From: Alexander Smirnov <fredeom@mail.ru>
Date: Sat, 27 Apr 2024 14:04:37 +0000 (+0300)
Subject: add admin/auth-by-hash
X-Git-Tag: 1.1~91^2
X-Git-Url: https://gitweb.erp-flowers.ru/?a=commitdiff_plain;h=b8252ccab3ca4c9caf9f745a4f29b031f958036a;p=erp24_rep%2Fyii-erp24%2F.git

add admin/auth-by-hash
---

diff --git a/erp24/api3/modules/v1/controllers/AdminController.php b/erp24/api3/modules/v1/controllers/AdminController.php
index cbd00a7e..40a8dce0 100644
--- a/erp24/api3/modules/v1/controllers/AdminController.php
+++ b/erp24/api3/modules/v1/controllers/AdminController.php
@@ -2,10 +2,16 @@
 
 namespace yii_app\api3\modules\v1\controllers;
 
+use Yii;
+use yii\db\Expression;
 use yii\db\Query;
 use yii\helpers\ArrayHelper;
+use yii\helpers\Json;
+use yii\web\NotFoundHttpException;
+use yii\web\UnauthorizedHttpException;
 use yii_app\api3\modules\v1\models\Admin;
 use yii_app\records\AdminGroup;
+use yii_app\records\AuthAssignment;
 
 class AdminController extends \yii_app\api3\controllers\ActiveController
 {
@@ -47,4 +53,51 @@ class AdminController extends \yii_app\api3\controllers\ActiveController
         }
         return $results;
     }
+
+    public function actionAuthByHash() {
+        $hash = Yii::$app->request->bodyParams["hash"] ?? null;
+        if (!$hash) {
+            throw new UnauthorizedHttpException("hash не найден");
+        }
+
+        $admin = Admin::find()
+            ->where(['group_id' => 27])
+            ->andWhere(['or',
+                ['MD5(CONCAT(id, \':\', pass_user))' => $hash],
+                ['MD5(CONCAT(login_user, \':\', pass_user))' => $hash]
+            ])
+            ->one();
+
+        if ($admin !== null) {
+            $admin->group_name = "Курьер";
+            $admin->id = "-" . $admin->id;
+        } else {
+            $admin = Admin::find()
+                ->where(['>', 'group_id', 0])
+                ->andWhere(['or',
+                    ['MD5(CONCAT(id, \':\', pass_user))' => $hash],
+                    ['MD5(CONCAT(login_user, \':\', pass_user))' => $hash]
+                ])
+                ->one();
+        }
+
+        if ($admin === null) {
+            throw new NotFoundHttpException("Нет такого сотрудника");
+        }
+
+        $permissions = AuthAssignment::find()
+            ->select('item_name')
+            ->where(['user_id' => $admin->id])
+            ->all();
+
+        $response = [
+            'group_id' => $admin->group_id,
+            'name' => $admin->name,
+            'group_name' => $admin->group_name,
+            'id' => $admin->id,
+            'permissions' => $permissions
+        ];
+
+        return $response;
+    }
 }
\ No newline at end of file
diff --git a/erp24/records/AuthAssignment.php b/erp24/records/AuthAssignment.php
new file mode 100644
index 00000000..95702af6
--- /dev/null
+++ b/erp24/records/AuthAssignment.php
@@ -0,0 +1,62 @@
+<?php
+
+namespace yii_app\records;
+
+use Yii;
+
+/**
+ * This is the model class for table "auth_assignment".
+ *
+ * @property string $item_name
+ * @property string $user_id
+ * @property int|null $created_at
+ *
+ * @property AuthItem $itemName
+ */
+class AuthAssignment extends \yii\db\ActiveRecord
+{
+    /**
+     * {@inheritdoc}
+     */
+    public static function tableName()
+    {
+        return 'auth_assignment';
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function rules()
+    {
+        return [
+            [['item_name', 'user_id'], 'required'],
+            [['created_at'], 'default', 'value' => null],
+            [['created_at'], 'integer'],
+            [['item_name', 'user_id'], 'string', 'max' => 64],
+            [['item_name', 'user_id'], 'unique', 'targetAttribute' => ['item_name', 'user_id']],
+            [['item_name'], 'exist', 'skipOnError' => true, 'targetClass' => AuthItem::class, 'targetAttribute' => ['item_name' => 'name']],
+        ];
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function attributeLabels()
+    {
+        return [
+            'item_name' => 'Item Name',
+            'user_id' => 'User ID',
+            'created_at' => 'Created At',
+        ];
+    }
+
+    /**
+     * Gets query for [[ItemName]].
+     *
+     * @return \yii\db\ActiveQuery
+     */
+    public function getItemName()
+    {
+        return $this->hasOne(AuthItem::class, ['name' => 'item_name']);
+    }
+}
diff --git a/erp24/records/AuthItem.php b/erp24/records/AuthItem.php
new file mode 100644
index 00000000..b4f75471
--- /dev/null
+++ b/erp24/records/AuthItem.php
@@ -0,0 +1,126 @@
+<?php
+
+namespace yii_app\records;
+
+use Yii;
+
+/**
+ * This is the model class for table "auth_item".
+ *
+ * @property string $name
+ * @property int $type
+ * @property string|null $description
+ * @property string|null $rule_name
+ * @property resource|null $data
+ * @property int|null $created_at
+ * @property int|null $updated_at
+ *
+ * @property AuthAssignment[] $authAssignments
+ * @property AuthItemChild[] $authItemChildren
+ * @property AuthItemChild[] $authItemChildren0
+ * @property AuthItem[] $children
+ * @property AuthItem[] $parents
+ * @property AuthRule $ruleName
+ */
+class AuthItem extends \yii\db\ActiveRecord
+{
+    /**
+     * {@inheritdoc}
+     */
+    public static function tableName()
+    {
+        return 'auth_item';
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function rules()
+    {
+        return [
+            [['name', 'type'], 'required'],
+            [['type', 'created_at', 'updated_at'], 'default', 'value' => null],
+            [['type', 'created_at', 'updated_at'], 'integer'],
+            [['description', 'data'], 'string'],
+            [['name', 'rule_name'], 'string', 'max' => 64],
+            [['name'], 'unique'],
+            [['rule_name'], 'exist', 'skipOnError' => true, 'targetClass' => AuthRule::class, 'targetAttribute' => ['rule_name' => 'name']],
+        ];
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function attributeLabels()
+    {
+        return [
+            'name' => 'Name',
+            'type' => 'Type',
+            'description' => 'Description',
+            'rule_name' => 'Rule Name',
+            'data' => 'Data',
+            'created_at' => 'Created At',
+            'updated_at' => 'Updated At',
+        ];
+    }
+
+    /**
+     * Gets query for [[AuthAssignments]].
+     *
+     * @return \yii\db\ActiveQuery
+     */
+    public function getAuthAssignments()
+    {
+        return $this->hasMany(AuthAssignment::class, ['item_name' => 'name']);
+    }
+
+    /**
+     * Gets query for [[AuthItemChildren]].
+     *
+     * @return \yii\db\ActiveQuery
+     */
+    public function getAuthItemChildren()
+    {
+        return $this->hasMany(AuthItemChild::class, ['parent' => 'name']);
+    }
+
+    /**
+     * Gets query for [[AuthItemChildren0]].
+     *
+     * @return \yii\db\ActiveQuery
+     */
+    public function getAuthItemChildren0()
+    {
+        return $this->hasMany(AuthItemChild::class, ['child' => 'name']);
+    }
+
+    /**
+     * Gets query for [[Children]].
+     *
+     * @return \yii\db\ActiveQuery
+     */
+    public function getChildren()
+    {
+        return $this->hasMany(AuthItem::class, ['name' => 'child'])->viaTable('auth_item_child', ['parent' => 'name']);
+    }
+
+    /**
+     * Gets query for [[Parents]].
+     *
+     * @return \yii\db\ActiveQuery
+     */
+    public function getParents()
+    {
+        return $this->hasMany(AuthItem::class, ['name' => 'parent'])->viaTable('auth_item_child', ['child' => 'name']);
+    }
+
+    /**
+     * Gets query for [[RuleName]].
+     *
+     * @return \yii\db\ActiveQuery
+     */
+    public function getRuleName()
+    {
+        return $this->hasOne(AuthRule::class, ['name' => 'rule_name']);
+    }
+}
diff --git a/erp24/records/AuthItemChild.php b/erp24/records/AuthItemChild.php
new file mode 100644
index 00000000..bafb0dce
--- /dev/null
+++ b/erp24/records/AuthItemChild.php
@@ -0,0 +1,70 @@
+<?php
+
+namespace yii_app\records;
+
+use Yii;
+
+/**
+ * This is the model class for table "auth_item_child".
+ *
+ * @property string $parent
+ * @property string $child
+ *
+ * @property AuthItem $child0
+ * @property AuthItem $parent0
+ */
+class AuthItemChild extends \yii\db\ActiveRecord
+{
+    /**
+     * {@inheritdoc}
+     */
+    public static function tableName()
+    {
+        return 'auth_item_child';
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function rules()
+    {
+        return [
+            [['parent', 'child'], 'required'],
+            [['parent', 'child'], 'string', 'max' => 64],
+            [['parent', 'child'], 'unique', 'targetAttribute' => ['parent', 'child']],
+            [['parent'], 'exist', 'skipOnError' => true, 'targetClass' => AuthItem::class, 'targetAttribute' => ['parent' => 'name']],
+            [['child'], 'exist', 'skipOnError' => true, 'targetClass' => AuthItem::class, 'targetAttribute' => ['child' => 'name']],
+        ];
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function attributeLabels()
+    {
+        return [
+            'parent' => 'Parent',
+            'child' => 'Child',
+        ];
+    }
+
+    /**
+     * Gets query for [[Child0]].
+     *
+     * @return \yii\db\ActiveQuery
+     */
+    public function getChild0()
+    {
+        return $this->hasOne(AuthItem::class, ['name' => 'child']);
+    }
+
+    /**
+     * Gets query for [[Parent0]].
+     *
+     * @return \yii\db\ActiveQuery
+     */
+    public function getParent0()
+    {
+        return $this->hasOne(AuthItem::class, ['name' => 'parent']);
+    }
+}
diff --git a/erp24/records/AuthRule.php b/erp24/records/AuthRule.php
new file mode 100644
index 00000000..f22d3f08
--- /dev/null
+++ b/erp24/records/AuthRule.php
@@ -0,0 +1,64 @@
+<?php
+
+namespace yii_app\records;
+
+use Yii;
+
+/**
+ * This is the model class for table "auth_rule".
+ *
+ * @property string $name
+ * @property resource|null $data
+ * @property int|null $created_at
+ * @property int|null $updated_at
+ *
+ * @property AuthItem[] $authItems
+ */
+class AuthRule extends \yii\db\ActiveRecord
+{
+    /**
+     * {@inheritdoc}
+     */
+    public static function tableName()
+    {
+        return 'auth_rule';
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function rules()
+    {
+        return [
+            [['name'], 'required'],
+            [['data'], 'string'],
+            [['created_at', 'updated_at'], 'default', 'value' => null],
+            [['created_at', 'updated_at'], 'integer'],
+            [['name'], 'string', 'max' => 64],
+            [['name'], 'unique'],
+        ];
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function attributeLabels()
+    {
+        return [
+            'name' => 'Name',
+            'data' => 'Data',
+            'created_at' => 'Created At',
+            'updated_at' => 'Updated At',
+        ];
+    }
+
+    /**
+     * Gets query for [[AuthItems]].
+     *
+     * @return \yii\db\ActiveQuery
+     */
+    public function getAuthItems()
+    {
+        return $this->hasMany(AuthItem::class, ['rule_name' => 'name']);
+    }
+}