => $sort->link('spentMinute')), array('title' => $sort->link('billedMinute')), array('title' => $sort->link('title')), array('title' => Yii::t('t', 'Actions'))), 'sortname' => 'timeDate', 'sortorder' => 'desc', 'url' => Yii::app()->createUrl($this->id . '/gridData', $_GET)));
示例#5
0
文件: update.php 项目: megabr/web3cms
<?php

MParams::setPageLabel(Yii::t('page', 'Edit time record'));
MUserFlash::setTopError(_CHtml::errorSummary($model));
MUserFlash::setSidebarInfo(Yii::t('hint', 'Required: {authRoles}.', $model->invoiceId >= 1 ? array(1, '{authRoles}' => implode(', ', array(Yii::t('t', User::ADMINISTRATOR_T)))) : array(2, '{authRoles}' => implode(', ', array(Yii::t('t', User::MANAGER_T), Yii::t('t', User::ADMINISTRATOR_T))))));
MLinkList::set('sidebar', array('links' => array(array('text' => Yii::t('link', 'Show time record'), 'url' => array('show', 'id' => $model->id), 'icon' => 'zoomin', 'visible' => Yii::app()->user->checkAccess($this->id . '/show')), array('text' => Yii::t('link', 'Delete time record'), 'url' => array('delete', 'id' => $model->id), 'icon' => 'trash', 'visible' => Yii::app()->user->checkAccess($this->id . '/delete', array('model' => $model))), array('text' => Yii::t('link', 'List of time records'), 'url' => array('list'), 'icon' => 'grip-solid-horizontal', 'visible' => false), array('text' => Yii::t('link', 'Grid of time records'), 'url' => array('grid'), 'icon' => 'calculator', 'visible' => Yii::app()->user->checkAccess($this->id . '/grid')), array('text' => Yii::t('link', 'Create a new time record'), 'url' => array('create'), 'icon' => 'plus', 'visible' => Yii::app()->user->checkAccess($this->id . '/create')))));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('text' => Yii::t('link', 'Time records'), 'url' => array($this->id . '/' . $this->defaultAction), 'active' => false, 'visible' => Yii::app()->user->checkAccess($this->id . '/' . $this->defaultAction)), array('text' => Yii::t('link', '"{title}" time record', array('{title}' => $model->title)), 'url' => array('show', 'id' => $model->id), 'active' => false, 'visible' => Yii::app()->user->checkAccess($this->id . '/show')), array('url' => array($this->action->id, 'id' => $model->id), 'active' => true))));
echo $this->renderPartial('_form', array('model' => $model, 'update' => true));
示例#6
0
<?php

MParams::setPageLabel(Yii::t('page', 'Register a member account'));
MUserFlash::setTopError(_CHtml::errorSummary($model));
MUserFlash::setSidebarInfo(Yii::t('hint', 'Create a new member account. It\'s free and easy!'));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('text' => Yii::t('link', 'Members'), 'url' => array($this->id . '/' . $this->defaultAction), 'active' => false, 'visible' => Yii::app()->user->checkAccess($this->id . '/' . $this->defaultAction)), array('url' => array($this->action->id), 'active' => true))));
?>
<div class="w3-main-form-box ui-widget-content ui-corner-all">

<?php 
echo _CHtml::beginForm('', 'post', array('class' => 'w3-main-form')) . "\n";
?>

<?php 
if ($model->hasVirtualAttribute('username')) {
    ?>
<div class="w3-form-row w3-first">
  <div class="w3-form-row-label"><?php 
    echo _CHtml::activeLabelEx($model, 'username');
    ?>
</div>
  <div class="w3-form-row-input">
    <?php 
    echo _CHtml::activeTextField($model, 'username', array('class' => 'w3-input-text ui-widget-content ui-corner-all', 'maxlength' => 32)) . "\n";
    ?>
  </div>
  <div class="clear">&nbsp;</div>
</div>
<div class="w3-form-row">
  <div class="w3-form-row-label"><?php 
    echo _CHtml::activeLabelEx($model, 'screenName');
示例#7
0
文件: login.php 项目: megabr/web3cms
<?php

MParams::setPageLabel(Yii::t('page', 'Login'));
MUserFlash::setTopError(_CHtml::errorSummary($form));
MUserFlash::setSidebarInfo(Yii::t('hint', 'Hint: You may login with <tt>demo/demo</tt> or <tt>admin/admin</tt>.'));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('url' => array($this->action->id), 'active' => true))));
?>
<div class="w3-main-form-box ui-widget-content ui-corner-all">

<?php 
echo _CHtml::beginForm('', 'post', array('class' => 'w3-main-form')) . "\n";
echo _CHtml::activeHiddenField($form, 'loginWithField') . "\n";
?>

<div class="w3-form-row w3-first">
  <div class="w3-form-row-label"><?php 
echo _CHtml::activeLabelEx($form, $form->getLoginWithField());
?>
</div>
  <div class="w3-form-row-input">
    <?php 
echo _CHtml::activeTextField($form, $form->getLoginWithField(), array('class' => 'w3-input-text ui-widget-content ui-corner-all')) . "\n";
?>
  </div>
  <div class="clear">&nbsp;</div>
</div>
<div class="w3-form-row">
  <div class="w3-form-row-label"><?php 
echo _CHtml::activeLabelEx($form, 'password');
?>
</div>
示例#8
0
文件: show.php 项目: megabr/web3cms
?>
</div>
  <div class="w3-detail-row-value"><?php 
echo CHtml::encode($model->id);
?>
</div>
  <div class="clear">&nbsp;</div>
</div>
<div class="w3-detail-row">
  <div class="w3-detail-row-label"><?php 
echo CHtml::encode($model->getAttributeLabel('content'));
?>
</div>
  <div class="w3-detail-row-value"><?php 
echo CHtml::encode($model->content);
?>
</div>
  <div class="clear">&nbsp;</div>
</div>

</div>

<?php 
if ($model->isOwner() || Yii::app()->user->checkAccess(User::MANAGER) || Yii::app()->user->checkAccess(User::ADMINISTRATOR)) {
    MUserFlash::setSidebarInfo(Yii::t('hint', 'Company transaction history is open for owner, manager and administrator only.'));
    ?>
<div class="w3-between-boxes">&nbsp;</div>

<?php 
    $this->widget('application.components.WGrid', array('displayButtonClose' => true, 'importantRowsBottom' => array(array(array('align' => 'right', 'colspan' => 2, 'content' => Yii::t('math', 'Total')), array('align' => 'right', 'content' => CHtml::encode(MCurrency::format($debit))), array('align' => 'right', 'content' => CHtml::encode(MCurrency::format($credit))), array('align' => 'right', 'content' => CHtml::encode(MCurrency::format($balance))))), 'maxRow' => count($gridRows), 'minRow' => count($gridRows) >= 1 ? 1 : 0, 'rows' => $gridRows, 'sColumns' => array(array('title' => Yii::t('t', 'Date')), array('title' => Yii::t('t', 'Description')), array('title' => Yii::t('payment', 'Debit')), array('title' => Yii::t('payment', 'Credit[accounting]')), array('title' => Yii::t('payment', 'Balance'))), 'sGridId' => 'w3TransactionGrid', 'title' => CHtml::encode(Yii::t('t', 'Transaction history')), 'totalRecords' => count($gridRows)));
}
示例#9
0
文件: error.php 项目: megabr/web3cms
<?php

MParams::setPageLabel(Yii::t('page', 'Error {errorCode}', array('{errorCode}' => $error['code'])));
MUserFlash::setTopError($error['message']);
MUserFlash::setSidebarInfo(Yii::t('hint', 'Some useful links will be added here soon.'));
$this->widget('application.components.WContentHeader', array('displayBreadcrumbs' => false));
示例#10
0
<?php

MParams::setPageLabel(Yii::t('page', 'Contact us'));
MUserFlash::setTopError(_CHtml::errorSummary($contact));
MUserFlash::setSidebarInfo(Yii::t('hint', 'If you have business inquiries or other questions, please fill out this form to contact us. Thank you.'));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('url' => array($this->action->id), 'active' => true))));
?>
<div class="w3-main-form-box ui-widget-content ui-corner-all">

<?php 
echo _CHtml::beginForm('', 'post', array('class' => 'w3-main-form')) . "\n";
?>

<div class="w3-form-row w3-first">
  <div class="w3-form-row-label"><?php 
echo _CHtml::activeLabelEx($contact, 'name');
?>
</div>
  <div class="w3-form-row-input">
    <?php 
echo _CHtml::activeTextField($contact, 'name', array('class' => 'w3-input-text ui-widget-content ui-corner-all', 'maxlength' => 128)) . "\n";
?>
  </div>
  <div class="clear">&nbsp;</div>
</div>
<div class="w3-form-row">
  <div class="w3-form-row-label"><?php 
echo _CHtml::activeLabelEx($contact, 'email');
?>
</div>
  <div class="w3-form-row-input">