public function _checkAccess($action, $model = null, $params = array()) { var_dump($action); var_dump($model); var_dump($params); die; parent::checkAccess($action, $model, $params); }
public function checkAccess($action, $model = null, $params = []) { parent::checkAccess($action, $model, $params); if ($model && !$model->checkAccess(Yii::$app->user->identity)) { throw new \yii\web\ForbiddenHttpException('You do not have access'); } }
public function checkAccess($action, $model = null, $params = []) { if ($model && !$model->isNewRecord) { if ($this->auto_filter_user && $this->user_identifier_column) { if (\Yii::$app->user->isGuest) { throw new HttpException(403, "Unknown user"); } if ($action == 'view' && $model->{$this->user_identifier_column} != \Yii::$app->user->id) { throw new HttpException(403, "No access"); } } } return parent::checkAccess($action, $model, $params); }