/** * {@inheritdoc} */ public function beforeAction($action) { if (!parent::beforeAction($action)) { return false; } $roleModel = $this->getRoleModel(); $routeModel = $this->getRouteModel($action); $accessRule = RbacAccessRules::findOne(['role_id' => $roleModel->id, 'route_id' => $routeModel->id]); if (is_null($accessRule)) { throw new HttpException(403, 'Unauthorized'); } return true; }
/** * Creates data provider instance with search query applied * * @param array $params * * @return ActiveDataProvider */ public function search($params) { $query = RbacAccessRules::find(); // add conditions that should always apply here $dataProvider = new ActiveDataProvider(['query' => $query]); $this->load($params); if (!$this->validate()) { // uncomment the following line if you do not want to return any records when validation fails // $query->where('0=1'); return $dataProvider; } // grid filtering conditions $query->andFilterWhere(['id' => $this->id, 'role_id' => $this->role_id, 'route_id' => $this->route_id]); return $dataProvider; }