From: Vladimir Fomichev <vladimir.fomichev@erp-flowers.ru>
Date: Thu, 2 Oct 2025 10:25:19 +0000 (+0300)
Subject: Доступы
X-Git-Url: https://gitweb.erp-flowers.ru/?a=commitdiff_plain;h=4f9ca8b3541a0b3f0e29c30e5b9ea5608722b895;p=erp24_rep%2Fyii-erp24%2F.git

Доступы
---

diff --git a/erp24/controllers/MarketplacePricesLogController.php b/erp24/controllers/MarketplacePricesLogController.php
index 60967eb5..1ee314b9 100644
--- a/erp24/controllers/MarketplacePricesLogController.php
+++ b/erp24/controllers/MarketplacePricesLogController.php
@@ -2,6 +2,8 @@
 
 namespace app\controllers;
 
+use Yii;
+use yii_app\records\AdminGroup;
 use yii_app\records\MarketplacePricesLog;
 use yii_app\records\MarketplacePricesLogSearch;
 use yii\web\Controller;
@@ -38,6 +40,9 @@ class MarketplacePricesLogController extends Controller
      */
     public function actionIndex()
     {
+        if (($resp = $this->checkAccess()) !== null) {
+            return $resp;
+        }
         $searchModel = new MarketplacePricesLogSearch();
         $dataProvider = $searchModel->search($this->request->queryParams);
 
@@ -55,6 +60,9 @@ class MarketplacePricesLogController extends Controller
      */
     public function actionView($id)
     {
+        if (($resp = $this->checkAccess()) !== null) {
+            return $resp;
+        }
         return $this->render('view', [
             'model' => $this->findModel($id),
         ]);
@@ -67,6 +75,9 @@ class MarketplacePricesLogController extends Controller
      */
     public function actionCreate()
     {
+        if (($resp = $this->checkAccess()) !== null) {
+            return $resp;
+        }
         $model = new MarketplacePricesLog();
 
         if ($this->request->isPost) {
@@ -91,6 +102,9 @@ class MarketplacePricesLogController extends Controller
      */
     public function actionUpdate($id)
     {
+        if (($resp = $this->checkAccess()) !== null) {
+            return $resp;
+        }
         $model = $this->findModel($id);
 
         if ($this->request->isPost && $model->load($this->request->post()) && $model->save()) {
@@ -111,6 +125,10 @@ class MarketplacePricesLogController extends Controller
      */
     public function actionDelete($id)
     {
+        if (($resp = $this->checkAccess()) !== null) {
+            $this->redirect(['/site/index']);
+        }
+
         $this->findModel($id)->delete();
 
         return $this->redirect(['index']);
@@ -131,4 +149,16 @@ class MarketplacePricesLogController extends Controller
 
         throw new NotFoundHttpException('The requested page does not exist.');
     }
+
+    private function checkAccess() {
+        $groupId = Yii::$app->user->identity->group_id;
+
+        if (!in_array($groupId, [
+            AdminGroup::GROUP_IT,
+        ], true)) {
+            return $this->render('/site/index');
+        }
+
+        return null;
+    }
 }
diff --git a/erp24/views/marketplace-prices/index.php b/erp24/views/marketplace-prices/index.php
index 3766a073..3bc620bd 100644
--- a/erp24/views/marketplace-prices/index.php
+++ b/erp24/views/marketplace-prices/index.php
@@ -1,6 +1,8 @@
 <?php
 
 use yii\widgets\ActiveForm;
+use yii_app\records\Admin;
+use yii_app\records\AdminGroup;
 use yii_app\records\MarketplacePrices;
 use yii\helpers\Html;
 use yii\helpers\Url;
@@ -21,7 +23,9 @@ $this->params['breadcrumbs'][] = $this->title;
     <div class="d-flex justify-content-between">
         <div>
             <?= Html::a('ÐÐ¾Ð±Ð°Ð²Ð¸ÑÑ ÑÐµÐ½Ñ', ['create'], ['class' => 'btn btn-success ']) ?>
+            <?php if(in_array(Admin::findOne([Yii::$app->user->id])->group_id, [AdminGroup::GROUP_IT, AdminGroup::GROUP_RS_DIRECTOR]))  { ?>
             <?= Html::a('ÐÑÑÐ¾ÑÐ¸Ñ ÑÐµÐ½', ['/marketplace-prices-log/index'], ['class' => 'btn btn-success']) ?>
+            <?php } ?>
             <?= Html::a('Ð¢Ð¾Ð²Ð°ÑÑ Ð¼Ð°ÑÐºÐµÑÐ¿Ð»ÐµÐ¹ÑÐ¾Ð²', ['/matrix-erp/index'], ['class' => 'btn btn-success']) ?>
         </div>
 
