ОГРАНИЧЕНИЕ ДОСТУПА К РАЗДЕЛУ

diff --git a/erp24/controllers/crud/ClusterAdminController.php b/erp24/controllers/crud/ClusterAdminController.php
index 34304e60503c1969f12dc862683a95da70621907..4bfc9a9f56ffef017ecfb5f24cf030739deb6629 100644 (file)
--- a/erp24/controllers/crud/ClusterAdminController.php
+++ b/erp24/controllers/crud/ClusterAdminController.php
@@ -3,8 +3,10 @@
 namespace yii_app\controllers\crud;
 
 use Yii;
+use yii\filters\AccessControl;
 use yii\helpers\ArrayHelper;
 use yii_app\records\Admin;
+use yii_app\records\AdminGroup;
 use yii_app\records\Cluster;
 use yii_app\records\ClusterAdmin;
 use yii_app\records\ClusterAdminSearch;
@@ -26,6 +28,19 @@ class ClusterAdminController extends Controller
         return array_merge(
             parent::behaviors(),
             [
+                /*'access' => [
+                    'class' => AccessControl::class,
+                    'rules' => [
+                        [
+                            'allow' => true,
+                            'actions' => ['view', 'index', 'update', 'delete'],
+                            'roles' => ['clusterAdminEdit'],
+                        ],
+                    ],
+                    'denyCallback' => function ($rule, $action) {
+                        throw new \yii\web\ForbiddenHttpException('У вас нет прав для выполнения данного действия.');
+                    }
+                ],*/
                 'verbs' => [
                     'class' => VerbFilter::class,
                     'actions' => [
@@ -43,6 +58,11 @@ class ClusterAdminController extends Controller
      */
     public function actionIndex()
     {
+        if (!in_array(Admin::findOne([Yii::$app->user->id])->group_id, [AdminGroup::GROUP_IT, AdminGroup::DIRECTOR, AdminGroup::GROUP_HR ])) {
+            return $this->redirect('/');
+
+        }
+
         // Получаем все кусты из таблицы Cluster
         $clusters = Cluster::find()->asArray()->all();
 
@@ -157,6 +177,12 @@ class ClusterAdminController extends Controller
      */
     public function actionView($id)
     {
+
+        if (!in_array(Admin::findOne([Yii::$app->user->id])->group_id, [AdminGroup::GROUP_IT, AdminGroup::DIRECTOR, AdminGroup::GROUP_HR ])) {
+            return $this->redirect('/');
+
+        }
+
         $user = Yii::$app->user->identity;
 
         // Ищем кластер по его ID
@@ -185,6 +211,11 @@ class ClusterAdminController extends Controller
      */
     public function actionCreate($cluster_id)
     {
+        if (!in_array(Admin::findOne([Yii::$app->user->id])->group_id, [AdminGroup::GROUP_IT, AdminGroup::DIRECTOR, AdminGroup::GROUP_HR ])) {
+            return $this->redirect('/');
+
+        }
+
         $model = new ClusterAdmin();
 
         $allAdmins = Admin::find()
@@ -285,6 +316,10 @@ class ClusterAdminController extends Controller
      */
     public function actionUpdate($id)
     {
+        if (!in_array(Admin::findOne([Yii::$app->user->id])->group_id, [AdminGroup::GROUP_IT, AdminGroup::DIRECTOR, AdminGroup::GROUP_HR ])) {
+            return $this->redirect('/');
+
+        }
         $model = $this->findModel($id);
 
         $allAdmins = Admin::find()
@@ -401,6 +436,11 @@ class ClusterAdminController extends Controller
      */
     public function actionDelete($id)
     {
+        if (!in_array(Admin::findOne([Yii::$app->user->id])->group_id, [AdminGroup::GROUP_IT, AdminGroup::DIRECTOR, AdminGroup::GROUP_HR ])) {
+            return $this->redirect('/');
+
+        }
+
         $model = $this->findModel($id);
         $this->findModel($id)->delete();