fix admin access

7a795c36 · Олег Гиммельшпах · 7b48b2d6 · 7a795c36
Commit 7a795c36 authored May 05, 2016 by Олег Гиммельшпах
Hide whitespace changes
Inline Side-by-side

Showing with 31 additions and 0 deletions

common/components/AdminController.php common/components/AdminController.php +31 -0

No files found.
--- a/common/components/AdminController.php
+++ b/common/components/AdminController.php
@@ -30,5 +30,36 @@ abstract class AdminController extends \common\components\BaseController
        {
 			throw new NotSupportedException('The requested page does not exist.');
        }
+
+        $module = $this->getModuleName();
+
+		if($module && !Yii::$app->authManager->checkAccess(Yii::$app->user->id, $module))
+    	{
+    		throw new \Exception('There is no access to this page', 403);
+    	}
+    }
+
+    private function getModuleName()
+    {
+    	if(isset($this->module) && $this->module->id)
+        {
+        	if($this->module->id == Yii::$app->id)
+        	{
+        		return null;
+        	}
+
+	    	switch ($this->module->id) 
+	    	{
+	    		case 'users':
+	    			return 'rbac';
+	    			break;
+	    		
+	    		default:
+	    			return $this->module->id;
+	    			break;
+	    	}
+	    }
+
+	    return null;
    }
 }