/**
* Retrieve administration informations if the token is valid.
*
* @param string $token The sha1 encrypted access token.
* @throws luya\Exception If invalid token.
* @return array
*/
public function actionIndex($token)
{
if (empty(Yii::$app->remoteToken) || sha1(Yii::$app->remoteToken) !== $token) {
throw new Exception('The provided remote token is wrong.');
}
return ['yii_version' => Yii::getVersion(), 'luya_version' => Boot::VERSION, 'app_title' => Yii::$app->siteTitle, 'app_debug' => (int) YII_DEBUG, 'app_env' => YII_ENV, 'app_transfer_exceptions' => (int) Yii::$app->errorHandler->transferException, 'admin_online_count' => UserOnline::getCount(), 'app_elapsed_time' => Yii::getLogger()->getElapsedTime()];
}
/**
* The timestamp action provider informations about currenct only users and if the ui needs to be refreshed.
*
* @return array
*/
public function actionIndex()
{
// clear user online list
UserOnline::clearList();
// return users, verify force reload.
return ['useronline' => UserOnline::getList(), 'forceReload' => Yii::$app->adminuser->identity->force_reload];
}
public function checkAccess($action, $model = null, $params = [])
{
switch ($action) {
case 'index':
case 'view':
$type = false;
break;
case 'create':
$type = Auth::CAN_CREATE;
break;
case 'update':
$type = Auth::CAN_UPDATE;
break;
case 'delete':
$type = Auth::CAN_DELETE;
break;
default:
throw new ForbiddenHttpException("Invalid RESPI Api action call.");
break;
}
UserOnline::refreshUser($this->userAuthClass()->getIdentity()->id, $this->id);
if (!Yii::$app->auth->matchApi($this->userAuthClass()->getIdentity()->id, $this->id, $type)) {
throw new ForbiddenHttpException('you are unable to access this controller due to access restrictions.');
}
}
/**
* Returns the rules for the AccessControl filter behavior.
*
* The rules are applied as following:
*
* + Must be logged in.
* + Apply to all actions.
* + Ignore if disabledPermissionCheck is enabled.
* + Check permission with `\admin\components\Auth::matchRoute()`.
* + By default not logged in users.
*
* @return array Rule-Definitions
* @see yii\filters\AccessControl
*/
public function getRules()
{
return [['allow' => true, 'actions' => [], 'roles' => ['@'], 'matchCallback' => function ($rule, $action) {
if (!Yii::$app->adminuser->isGuest) {
Yii::$app->luyaLanguage = Yii::$app->adminuser->identity->setting->get('luyadminlanguage', Yii::$app->luyaLanguage);
}
// see if a controller property has been defined to disabled the permission checks
if ($action->controller->disablePermissionCheck) {
return true;
}
// get the route based on the current $action object
$route = implode('/', [$action->controller->module->id, $action->controller->id, $action->id]);
UserOnline::refreshUser(Yii::$app->adminuser->getId(), $route);
// check the access inside auth->matchRoute and return true/false.
return Yii::$app->auth->matchRoute(Yii::$app->adminuser->getId(), $route);
}]];
}
public function login()
{
if ($this->validate()) {
$user = $this->getUser();
$user->detachBehavior('LogBehavior');
$user->scenario = 'login';
$user->force_reload = 0;
$user->auth_token = Yii::$app->security->hashData(Yii::$app->security->generateRandomString(), $user->password_salt);
$user->save();
$login = new UserLogin();
$login->setAttributes(['auth_token' => $user->auth_token, 'user_id' => $user->id]);
$login->insert();
UserOnline::refreshUser($user->id, 'login');
return $user;
} else {
return false;
}
}
public function onBeforeLogout()
{
UserOnline::removeUser($this->getId());
}