'rules' => [
[
'allow' => true,
- 'actions' => ['view', 'index', 'update', 'delete'],
- 'roles' => ['menu/crud/employee-payment/','employee-paymentEdit'],
+ 'actions' => ['create', 'view', 'index', 'update', 'delete'],
+ 'roles' => ['menu/crud/employee-payment/', 'employee-paymentEdit'],
],
],
'denyCallback' => function ($rule, $action) {
$admin = Yii::$app->user->identity;
// Проверка на group_id и дату записи
- if (!in_array($admin->group_id , [81, 20]) || !$admin->hasPermission('employee-paymentEdit') && date('Y-m') !== date('Y-m', strtotime($model->date))) {
+ if ((!in_array($admin->group_id , [81, 20]) || !$admin->hasPermission('employee-paymentEdit')) && date('Y-m') !== date('Y-m', strtotime($model->date))) {
throw new \yii\web\ForbiddenHttpException('Редактирование разрешено только для записей текущего месяца.');
}
projects / erp24_rep / yii-erp24 / .git / commitdiff