From 9159fd64bd6412248dde94beaab7642828a46329 Mon Sep 17 00:00:00 2001 From: vladfo Date: Fri, 13 Sep 2024 17:14:52 +0300 Subject: [PATCH] =?utf8?q?=D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D0=BB=20?= =?utf8?q?=D0=B4=D0=BE=D1=81=D1=82=D1=83=D0=BF=D1=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- .../controllers/ClusterLinkEditController.php | 36 ++++++++++++++++++- erp24/views/cluster_link_edit/_form.php | 4 +-- erp24/views/cluster_link_edit/create.php | 2 +- erp24/views/cluster_link_edit/index.php | 2 +- erp24/views/cluster_link_edit/view-all.php | 2 +- 5 files changed, 40 insertions(+), 6 deletions(-) diff --git a/erp24/controllers/ClusterLinkEditController.php b/erp24/controllers/ClusterLinkEditController.php index 236c4f2e..8aa58652 100644 --- a/erp24/controllers/ClusterLinkEditController.php +++ b/erp24/controllers/ClusterLinkEditController.php @@ -4,6 +4,7 @@ namespace app\controllers; use Yii; use yii\data\ArrayDataProvider; +use yii\filters\AccessControl; use yii\helpers\ArrayHelper; use yii_app\helpers\DateHelper; use yii_app\records\Admin; @@ -23,6 +24,9 @@ use yii_app\records\StoreDynamic; */ class ClusterLinkEditController extends Controller { + /** + * @inheritDoc + */ /** * @inheritDoc */ @@ -31,8 +35,38 @@ class ClusterLinkEditController extends Controller return array_merge( parent::behaviors(), [ + // Ограничение по доступу + 'access' => [ + 'class' => AccessControl::class, + 'rules' => [ + [ + 'allow' => true, + 'roles' => ['@'], // Только для авторизованных пользователей + 'matchCallback' => function ($rule, $action) { + // Текущий пользователь + $user = Yii::$app->user; + + // Проверяем, если id пользователя = 1 или 3 + if (in_array($user->id, [1, 3])) { + return true; + } + + // Проверяем, если group_id пользователя = 71 или 81 + // Предполагается, что group_id хранится в профиле пользователя + $groupId = $user->identity->group_id ?? null; + if (in_array($groupId, [71, 81])) { + return true; + } + + // Доступ запрещен, если не прошли предыдущие проверки + return false; + } + ], + ], + ], + // Ограничение по HTTP методам 'verbs' => [ - 'class' => VerbFilter::className(), + 'class' => VerbFilter::class, 'actions' => [ 'delete' => ['POST'], ], diff --git a/erp24/views/cluster_link_edit/_form.php b/erp24/views/cluster_link_edit/_form.php index c4500bab..da72a17c 100644 --- a/erp24/views/cluster_link_edit/_form.php +++ b/erp24/views/cluster_link_edit/_form.php @@ -11,7 +11,7 @@ use yii\widgets\ActiveForm; /** @var array $clusterManager */ ?> -
+
name?> @@ -25,5 +25,5 @@ use yii\widgets\ActiveForm;
- + 'btn btn-primary']) ?>
diff --git a/erp24/views/cluster_link_edit/create.php b/erp24/views/cluster_link_edit/create.php index 654f0a65..e130f08e 100644 --- a/erp24/views/cluster_link_edit/create.php +++ b/erp24/views/cluster_link_edit/create.php @@ -5,7 +5,7 @@ use yii\helpers\Html; /** @var yii\web\View $this */ /** @var yii_app\records\Cluster $model */ -$this->title = 'Create Cluster'; +$this->title = 'Создать Куст'; $this->params['breadcrumbs'][] = ['label' => 'Clusters', 'url' => ['index']]; $this->params['breadcrumbs'][] = $this->title; ?> diff --git a/erp24/views/cluster_link_edit/index.php b/erp24/views/cluster_link_edit/index.php index afdc42fc..609e8ddf 100644 --- a/erp24/views/cluster_link_edit/index.php +++ b/erp24/views/cluster_link_edit/index.php @@ -21,7 +21,7 @@ $this->title = 'Кусты'; $this->params['breadcrumbs'][] = $this->title; ?> -
+

title) ?>

diff --git a/erp24/views/cluster_link_edit/view-all.php b/erp24/views/cluster_link_edit/view-all.php index 05b74216..8af24edd 100644 --- a/erp24/views/cluster_link_edit/view-all.php +++ b/erp24/views/cluster_link_edit/view-all.php @@ -26,7 +26,7 @@ $availableStores = array_filter($storeNames, function ($storeId) use ($storesInC }, ARRAY_FILTER_USE_KEY); ?> -
+

title) ?>

-- 2.39.5