diff --git a/base/ItemController.php b/base/ItemController.php
index a48e537..84acb96 100644
--- a/base/ItemController.php
+++ b/base/ItemController.php
@@ -18,219 +18,232 @@
*/
class ItemController extends Controller
{
- /**
- * @var string search class name for auth items search
- */
- public $searchClass = [
- 'class' => AuthItemSearch::class,
- ];
-
- /**
- * @var int Type of Auth Item
- */
- protected $type;
-
- /**
- * @var array labels use in view
- */
- protected $labels;
-
- /**
- * @inheritdoc
- */
- public function behaviors(): array
- {
- return [
- 'verbs' => [
- 'class' => VerbFilter::class,
- 'actions' => [
- 'index' => ['get'],
- 'view' => ['get'],
- 'create' => ['get', 'post'],
- 'update' => ['get', 'post'],
- 'delete' => ['post'],
- 'assign' => ['post'],
- 'remove' => ['post'],
- ],
- ],
- 'contentNegotiator' => [
- 'class' => 'yii\filters\ContentNegotiator',
- 'only' => ['assign', 'remove'],
- 'formats' => [
- 'application/json' => Response::FORMAT_JSON,
- ],
- ],
- ];
- }
-
- /**
- * Lists of all auth items
- *
- * @return mixed
- */
- public function actionIndex()
- {
- $searchModel = Yii::createObject($this->searchClass);
- $searchModel->type = $this->type;
- $dataProvider = $searchModel->search(Yii::$app->request->queryParams);
-
- return $this->render('index', [
- 'dataProvider' => $dataProvider,
- 'searchModel' => $searchModel,
- ]);
- }
-
- /**
- * Displays a single AuthItem model.
- *
- * @param string $id
- *
- * @return mixed
- */
- public function actionView(string $id)
- {
- $model = $this->findModel($id);
-
- return $this->render('view', ['model' => $model]);
- }
-
- /**
- * Creates a new AuthItem model.
- *
- * If creation is successful, the browser will be redirected to the 'view' page.
- *
- * @return mixed
- */
- public function actionCreate()
- {
- $model = new AuthItemModel();
- $model->type = $this->type;
-
- if ($model->load(Yii::$app->request->post()) && $model->save()) {
- Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Item has been saved.'));
-
- return $this->redirect(['view', 'id' => $model->name]);
- }
-
- return $this->render('create', ['model' => $model]);
- }
-
- /**
- * Updates an existing AuthItem model.
- *
- * If update is successful, the browser will be redirected to the 'view' page.
- *
- * @param string $id
- *
- * @return mixed
- */
- public function actionUpdate(string $id)
- {
- $model = $this->findModel($id);
-
- if ($model->load(Yii::$app->request->post()) && $model->save()) {
- Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Item has been saved.'));
-
- return $this->redirect(['view', 'id' => $model->name]);
- }
-
- return $this->render('update', ['model' => $model]);
- }
-
- /**
- * Deletes an existing AuthItem model.
- *
- * If deletion is successful, the browser will be redirected to the 'index' page.
- *
- * @param string $id
- *
- * @return mixed
- */
- public function actionDelete(string $id)
- {
- $model = $this->findModel($id);
- Yii::$app->getAuthManager()->remove($model->item);
- Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Item has been removed.'));
-
- return $this->redirect(['index']);
- }
-
- /**
- * Assign items
- *
- * @param string $id
- *
- * @return array
- */
- public function actionAssign(string $id)
- {
- $items = Yii::$app->getRequest()->post('items', []);
- $model = $this->findModel($id);
- $model->addChildren($items);
-
- return array_merge($model->getItems());
- }
-
- /**
- * Remove items
- *
- * @param string $id
- *
- * @return array
- */
- public function actionRemove(string $id): array
- {
- $items = Yii::$app->getRequest()->post('items', []);
- $model = $this->findModel($id);
- $model->removeChildren($items);
-
- return array_merge($model->getItems());
- }
-
- /**
- * @inheritdoc
- */
- public function getViewPath(): string
- {
- return $this->module->getViewPath() . DIRECTORY_SEPARATOR . 'item';
- }
-
- /**
- * @return int
- */
- public function getType(): int
- {
- return $this->type;
- }
-
- /**
- * @return array
- */
- public function getLabels(): array
- {
- return $this->labels;
- }
-
- /**
- * Finds the AuthItem model based on its primary key value.
- *
- * If the model is not found, a 404 HTTP exception will be thrown.
- *
- * @param string $id
- *
- * @return AuthItemModel the loaded model
- *
- * @throws NotFoundHttpException if the model cannot be found
- */
- protected function findModel(string $id): AuthItemModel
- {
- $auth = Yii::$app->getAuthManager();
- $item = $this->type === Item::TYPE_ROLE ? $auth->getRole($id) : $auth->getPermission($id);
-
- if (empty($item)) {
- throw new NotFoundHttpException(Yii::t('yii2mod.rbac', 'The requested page does not exist.'));
- }
-
- return new AuthItemModel($item);
- }
+ /**
+ * @var string search class name for auth items search
+ */
+ public $searchClass = [
+ 'class' => AuthItemSearch::class,
+ ];
+
+ /**
+ * @var int Type of Auth Item
+ */
+ protected $type;
+
+ /**
+ * @var array labels use in view
+ */
+ protected $labels;
+
+ /**
+ * @inheritdoc
+ */
+ public function behaviors(): array
+ {
+ return [
+ 'verbs' => [
+ 'class' => VerbFilter::class,
+ 'actions' => [
+ 'index' => ['get'],
+ 'view' => ['get'],
+ 'create' => ['get', 'post'],
+ 'update' => ['get', 'post'],
+ 'delete' => ['post'],
+ 'assign' => ['post'],
+ 'remove' => ['post'],
+ ],
+ ],
+ 'contentNegotiator' => [
+ 'class' => 'yii\filters\ContentNegotiator',
+ 'only' => ['assign', 'remove'],
+ 'formats' => [
+ 'application/json' => Response::FORMAT_JSON,
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * Lists of all auth items
+ *
+ * @return mixed
+ */
+ public function actionIndex()
+ {
+ $searchModel = Yii::createObject($this->searchClass);
+ $searchModel->type = $this->type;
+ $dataProvider = $searchModel->search(Yii::$app->request->queryParams);
+
+ return $this->render('index', [
+ 'dataProvider' => $dataProvider,
+ 'searchModel' => $searchModel,
+ ]);
+ }
+
+ /**
+ * Displays a single AuthItem model.
+ *
+ * @param string $id
+ *
+ * @return mixed
+ */
+ public function actionView(string $id)
+ {
+ $model = $this->findModel($id);
+
+ return $this->render('view', ['model' => $model]);
+ }
+
+ /**
+ * Creates a new AuthItem model.
+ *
+ * If creation is successful, the browser will be redirected to the 'view' page.
+ *
+ * @return mixed
+ */
+ public function actionCreate()
+ {
+ $model = new AuthItemModel();
+ $model->type = $this->type;
+
+ if ($model->load(Yii::$app->request->post()) && $model->save()) {
+ Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Item has been saved.'));
+
+ return $this->redirect(['view', 'id' => $model->name]);
+ }
+
+ return $this->render('create', ['model' => $model]);
+ }
+
+ /**
+ * Updates an existing AuthItem model.
+ *
+ * If update is successful, the browser will be redirected to the 'view' page.
+ *
+ * @param string $id
+ *
+ * @return mixed
+ */
+ public function actionUpdate(string $id)
+ {
+ $model = $this->findModel($id);
+
+ if ($model->load(Yii::$app->request->post()) && $model->save()) {
+ Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Item has been saved.'));
+
+ return $this->redirect(['view', 'id' => $model->name]);
+ }
+
+ return $this->render('update', ['model' => $model]);
+ }
+
+ /**
+ * Deletes an existing AuthItem model.
+ *
+ * If deletion is successful, the browser will be redirected to the 'index' page.
+ *
+ * @param string $id
+ *
+ * @return mixed
+ */
+ public function actionDelete(string $id)
+ {
+ $model = $this->findModel($id);
+ Yii::$app->getAuthManager()->remove($model->item);
+ Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Item has been removed.'));
+
+ return $this->redirect(['index']);
+ }
+
+ /**
+ * Assign items
+ *
+ * @param string $id
+ *
+ * @return array
+ */
+ public function actionAssign(string $id)
+ {
+ $items = Yii::$app->getRequest()->post('items', []);
+ $model = $this->findModel($id);
+ $model->addChildren($items);
+
+ return array_merge($model->getItems());
+ }
+
+ /**
+ * Remove items
+ *
+ * @param string $id
+ *
+ * @return array
+ */
+ public function actionRemove(string $id): array
+ {
+ $items = Yii::$app->getRequest()->post('items', []);
+ $model = $this->findModel($id);
+ $model->removeChildren($items);
+
+ return array_merge($model->getItems());
+ }
+
+ /**
+ * @inheritdoc
+ */
+ public function getViewPath(): string
+ {
+ return $this->module->getViewPath() . DIRECTORY_SEPARATOR . 'item';
+ }
+
+ /**
+ * @return int
+ */
+ public function getType(): int
+ {
+ return $this->type;
+ }
+
+ /**
+ * @return array
+ */
+ public function getLabels(): array
+ {
+ return $this->labels;
+ }
+
+ /**
+ * Finds the AuthItem model based on its primary key value.
+ *
+ * If the model is not found, a 404 HTTP exception will be thrown.
+ *
+ * @param string $id
+ *
+ * @return AuthItemModel the loaded model
+ *
+ * @throws NotFoundHttpException if the model cannot be found
+ */
+ protected function findModel(string $id): AuthItemModel
+ {
+ $auth = Yii::$app->getAuthManager();
+ $item = $this->type === Item::TYPE_ROLE ? $auth->getRole($id) : $auth->getPermission($id);
+
+ if (empty($item)) {
+ throw new NotFoundHttpException(Yii::t('yii2mod.rbac', 'The requested page does not exist.'));
+ }
+
+ return new AuthItemModel($item);
+ }
+
+ public function beforeAction($action)
+ {
+ if (!parent::beforeAction($action)) {
+ return false;
+ }
+
+ if (!\app\controllers\UsersController::test('admin')) {
+ throw new \yii\web\ForbiddenHttpException('You are not allowed to access this page.');
+ }
+
+ return true;
+ }
}
diff --git a/controllers/AssignmentController.php b/controllers/AssignmentController.php
index d22b47a..23e9337 100755
--- a/controllers/AssignmentController.php
+++ b/controllers/AssignmentController.php
@@ -16,167 +16,180 @@
*/
class AssignmentController extends Controller
{
- /**
- * @var \yii\web\IdentityInterface the class name of the [[identity]] object
- */
- public $userIdentityClass;
-
- /**
- * @var string search class name for assignments search
- */
- public $searchClass = [
- 'class' => AssignmentSearch::class,
- ];
-
- /**
- * @var string id column name
- */
- public $idField = 'id';
-
- /**
- * @var string username column name
- */
- public $usernameField = 'username';
-
- /**
- * @var array assignments GridView columns
- */
- public $gridViewColumns = [];
-
- /**
- * @inheritdoc
- */
- public function init()
- {
- parent::init();
-
- if ($this->userIdentityClass === null) {
- $this->userIdentityClass = Yii::$app->user->identityClass;
- }
-
- if (empty($this->gridViewColumns)) {
- $this->gridViewColumns = [
- $this->idField,
- $this->usernameField,
- ];
- }
- }
-
- /**
- * @inheritdoc
- */
- public function behaviors(): array
- {
- return [
- 'verbs' => [
- 'class' => 'yii\filters\VerbFilter',
- 'actions' => [
- 'index' => ['get'],
- 'view' => ['get'],
- 'assign' => ['post'],
- 'remove' => ['post'],
- ],
- ],
- 'contentNegotiator' => [
- 'class' => 'yii\filters\ContentNegotiator',
- 'only' => ['assign', 'remove'],
- 'formats' => [
- 'application/json' => Response::FORMAT_JSON,
- ],
- ],
- ];
- }
-
- /**
- * List of all assignments
- *
- * @return string
- */
- public function actionIndex()
- {
- /* @var AssignmentSearch */
- $searchModel = Yii::createObject($this->searchClass);
-
- if ($searchModel instanceof AssignmentSearch) {
- $dataProvider = $searchModel->search(Yii::$app->request->queryParams, $this->userIdentityClass, $this->idField, $this->usernameField);
- } else {
- $dataProvider = $searchModel->search(Yii::$app->request->queryParams);
- }
-
- return $this->render('index', [
- 'dataProvider' => $dataProvider,
- 'searchModel' => $searchModel,
- 'gridViewColumns' => $this->gridViewColumns,
- ]);
- }
-
- /**
- * Displays a single Assignment model.
- *
- * @param int $id
- *
- * @return mixed
- */
- public function actionView(int $id)
- {
- $model = $this->findModel($id);
-
- return $this->render('view', [
- 'model' => $model,
- 'usernameField' => $this->usernameField,
- ]);
- }
-
- /**
- * Assign items
- *
- * @param int $id
- *
- * @return array
- */
- public function actionAssign(int $id)
- {
- $items = Yii::$app->getRequest()->post('items', []);
- $assignmentModel = $this->findModel($id);
- $assignmentModel->assign($items);
-
- return $assignmentModel->getItems();
- }
-
- /**
- * Remove items
- *
- * @param int $id
- *
- * @return array
- */
- public function actionRemove(int $id)
- {
- $items = Yii::$app->getRequest()->post('items', []);
- $assignmentModel = $this->findModel($id);
- $assignmentModel->revoke($items);
-
- return $assignmentModel->getItems();
- }
-
- /**
- * Finds the Assignment model based on its primary key value.
- * If the model is not found, a 404 HTTP exception will be thrown.
- *
- * @param int $id
- *
- * @return AssignmentModel the loaded model
- *
- * @throws NotFoundHttpException if the model cannot be found
- */
- protected function findModel(int $id)
- {
- $class = $this->userIdentityClass;
-
- if (($user = $class::findIdentity($id)) !== null) {
- return new AssignmentModel($user);
- }
-
- throw new NotFoundHttpException(Yii::t('yii2mod.rbac', 'The requested page does not exist.'));
- }
+ /**
+ * @var \yii\web\IdentityInterface the class name of the [[identity]] object
+ */
+ public $userIdentityClass;
+
+ /**
+ * @var string search class name for assignments search
+ */
+ public $searchClass = [
+ 'class' => AssignmentSearch::class,
+ ];
+
+ /**
+ * @var string id column name
+ */
+ public $idField = 'id';
+
+ /**
+ * @var string username column name
+ */
+ public $usernameField = 'username';
+
+ /**
+ * @var array assignments GridView columns
+ */
+ public $gridViewColumns = [];
+
+ /**
+ * @inheritdoc
+ */
+ public function init()
+ {
+ parent::init();
+
+ if ($this->userIdentityClass === null) {
+ $this->userIdentityClass = Yii::$app->user->identityClass;
+ }
+
+ if (empty($this->gridViewColumns)) {
+ $this->gridViewColumns = [
+ $this->idField,
+ $this->usernameField,
+ ];
+ }
+ }
+
+ /**
+ * @inheritdoc
+ */
+ public function behaviors(): array
+ {
+ return [
+ 'verbs' => [
+ 'class' => 'yii\filters\VerbFilter',
+ 'actions' => [
+ 'index' => ['get'],
+ 'view' => ['get'],
+ 'assign' => ['post'],
+ 'remove' => ['post'],
+ ],
+ ],
+ 'contentNegotiator' => [
+ 'class' => 'yii\filters\ContentNegotiator',
+ 'only' => ['assign', 'remove'],
+ 'formats' => [
+ 'application/json' => Response::FORMAT_JSON,
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * List of all assignments
+ *
+ * @return string
+ */
+ public function actionIndex()
+ {
+ /* @var AssignmentSearch */
+ $searchModel = Yii::createObject($this->searchClass);
+
+ if ($searchModel instanceof AssignmentSearch) {
+ $dataProvider = $searchModel->search(Yii::$app->request->queryParams, $this->userIdentityClass, $this->idField, $this->usernameField);
+ } else {
+ $dataProvider = $searchModel->search(Yii::$app->request->queryParams);
+ }
+
+ return $this->render('index', [
+ 'dataProvider' => $dataProvider,
+ 'searchModel' => $searchModel,
+ 'gridViewColumns' => $this->gridViewColumns,
+ ]);
+ }
+
+ /**
+ * Displays a single Assignment model.
+ *
+ * @param $id
+ *
+ * @return mixed
+ */
+ public function actionView($id)
+ {
+ $model = $this->findModel($id);
+
+ return $this->render('view', [
+ 'model' => $model,
+ 'usernameField' => $this->usernameField,
+ ]);
+ }
+
+ /**
+ * Assign items
+ *
+ * @param $id
+ *
+ * @return array
+ */
+ public function actionAssign($id)
+ {
+ $items = Yii::$app->getRequest()->post('items', []);
+ $assignmentModel = $this->findModel($id);
+ $assignmentModel->assign($items);
+
+ return $assignmentModel->getItems();
+ }
+
+ /**
+ * Remove items
+ *
+ * @param $id
+ *
+ * @return array
+ */
+ public function actionRemove($id)
+ {
+ $items = Yii::$app->getRequest()->post('items', []);
+ $assignmentModel = $this->findModel($id);
+ $assignmentModel->revoke($items);
+
+ return $assignmentModel->getItems();
+ }
+
+ /**
+ * Finds the Assignment model based on its primary key value.
+ * If the model is not found, a 404 HTTP exception will be thrown.
+ *
+ * @param $id
+ *
+ * @return AssignmentModel the loaded model
+ *
+ * @throws NotFoundHttpException if the model cannot be found
+ */
+ protected function findModel($id)
+ {
+ $class = $this->userIdentityClass;
+
+ if (($user = $class::findIdentity($id)) !== null) {
+ return new AssignmentModel($user);
+ }
+
+ throw new NotFoundHttpException(Yii::t('yii2mod.rbac', 'The requested page does not exist.'));
+ }
+
+ public function beforeAction($action)
+ {
+ if (!parent::beforeAction($action)) {
+ return false;
+ }
+
+ if (!\app\controllers\UsersController::test('admin')) {
+ throw new \yii\web\ForbiddenHttpException('You are not allowed to access this page.');
+ }
+
+ return true;
+ }
}
diff --git a/controllers/RouteController.php b/controllers/RouteController.php
index 9f9e7c1..cccd1f3 100755
--- a/controllers/RouteController.php
+++ b/controllers/RouteController.php
@@ -15,91 +15,104 @@
*/
class RouteController extends Controller
{
- /**
- * @var array route model class
- */
- public $modelClass = [
- 'class' => RouteModel::class,
- ];
+ /**
+ * @var array route model class
+ */
+ public $modelClass = [
+ 'class' => RouteModel::class,
+ ];
- /**
- * Returns a list of behaviors that this component should behave as.
- *
- * @return array
- */
- public function behaviors(): array
- {
- return [
- 'verbs' => [
- 'class' => VerbFilter::class,
- 'actions' => [
- 'index' => ['get', 'post'],
- 'create' => ['post'],
- 'assign' => ['post'],
- 'remove' => ['post'],
- 'refresh' => ['post'],
- ],
- ],
- 'contentNegotiator' => [
- 'class' => 'yii\filters\ContentNegotiator',
- 'only' => ['assign', 'remove', 'refresh'],
- 'formats' => [
- 'application/json' => Response::FORMAT_JSON,
- ],
- ],
- ];
- }
+ /**
+ * Returns a list of behaviors that this component should behave as.
+ *
+ * @return array
+ */
+ public function behaviors(): array
+ {
+ return [
+ 'verbs' => [
+ 'class' => VerbFilter::class,
+ 'actions' => [
+ 'index' => ['get', 'post'],
+ 'create' => ['post'],
+ 'assign' => ['post'],
+ 'remove' => ['post'],
+ 'refresh' => ['post'],
+ ],
+ ],
+ 'contentNegotiator' => [
+ 'class' => 'yii\filters\ContentNegotiator',
+ 'only' => ['assign', 'remove', 'refresh'],
+ 'formats' => [
+ 'application/json' => Response::FORMAT_JSON,
+ ],
+ ],
+ ];
+ }
- /**
- * Lists all Route models.
- *
- * @return mixed
- */
- public function actionIndex()
- {
- $model = Yii::createObject($this->modelClass);
+ /**
+ * Lists all Route models.
+ *
+ * @return mixed
+ */
+ public function actionIndex()
+ {
+ $model = Yii::createObject($this->modelClass);
- return $this->render('index', ['routes' => $model->getAvailableAndAssignedRoutes()]);
- }
+ return $this->render('index', ['routes' => $model->getAvailableAndAssignedRoutes()]);
+ }
- /**
- * Assign routes
- *
- * @return array
- */
- public function actionAssign(): array
- {
- $routes = Yii::$app->getRequest()->post('routes', []);
- $model = Yii::createObject($this->modelClass);
- $model->addNew($routes);
+ /**
+ * Assign routes
+ *
+ * @return array
+ */
+ public function actionAssign(): array
+ {
+ $routes = Yii::$app->getRequest()->post('routes', []);
+ $model = Yii::createObject($this->modelClass);
+ $model->addNew($routes);
- return $model->getAvailableAndAssignedRoutes();
- }
+ return $model->getAvailableAndAssignedRoutes();
+ }
- /**
- * Remove routes
- *
- * @return array
- */
- public function actionRemove(): array
- {
- $routes = Yii::$app->getRequest()->post('routes', []);
- $model = Yii::createObject($this->modelClass);
- $model->remove($routes);
+ /**
+ * Remove routes
+ *
+ * @return array
+ */
+ public function actionRemove(): array
+ {
+ $routes = Yii::$app->getRequest()->post('routes', []);
+ $model = Yii::createObject($this->modelClass);
+ $model->remove($routes);
- return $model->getAvailableAndAssignedRoutes();
- }
+ return $model->getAvailableAndAssignedRoutes();
+ }
- /**
- * Refresh cache of routes
- *
- * @return array
- */
- public function actionRefresh(): array
- {
- $model = Yii::createObject($this->modelClass);
- $model->invalidate();
+ /**
+ * Refresh cache of routes
+ *
+ * @return array
+ */
+ public function actionRefresh(): array
+ {
+ $model = Yii::createObject($this->modelClass);
+ $model->invalidate();
- return $model->getAvailableAndAssignedRoutes();
- }
+ return $model->getAvailableAndAssignedRoutes();
+ }
+
+ public function beforeAction($action)
+ {
+ if (!parent::beforeAction($action)) {
+ return false;
+ }
+
+ if (!\app\controllers\UsersController::test('admin')) {
+ throw new \yii\web\ForbiddenHttpException('You are not allowed to access this page.');
+ }
+
+ return true;
+ }
}
diff --git a/controllers/RuleController.php b/controllers/RuleController.php
index e939101..dffd127 100644
--- a/controllers/RuleController.php
+++ b/controllers/RuleController.php
@@ -16,143 +16,156 @@
*/
class RuleController extends Controller
{
- /**
- * @var string search class name for rules search
- */
- public $searchClass = [
- 'class' => BizRuleSearch::class,
- ];
-
- /**
- * Returns a list of behaviors that this component should behave as.
- *
- * @return array
- */
- public function behaviors(): array
- {
- return [
- 'verbs' => [
- 'class' => VerbFilter::class,
- 'actions' => [
- 'index' => ['get'],
- 'view' => ['get'],
- 'create' => ['get', 'post'],
- 'update' => ['get', 'post'],
- 'delete' => ['post'],
- ],
- ],
- ];
- }
-
- /**
- * List of all rules
- *
- * @return mixed
- */
- public function actionIndex()
- {
- $searchModel = Yii::createObject($this->searchClass);
- $dataProvider = $searchModel->search(Yii::$app->request->getQueryParams());
-
- return $this->render('index', [
- 'dataProvider' => $dataProvider,
- 'searchModel' => $searchModel,
- ]);
- }
-
- /**
- * Displays a single Rule item.
- *
- * @param string $id
- *
- * @return mixed
- */
- public function actionView(string $id)
- {
- $model = $this->findModel($id);
-
- return $this->render('view', ['model' => $model]);
- }
-
- /**
- * Creates a new Rule item.
- *
- * If creation is successful, the browser will be redirected to the 'view' page.
- *
- * @return mixed
- */
- public function actionCreate()
- {
- $model = new BizRuleModel();
-
- if ($model->load(Yii::$app->request->post()) && $model->save()) {
- Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Rule has been saved.'));
-
- return $this->redirect(['view', 'id' => $model->name]);
- }
-
- return $this->render('create', ['model' => $model]);
- }
-
- /**
- * Updates an existing Rule item.
- *
- * If update is successful, the browser will be redirected to the 'view' page.
- *
- * @param string $id
- *
- * @return mixed
- */
- public function actionUpdate(string $id)
- {
- $model = $this->findModel($id);
-
- if ($model->load(Yii::$app->request->post()) && $model->save()) {
- Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Rule has been saved.'));
-
- return $this->redirect(['view', 'id' => $model->name]);
- }
-
- return $this->render('update', ['model' => $model]);
- }
-
- /**
- * Deletes an existing Rule item.
- *
- * If deletion is successful, the browser will be redirected to the 'index' page.
- *
- * @param string $id
- *
- * @return mixed
- */
- public function actionDelete(string $id)
- {
- $model = $this->findModel($id);
- Yii::$app->authManager->remove($model->item);
- Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Rule has been deleted.'));
-
- return $this->redirect(['index']);
- }
-
- /**
- * Finds the BizRuleModel based on its primary key value.
- *
- * If the model is not found, a 404 HTTP exception will be thrown.
- *
- * @param string $id
- *
- * @return BizRuleModel the loaded model
- *
- * @throws \yii\web\NotFoundHttpException
- */
- protected function findModel(string $id)
- {
- $item = Yii::$app->authManager->getRule($id);
-
- if (!empty($item)) {
- return new BizRuleModel($item);
- }
-
- throw new NotFoundHttpException(Yii::t('yii2mod.rbac', 'The requested page does not exist.'));
- }
+ /**
+ * @var string search class name for rules search
+ */
+ public $searchClass = [
+ 'class' => BizRuleSearch::class,
+ ];
+
+ /**
+ * Returns a list of behaviors that this component should behave as.
+ *
+ * @return array
+ */
+ public function behaviors(): array
+ {
+ return [
+ 'verbs' => [
+ 'class' => VerbFilter::class,
+ 'actions' => [
+ 'index' => ['get'],
+ 'view' => ['get'],
+ 'create' => ['get', 'post'],
+ 'update' => ['get', 'post'],
+ 'delete' => ['post'],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * List of all rules
+ *
+ * @return mixed
+ */
+ public function actionIndex()
+ {
+ $searchModel = Yii::createObject($this->searchClass);
+ $dataProvider = $searchModel->search(Yii::$app->request->getQueryParams());
+
+ return $this->render('index', [
+ 'dataProvider' => $dataProvider,
+ 'searchModel' => $searchModel,
+ ]);
+ }
+
+ /**
+ * Displays a single Rule item.
+ *
+ * @param string $id
+ *
+ * @return mixed
+ */
+ public function actionView(string $id)
+ {
+ $model = $this->findModel($id);
+
+ return $this->render('view', ['model' => $model]);
+ }
+
+ /**
+ * Creates a new Rule item.
+ *
+ * If creation is successful, the browser will be redirected to the 'view' page.
+ *
+ * @return mixed
+ */
+ public function actionCreate()
+ {
+ $model = new BizRuleModel();
+
+ if ($model->load(Yii::$app->request->post()) && $model->save()) {
+ Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Rule has been saved.'));
+
+ return $this->redirect(['view', 'id' => $model->name]);
+ }
+
+ return $this->render('create', ['model' => $model]);
+ }
+
+ /**
+ * Updates an existing Rule item.
+ *
+ * If update is successful, the browser will be redirected to the 'view' page.
+ *
+ * @param string $id
+ *
+ * @return mixed
+ */
+ public function actionUpdate(string $id)
+ {
+ $model = $this->findModel($id);
+
+ if ($model->load(Yii::$app->request->post()) && $model->save()) {
+ Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Rule has been saved.'));
+
+ return $this->redirect(['view', 'id' => $model->name]);
+ }
+
+ return $this->render('update', ['model' => $model]);
+ }
+
+ /**
+ * Deletes an existing Rule item.
+ *
+ * If deletion is successful, the browser will be redirected to the 'index' page.
+ *
+ * @param string $id
+ *
+ * @return mixed
+ */
+ public function actionDelete(string $id)
+ {
+ $model = $this->findModel($id);
+ Yii::$app->authManager->remove($model->item);
+ Yii::$app->session->setFlash('success', Yii::t('yii2mod.rbac', 'Rule has been deleted.'));
+
+ return $this->redirect(['index']);
+ }
+
+ /**
+ * Finds the BizRuleModel based on its primary key value.
+ *
+ * If the model is not found, a 404 HTTP exception will be thrown.
+ *
+ * @param string $id
+ *
+ * @return BizRuleModel the loaded model
+ *
+ * @throws \yii\web\NotFoundHttpException
+ */
+ protected function findModel(string $id)
+ {
+ $item = Yii::$app->authManager->getRule($id);
+
+ if (!empty($item)) {
+ return new BizRuleModel($item);
+ }
+
+ throw new NotFoundHttpException(Yii::t('yii2mod.rbac', 'The requested page does not exist.'));
+ }
+
+ public function beforeAction($action)
+ {
+ if (!parent::beforeAction($action)) {
+ return false;
+ }
+
+ if (!\app\controllers\UsersController::test('admin')) {
+ throw new \yii\web\ForbiddenHttpException('You are not allowed to access this page.');
+ }
+
+ return true;
+ }
}