/**
* Performs access check before action is executed.
* If access is denied - redirect to an appropriate page or display an empty screen.
* See {@link getCheckAccessOnActions} for the list of actions to check access for.
* @param CAction the action to be executed.
*/
public function checkAccessBeforeAction()
{
$actionId = $this->action->id;
$checkAccessOnActions = $this->getCheckAccessOnActions();
if (array_key_exists($actionId, $checkAccessOnActions)) {
$a = $checkAccessOnActions[$actionId];
// first check whether it should be an ajax or a post request
if (!isset($a['request']) || $a['request'] === 'ajax' && Yii::app()->request->isAjaxRequest || $a['request'] === 'post' && Yii::app()->request->isPostRequest) {
// define route and other variables
if (!isset($a['route']) && (isset($a['moduleId']) || isset($a['controllerId']) || isset($a['actionId']))) {
$routeA = array();
if (isset($a['moduleId']) || $this->module) {
$routeA['moduleId'] = isset($a['moduleId']) ? $a['moduleId'] : $this->module->id;
}
$routeA['controllerId'] = isset($a['controllerId']) ? $a['controllerId'] : $this->id;
$routeA['actionId'] = isset($a['actionId']) ? $a['actionId'] : $this->action->id;
$route = implode('/', $routeA);
} else {
$route = isset($a['route']) ? $a['route'] : $this->route;
}
if (!isset($routeA)) {
// attempt to generate access route
$routeT = explode('/', $route);
if (count($routeT) == 2) {
$routeA = array('controllerId' => $routeT[0], 'actionId' => $routeT[1]);
} else {
if (count($routeT) == 3) {
$routeA = array('moduleId' => $routeT[0], 'controllerId' => $routeT[1], 'actionId' => $routeT[2]);
}
}
unset($routeT);
}
$params = isset($a['params']) && is_array($a['params']) ? $a['params'] : array();
foreach ($params as $key => $value) {
if (isset($value['call_user_func'])) {
$params[$key] = call_user_func(array($this, $value['call_user_func']));
}
}
// use power of rbac. see {@link _CUserIdentity::authorize} for assignment
if (!Yii::app()->user->checkAccess($route, $params)) {
// access denied
// define error message variable
if (!isset($a['messageRoute']) && (isset($a['messageModuleId']) || isset($a['messageControllerId']) || isset($a['messageActionId']))) {
$routeM = array();
if (isset($a['messageModuleId']) || $this->module) {
$routeM['messageModuleId'] = isset($a['messageModuleId']) ? $a['messageModuleId'] : (isset($routeA['moduleId']) ? $routeA['moduleId'] : $this->module->id);
}
$routeM['messageControllerId'] = isset($a['messageControllerId']) ? $a['messageControllerId'] : (isset($routeA['controllerId']) ? $routeA['controllerId'] : $this->id);
if (isset($a['messageActionId'])) {
if (is_array($a['messageActionId'])) {
foreach ($a['messageActionId'] as $id => $bizRule) {
if (empty($bizRule) || @eval($bizRule) != 0) {
$routeM['messageActionId'] = $id;
}
}
} else {
$routeM['messageActionId'] = $a['messageActionId'];
}
}
if (!isset($routeM['messageActionId'])) {
$routeM['messageActionId'] = isset($routeA['actionId']) ? $routeA['actionId'] : $this->action->id;
}
$messageRoute = implode('/', $routeM);
} else {
$messageRoute = isset($a['messageRoute']) ? $a['messageRoute'] : $route;
}
$message = Yii::t('accessDenied', $messageRoute);
// do what expected: exit or print json or redirect
if ($a === 'exit' || isset($a['do']) && $a['do'] === 'exit') {
// this results in an empty screen. good for simple ajax requests
return false;
} else {
if ($a === 'json' || isset($a['do']) && $a['do'] === 'json') {
// print out json document with error message.
// ideal for ajax requests that expect a status and a message to be returned
$this->printJsonExit(array('status' => 'error', 'message' => $message));
return false;
} else {
// set error message. should be displayed when redirect will be completed
MUserFlash::setTopError($message);
// FIXME
MUserFlash::setSidebarInfo(Yii::t('hint', 'Hint: Check <tt>components/_CUserIdentity:authorize()</tt> to change allowed actions.'));
// redirect now to user/login, user/show or to a more appropriate page
$this->redirect($this->getGotoUrl());
}
}
}
}
}
return true;
}
<?php
MParams::setPageLabel(Yii::t('page', 'Member not found'));
MUserFlash::setTopError(Yii::t('hint', 'The requested member does not exist.'));
MLinkList::set('sidebar', array('links' => array(array('text' => Yii::t('link', 'List of members'), 'url' => array('list'), 'icon' => 'grip-solid-horizontal', 'visible' => false), array('text' => Yii::t('link', 'Grid of members'), 'url' => array('grid'), 'icon' => 'calculator', 'visible' => Yii::app()->user->checkAccess($this->id . '/grid')), array('text' => Yii::t('link', 'Create a new member'), 'url' => array('create'), 'icon' => 'plus', 'visible' => Yii::app()->user->checkAccess($this->id . '/create')))));
MUserFlash::setSidebarInfo(Yii::t('hint', 'The requested member was deleted, inactivated or did not exist. Try to browse or search among all members.'));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('text' => Yii::t('link', 'Members'), 'url' => array($this->id . '/' . $this->defaultAction), 'active' => false, 'visible' => Yii::app()->user->checkAccess($this->id . '/' . $this->defaultAction)))));
<?php
MParams::setPageLabel(Yii::t('page', 'Change interface'));
MUserFlash::setTopError(_CHtml::errorSummary($model));
if (Yii::app()->user->checkAccess(User::ADMINISTRATOR)) {
MUserFlash::setSidebarInfo(Yii::t('hint', 'Required: {authRoles}.', array(1, '{authRoles}' => implode(', ', array(Yii::t('t', User::ADMINISTRATOR_T))))));
}
MLinkList::set('sidebar', array('links' => array(array('text' => Yii::t('link', 'Show my profile'), 'url' => !$pkIsPassed ? array('show') : array('show', 'id' => $model->id), 'icon' => 'person', 'visible' => $model->isMe), array('text' => Yii::t('link', 'Edit my profile'), 'url' => !$pkIsPassed ? array('update') : array('update', 'id' => $model->id), 'icon' => 'pencil', 'visible' => $model->isMe), array('text' => Yii::t('link', 'Show member'), 'url' => array('show', 'id' => $model->id), 'icon' => 'person', 'visible' => !$model->isMe && Yii::app()->user->checkAccess($this->id . '/show')), array('text' => Yii::t('link', 'Edit member\'s profile'), 'url' => array('update', 'id' => $model->id), 'icon' => 'pencil', 'visible' => !$model->isMe && Yii::app()->user->checkAccess($this->id . '/update')), array('text' => Yii::t('link', 'List of members'), 'url' => array('list'), 'icon' => 'grip-solid-horizontal', 'visible' => false), array('text' => Yii::t('link', 'Grid of members'), 'url' => array('grid'), 'icon' => 'calculator', 'visible' => Yii::app()->user->checkAccess($this->id . '/grid')), array('text' => Yii::t('link', 'Create a new member'), 'url' => array('create'), 'icon' => 'plus', 'visible' => Yii::app()->user->checkAccess($this->id . '/create')))));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('text' => Yii::t('link', 'Members'), 'url' => array($this->id . '/'), 'active' => false), array('text' => Yii::t('link', 'My profile'), 'url' => $pkIsPassed ? array('show', 'id' => $model->id) : array('show'), 'visible' => $model->isMe), array('text' => Yii::t('link', '"{screenName}" member', array('{screenName}' => $model->screenName)), 'url' => array('show', 'id' => $model->id), 'visible' => !$model->isMe), array('url' => $model->isMe && !$pkIsPassed ? array($this->action->id) : array($this->action->id, 'id' => $model->id), 'active' => true))));
?>
<div class="w3-main-form-box ui-widget-content ui-corner-all">
<?php
echo _CHtml::beginForm('', 'post', array('class' => 'w3-main-form')) . "\n";
?>
<div class="w3-form-row w3-first">
<div class="w3-form-row-input">
<div class="w3-form-row-text">
<?php
echo _CHtml::activeRadioButtonList($model, 'interface', $model->getAttributeData('interface'), array('template' => '<div style="float: left; height: 145px; text-align: center; width: 160px;">{jqueryUIScreenshot}<br/>{input} {label}</div>', 'separator' => "\n")) . "\n";
?>
</div>
</div>
<div class="clear"> </div>
</div>
<div class="w3-form-row w3-last">
<div class="w3-form-row-input w3-form-row-2columns w3-center">
<div class="w3-form-row-text">
<?php
echo Yii::t('hint', '{saveButton} or {cancelLink}', array('{saveButton}' => _CHtml::submitButton(Yii::t('link', 'Apply selected user interface'), array('class' => 'w3-input-button w3-button-big ui-state-default ui-corner-all')), '{cancelLink}' => CHtml::link(Yii::t('link', 'Cancel[form]'), $model->isMe && !$pkIsPassed ? array('show') : array('show', 'id' => $model->id)))) . "\n";
<?php
MParams::setPageLabel(Yii::t('page', 'Grid of time records'));
MUserFlash::setSidebarInfo(Yii::t('hint', 'Required: {authRoles}.', array(4, '{authRoles}' => implode(', ', array(Yii::t('t', User::CLIENT_T), Yii::t('t', User::CONSULTANT_T), Yii::t('t', User::MANAGER_T), Yii::t('t', User::ADMINISTRATOR_T))))));
MLinkList::set('sidebar', array('links' => array(array('text' => Yii::t('link', 'View as list'), 'url' => array('list'), 'icon' => 'grip-solid-horizontal', 'visible' => false), array('text' => Yii::t('link', 'Time report'), 'url' => array('report'), 'visible' => Yii::app()->user->checkAccess($this->id . '/report')), array('text' => Yii::t('link', 'Add a time record'), 'url' => array('create'), 'icon' => 'plus', 'visible' => Yii::app()->user->checkAccess($this->id . '/create')))));
$this->widget('application.components.WContentHeader', array('afterLabel' => false, 'breadcrumbs' => array(array('url' => array($this->action->id), 'active' => true))));
$this->widget('application.components.WPreItemActionBar', array('links' => array(array('dropDown' => array('links' => $allCompany), 'text' => CHtml::encode($companyLinkText), 'options' => array('title' => Yii::t('t', 'Company'))), array('dropDown' => array('links' => $allProject), 'text' => CHtml::encode($projectLinkText), 'options' => array('title' => Yii::t('t', 'Project'))), array('dropDown' => array('links' => $allTask, 'width' => 440), 'text' => CHtml::encode($taskLinkText), 'options' => array('title' => Yii::t('t', 'Task'))), array('dropDown' => array('links' => $allManager), 'text' => CHtml::encode($managerLinkText), 'options' => array('title' => Yii::t('t', 'Manager'))), array('dropDown' => array('links' => $allConsultant), 'text' => CHtml::encode($consultantLinkText), 'options' => array('title' => Yii::t('t', 'Consultant'))))));
$this->widget('application.components.WGrid', array('columns' => array(array('title' => CHtml::encode($sort->resolveLabel('company'))), array('title' => CHtml::encode($sort->resolveLabel('project'))), array('title' => CHtml::encode($sort->resolveLabel('task'))), array('title' => CHtml::encode($sort->resolveLabel('manager'))), array('title' => CHtml::encode($sort->resolveLabel('consultant'))), array('title' => CHtml::encode($sort->resolveLabel('timeDate'))), array('title' => CHtml::encode($sort->resolveLabel('spentMinute'))), array('title' => CHtml::encode($sort->resolveLabel('billedMinute'))), array('title' => CHtml::encode($sort->resolveLabel('title'))), array('title' => CHtml::encode(Yii::t('t', 'Actions')))), 'columnsModel' => array(array('name' => 'company', 'width' => 85), array('name' => 'project', 'width' => 85), array('name' => 'task', 'width' => 85), array('name' => 'manager', 'width' => 75), array('name' => 'consultant', 'width' => 75), array('name' => 'timeDate', 'width' => 70, 'align' => 'right'), array('name' => 'spentMinute', 'width' => 35), array('name' => 'billedMinute', 'width' => 35), array('name' => 'title', 'width' => 94), array('name' => 'actions', 'width' => 59, 'sortable' => false)), 'pages' => $pages, 'rowNum' => TimeController::GRID_PAGE_SIZE, 'rows' => $gridRows, 'sColumns' => array(array('title' => $sort->link('company')), array('title' => $sort->link('project')), array('title' => $sort->link('task')), array('title' => $sort->link('manager')), array('title' => $sort->link('consultant')), array('title' => $sort->link('timeDate')), array('title' => $sort->link('spentMinute')), array('title' => $sort->link('billedMinute')), array('title' => $sort->link('title')), array('title' => Yii::t('t', 'Actions'))), 'sortname' => 'timeDate', 'sortorder' => 'desc', 'url' => Yii::app()->createUrl($this->id . '/gridData', $_GET)));
<?php
MParams::setPageLabel(Yii::t('page', 'Edit time record'));
MUserFlash::setTopError(_CHtml::errorSummary($model));
MUserFlash::setSidebarInfo(Yii::t('hint', 'Required: {authRoles}.', $model->invoiceId >= 1 ? array(1, '{authRoles}' => implode(', ', array(Yii::t('t', User::ADMINISTRATOR_T)))) : array(2, '{authRoles}' => implode(', ', array(Yii::t('t', User::MANAGER_T), Yii::t('t', User::ADMINISTRATOR_T))))));
MLinkList::set('sidebar', array('links' => array(array('text' => Yii::t('link', 'Show time record'), 'url' => array('show', 'id' => $model->id), 'icon' => 'zoomin', 'visible' => Yii::app()->user->checkAccess($this->id . '/show')), array('text' => Yii::t('link', 'Delete time record'), 'url' => array('delete', 'id' => $model->id), 'icon' => 'trash', 'visible' => Yii::app()->user->checkAccess($this->id . '/delete', array('model' => $model))), array('text' => Yii::t('link', 'List of time records'), 'url' => array('list'), 'icon' => 'grip-solid-horizontal', 'visible' => false), array('text' => Yii::t('link', 'Grid of time records'), 'url' => array('grid'), 'icon' => 'calculator', 'visible' => Yii::app()->user->checkAccess($this->id . '/grid')), array('text' => Yii::t('link', 'Create a new time record'), 'url' => array('create'), 'icon' => 'plus', 'visible' => Yii::app()->user->checkAccess($this->id . '/create')))));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('text' => Yii::t('link', 'Time records'), 'url' => array($this->id . '/' . $this->defaultAction), 'active' => false, 'visible' => Yii::app()->user->checkAccess($this->id . '/' . $this->defaultAction)), array('text' => Yii::t('link', '"{title}" time record', array('{title}' => $model->title)), 'url' => array('show', 'id' => $model->id), 'active' => false, 'visible' => Yii::app()->user->checkAccess($this->id . '/show')), array('url' => array($this->action->id, 'id' => $model->id), 'active' => true))));
echo $this->renderPartial('_form', array('model' => $model, 'update' => true));
<?php
MParams::setPageLabel(Yii::t('page', 'Register a member account'));
MUserFlash::setTopError(_CHtml::errorSummary($model));
MUserFlash::setSidebarInfo(Yii::t('hint', 'Create a new member account. It\'s free and easy!'));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('text' => Yii::t('link', 'Members'), 'url' => array($this->id . '/' . $this->defaultAction), 'active' => false, 'visible' => Yii::app()->user->checkAccess($this->id . '/' . $this->defaultAction)), array('url' => array($this->action->id), 'active' => true))));
?>
<div class="w3-main-form-box ui-widget-content ui-corner-all">
<?php
echo _CHtml::beginForm('', 'post', array('class' => 'w3-main-form')) . "\n";
?>
<?php
if ($model->hasVirtualAttribute('username')) {
?>
<div class="w3-form-row w3-first">
<div class="w3-form-row-label"><?php
echo _CHtml::activeLabelEx($model, 'username');
?>
</div>
<div class="w3-form-row-input">
<?php
echo _CHtml::activeTextField($model, 'username', array('class' => 'w3-input-text ui-widget-content ui-corner-all', 'maxlength' => 32)) . "\n";
?>
</div>
<div class="clear"> </div>
</div>
<div class="w3-form-row">
<div class="w3-form-row-label"><?php
echo _CHtml::activeLabelEx($model, 'screenName');
<?php
MParams::setPageLabel(Yii::t('page', 'Login'));
MUserFlash::setTopError(_CHtml::errorSummary($form));
MUserFlash::setSidebarInfo(Yii::t('hint', 'Hint: You may login with <tt>demo/demo</tt> or <tt>admin/admin</tt>.'));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('url' => array($this->action->id), 'active' => true))));
?>
<div class="w3-main-form-box ui-widget-content ui-corner-all">
<?php
echo _CHtml::beginForm('', 'post', array('class' => 'w3-main-form')) . "\n";
echo _CHtml::activeHiddenField($form, 'loginWithField') . "\n";
?>
<div class="w3-form-row w3-first">
<div class="w3-form-row-label"><?php
echo _CHtml::activeLabelEx($form, $form->getLoginWithField());
?>
</div>
<div class="w3-form-row-input">
<?php
echo _CHtml::activeTextField($form, $form->getLoginWithField(), array('class' => 'w3-input-text ui-widget-content ui-corner-all')) . "\n";
?>
</div>
<div class="clear"> </div>
</div>
<div class="w3-form-row">
<div class="w3-form-row-label"><?php
echo _CHtml::activeLabelEx($form, 'password');
?>
</div>
?>
</div>
<div class="w3-detail-row-value"><?php
echo CHtml::encode($model->id);
?>
</div>
<div class="clear"> </div>
</div>
<div class="w3-detail-row">
<div class="w3-detail-row-label"><?php
echo CHtml::encode($model->getAttributeLabel('content'));
?>
</div>
<div class="w3-detail-row-value"><?php
echo CHtml::encode($model->content);
?>
</div>
<div class="clear"> </div>
</div>
</div>
<?php
if ($model->isOwner() || Yii::app()->user->checkAccess(User::MANAGER) || Yii::app()->user->checkAccess(User::ADMINISTRATOR)) {
MUserFlash::setSidebarInfo(Yii::t('hint', 'Company transaction history is open for owner, manager and administrator only.'));
?>
<div class="w3-between-boxes"> </div>
<?php
$this->widget('application.components.WGrid', array('displayButtonClose' => true, 'importantRowsBottom' => array(array(array('align' => 'right', 'colspan' => 2, 'content' => Yii::t('math', 'Total')), array('align' => 'right', 'content' => CHtml::encode(MCurrency::format($debit))), array('align' => 'right', 'content' => CHtml::encode(MCurrency::format($credit))), array('align' => 'right', 'content' => CHtml::encode(MCurrency::format($balance))))), 'maxRow' => count($gridRows), 'minRow' => count($gridRows) >= 1 ? 1 : 0, 'rows' => $gridRows, 'sColumns' => array(array('title' => Yii::t('t', 'Date')), array('title' => Yii::t('t', 'Description')), array('title' => Yii::t('payment', 'Debit')), array('title' => Yii::t('payment', 'Credit[accounting]')), array('title' => Yii::t('payment', 'Balance'))), 'sGridId' => 'w3TransactionGrid', 'title' => CHtml::encode(Yii::t('t', 'Transaction history')), 'totalRecords' => count($gridRows)));
}
<?php
MParams::setPageLabel(Yii::t('page', 'Error {errorCode}', array('{errorCode}' => $error['code'])));
MUserFlash::setTopError($error['message']);
MUserFlash::setSidebarInfo(Yii::t('hint', 'Some useful links will be added here soon.'));
$this->widget('application.components.WContentHeader', array('displayBreadcrumbs' => false));
<?php
MParams::setPageLabel(Yii::t('page', 'Contact us'));
MUserFlash::setTopError(_CHtml::errorSummary($contact));
MUserFlash::setSidebarInfo(Yii::t('hint', 'If you have business inquiries or other questions, please fill out this form to contact us. Thank you.'));
$this->widget('application.components.WContentHeader', array('breadcrumbs' => array(array('url' => array($this->action->id), 'active' => true))));
?>
<div class="w3-main-form-box ui-widget-content ui-corner-all">
<?php
echo _CHtml::beginForm('', 'post', array('class' => 'w3-main-form')) . "\n";
?>
<div class="w3-form-row w3-first">
<div class="w3-form-row-label"><?php
echo _CHtml::activeLabelEx($contact, 'name');
?>
</div>
<div class="w3-form-row-input">
<?php
echo _CHtml::activeTextField($contact, 'name', array('class' => 'w3-input-text ui-widget-content ui-corner-all', 'maxlength' => 128)) . "\n";
?>
</div>
<div class="clear"> </div>
</div>
<div class="w3-form-row">
<div class="w3-form-row-label"><?php
echo _CHtml::activeLabelEx($contact, 'email');
?>
</div>
<div class="w3-form-row-input">