/**
* Useful for Menu widget
*
* <example>
* ...
* [ 'label'=>'Some label', 'url'=>['/site/index'], 'visible'=>User::canRoute(['/site/index']) ]
* ...
* </example>
*
* @param string|array $route
* @param bool $superAdminAllowed
*
* @return bool
*/
public static function canRoute($route, $superAdminAllowed = true)
{
if ($superAdminAllowed and Yii::$app->user->isSuperadmin) {
return true;
}
$baseRoute = AuthHelper::unifyRoute($route);
if (substr($baseRoute, 0, 4) === "http") {
return true;
}
if (Route::isFreeAccess($baseRoute)) {
return true;
}
AuthHelper::ensurePermissionsUpToDate();
return Route::isRouteAllowed($baseRoute, Yii::$app->session->get(AuthHelper::SESSION_PREFIX_ROUTES, []));
}
/**
* Check if controller has $freeAccess = true or $action in $freeAccessActions
* Or it's login, logout, error page
*
* @param string $route
* @param Action|null $action
*
* @return bool
*/
public static function isFreeAccess($route, $action = null)
{
if ($action) {
$controller = $action->controller;
if ($controller->hasProperty('freeAccess') and $controller->freeAccess === true) {
return true;
}
if ($controller->hasProperty('freeAccessActions') and in_array($action->id, $controller->freeAccessActions)) {
return true;
}
}
$systemPages = ['/auth/logout', AuthHelper::unifyRoute(Yii::$app->errorHandler->errorAction), AuthHelper::unifyRoute(Yii::$app->user->loginUrl)];
if (in_array($route, $systemPages)) {
return true;
}
if (static::isInCommonPermission($route)) {
return true;
}
return false;
}