#969 - Доработать функционал модуля "Управление доступом"

ec7ad38f · Олег Гиммельшпах · 7c426cbc · ec7ad38f · ec7ad38f · 7c426cbc
Commit ec7ad38f authored Feb 09, 2016 by Олег Гиммельшпах
10 changed files
--- a/backend/controllers/SiteController.php
+++ b/backend/controllers/SiteController.php
@@ -14,7 +14,6 @@ class SiteController extends Controller
 {
    public $page_title = 'SiteController';
 	
-	
 	/**
     * @inheritdoc
     */
@@ -29,7 +28,7 @@ class SiteController extends Controller
                        'allow' => true,
                    ],
                    [
-                        'actions' => ['logout', 'index'],
+                        'actions' => ['logout'],
                        'allow' => true,
                        'roles' => ['@'],
                    ],
@@ -56,66 +55,27 @@ class SiteController extends Controller
        ];
    }

-    public function actionIndex()
-    {
-        return $this->render('index');
-    }
-
    public function actionLogin()
    {
-        if (!\Yii::$app->user->isGuest) {
+        if (!\Yii::$app->user->isGuest) 
+        {
            return $this->goHome();
        }
+
        $this->page_title = 'Панель управления';
 		$this->layout = "blank";
        $model = new LoginForm();
-        if ($model->load(Yii::$app->request->post()) && $model->login()) {
-            return $this->goBack();
-        } else {
-            return $this->render('login', [
-                'model' => $model,
-            ]);
-        }
-    }

-	public function actionLogin1()
+        if ($model->load(Yii::$app->request->post()) && $model->login()) 
        {
-
-        if (!Yii::app()->user->isGuest)
-        {
-            throw new CException('Вы уже авторизованы!');
-        }
-
-        $this->layout = "//layouts/adminLogin";
-
-        $model = new User("Login");
-
-        $params = array(
-            "model"      => $model,
-            "error_code" => null
-        );
-
-        if (isset($_POST["User"]))
-        {
-            $model->attributes = $_POST["User"];
-            if ($model->validate())
-            {
-                $identity = new UserIdentity($_POST["User"]["email"], $_POST["User"]["password"], $_POST["User"]["remember_me"]);
-
-
-                if ($identity->authenticate(false))
-                {
-                    Yii::app()->user->setState("_allowToUseTiny", (Yii::app()->user->checkAccess('admin')));  
-                    $this->redirect($this->url("/main/mainAdmin"));
+            return $this->goBack();
        } 
        else 
        {
-                    $params["error_code"] = $identity->errorCode;
-                }
-            }
+            return $this->render('login', [
+                'model' => $model,
+            ]);
        }
-
-        $this->render("login", $params);
    }

    public function actionLogout()

--- a/backend/views/layouts/main.php
+++ b/backend/views/layouts/main.php
@@ -69,8 +69,11 @@ AppAsset::register($this);
 							<a href="javascript:;"><img src="/img/user-13.jpg" alt="" /></a>
 						</div-->
 						<div class="info">
-							<?php echo \yii::$app->user->identity->name?>
+							<?php if(!\yii::$app->user->isGuest)
+							{
+								echo \yii::$app->user->identity->name ?>
 								<small><?php echo \yii::$app->user->identity->getPost()?></small>
+							<?php } ?>
 						</div>
 					</li>
 				</ul>

--- a/backend/web/index.html
+++ b/backend/web/index.html
-Test
\ No newline at end of file
--- a/common/components/AdminController.php
+++ b/common/components/AdminController.php
 <?php
-use \common\components;
 namespace common\components; 

+use Yii;
+use yii\base\NotSupportedException;
+
+use common\modules\users\models\User;
+
 abstract class AdminController extends \common\components\BaseController
 {
-    public $layout='//main';
+    public $layout = '//main';

    public $tabs;
 	
@@ -17,19 +21,15 @@ abstract class AdminController extends \common\components\BaseController
    {
 		parent::init();

-        $admin_url = $this->url('/users/userAdmin/login');

-		if(\Yii::$app->user->isGuest)
+		if(Yii::$app->user->isGuest)
        {
-			$this->redirect('/site/login');
-            \Yii::$app->end();
+			return $this->redirect('/site/login');
        }

-		if(\Yii::$app->user->identity->getRole() == 'user')
-			$this->redirect('/');
-        if (\Yii::$app->user->isGuest && $_SERVER['REQUEST_URI'] != $admin_url)
+		if(Yii::$app->user->identity->role != User::ROLE_ADMIN)
        {
-            $this->redirect($admin_url);
+			throw new NotSupportedException('The requested page does not exist.');
        }

        $this->view->registerJsFile('/js/packages/adminBaseClasses/buttonSet.js');

--- a/common/models/LoginForm.php
+++ b/common/models/LoginForm.php
@@ -59,9 +59,20 @@ class LoginForm extends Model
     */
    public function login()
    {
-        if ($this->validate()) {
-            return Yii::$app->user->login($this->getUser(), $this->rememberMe ? 3600 * 24 * 30 : 0);
-        } else {
+        if ($this->validate()) 
+        {
+            $user = $this->getUser();
+            if(Yii::$app->id == 'app-backend' && $user->role != User::ROLE_ADMIN)
+            {
+                return false;
+            }
+            else
+            {
+                return Yii::$app->user->login($user, $this->rememberMe ? 3600 * 24 * 30 : 0);
+            }
+        } 
+        else 
+        {
            return false;
        }
    }
@@ -73,7 +84,8 @@ class LoginForm extends Model
     */
    public function getUser()
    {
-        if ($this->_user === false) {
+        if ($this->_user === false) 
+        {
            $this->_user = User::findByUsername($this->username);
        }


--- a/common/modules/users/controllers/UserAdminController.php
+++ b/common/modules/users/controllers/UserAdminController.php
--- a/common/modules/users/controllers/UserController.php
+++ b/common/modules/users/controllers/UserController.php
@@ -110,9 +110,11 @@ class UserController extends \common\components\BaseController {
    }


-    public function actionRegistration() {
+    public function actionRegistration() 
+    {
        $model = new User();
        $model->scenario = User::SCENARIO_REGISTRATION;
+        $model->role = User::ROLE_USER;

        if (isset($_POST['User'])) {
            $model->attributes = $_POST['User'];

--- a/common/modules/users/forms/UserForm.php
+++ b/common/modules/users/forms/UserForm.php
 <?php
-use common\modules\rbac\models\AuthItem;
+// use common\modules\rbac\models\AuthItem;
 use common\modules\users\models\User;
-use yii\helpers\ArrayHelper;
+// use yii\helpers\ArrayHelper;

-$roles = AuthItem::find(
-	['type' => AuthItem::TYPE_ROLE],
-	"name != '" . AuthItem::ROLE_GUEST . "'"
-)->all();
+// $roles = AuthItem::find(
+// 	['type' => AuthItem::TYPE_ROLE],
+// 	"name != '" . AuthItem::ROLE_GUEST . "'"
+// )->all();


 return [
    'activeForm'=>[
        'id' => 'user-form',
-        'class' => 'ActiveForm',
-		'options' => ['class' => 'form-horizontal'],
-		'fieldConfig' => [
-//			'template' => '<div class="form-group">{label}<div class="col-md-9">{input}</div><div class="col-md-9">{error}</div></div>',
-			'labelOptions' => ['class' => 'col-md-3 control-label'],
-		],
-        'enableAjaxValidation' => false,
-// 	'htmlOptions'=>['class'=>'registr'),
    ],
    'elements'       => [
        'send_email' => ['type' => 'checkbox'],
@@ -30,11 +22,6 @@ return [
        'phone'      => ['type' => 'text', 'class' => 'form-control'],
        'mobile_phone'      => ['type' => 'text', 'class' => 'form-control'],
        'skype'      => ['type' => 'text', 'class' => 'form-control'],
-        /*'status' => [
-            'type'  => 'dropdownlist',
-            'items' => User::$status_list,
-			'class' => 'form-control',
-    	],*/
        'status' => [
            'type' => 'checkbox',
            'value' => 'active',
@@ -45,16 +32,11 @@ return [
        ],
        'role' => [
            'type'  => 'dropdownlist',
-            'items' => ArrayHelper::map($roles, 'name', 'description'),
+            'items' => User::$role_list,
 			'class' => 'form-control',
    	],
        'password'   => ['type' => 'password', 'class' => 'form-control', 'pwd-id' => 'passwordStrengthDiv'],
        'password_c' => ['type' => 'password', 'class' => 'form-control', 'pwd-id' => 'passwordStrengthDiv2'],
-        /*'captcha' => [
-            'type' => 'captcha',
-            'label' => 'Введите код с картинки',
-			'class' => 'form-control'
-        ],*/
    ],
    'buttons' => [
        'sp1' => ['type' => 'htmlBlock', 'value' => '<div class="col-md-8 col-sm-6" style="padding-left: 0;">',],

--- a/common/modules/users/models/User.php
+++ b/common/modules/users/models/User.php
@@ -30,6 +30,9 @@ class User extends \common\components\ActiveRecordModel implements IdentityInter
    const STATUS_NEW     = 'new';
    const STATUS_BLOCKED = 'blocked';

+    const ROLE_ADMIN = 'admin';
+    const ROLE_USER     = 'user';
+
    const GENDER_MAN   = "man";
    const GENDER_WOMAN = "woman";

@@ -56,26 +59,22 @@ class User extends \common\components\ActiveRecordModel implements IdentityInter
    const SCENARIO_SOCIAL_REGISTRATION            = 'SocialRegistration';
    const SOURCE_DEFAULT = 'direct';

-//	public $email;
-    public $role;
    public $password_c;
    public $captcha;
    public $remember_me = false;
    public $activate_error;
-//	public $activate_code;
-//	public $checked;
    public $csv_file;
    public $send_email;
    public $generate_new;
-//	public $fio;
-//	public $phone;
-//	public $mobile_phone;
-//	public $skype;
    public $tmp; //for external using. no delete!
-//	public $post;

    public $profile;

+    public static $role_list = [
+    	self::ROLE_ADMIN => 'Доступ в админ-панель',
+    	self::ROLE_USER => 'Доступ к сайту',
+    ];
+    
     public static $occupation_list = [
        self::OCCUPATION_CHIEF_IT => 'Руководитель в IT сфере',
        self::OCCUPATION_MANAGER_IT => 'Менеджер в IT сфере',
@@ -268,12 +267,17 @@ class User extends \common\components\ActiveRecordModel implements IdentityInter
        ]);
    }
 	
-	public function getPost() {
+	public function getPost() 
+	{
 		if(!empty($this->post))
+		{
 			return $this->post;
+		}
 		else
+		{
 			return 'Должность не определена';
 		}
+	}
 	
 	/**
     * @inheritdoc
@@ -431,28 +435,6 @@ class User extends \common\components\ActiveRecordModel implements IdentityInter
 		$this->activate_code = md5($this->id . $this->name . $this->email . time(true) . rand(5, 10));
 	}
 	
-
-	public function getRole()
-	{
-//        $auth = AuthItem::find()->joinWith('assignment', true)
-//            ->andWhere(['rule_name' => 'group'])
-//            ->andWhere(['auth_assignment.user_id' => $this->id])
-//            ->one();
-//
-//        return $auth->name;
-		$assigment = AuthAssignment::find(['userid' => $this->id])->one();
-         if (!$assigment)
-		{
-			$assigment = new AuthAssignment();
-			$assigment->item_name = AuthItem::ROLE_DEFAULT;
-			$assigment->user_id   = $this->id;
-			$assigment->save(false);
-		}
-
-		return $assigment->role;
-		return 'admin';
-	}
-	
 	public function getRoleName()
 	{
 		$assigment = AuthAssignment::find(['user_id' => $this->id])->one();
@@ -472,13 +454,11 @@ class User extends \common\components\ActiveRecordModel implements IdentityInter
 		return $out;
 	}

-
 	public function isRootRole()
 	{
 		return $this->role->name == AuthItem::ROLE_ROOT;
 	}

-
 	public function sendActivationMail()
 	{
 		$mailler_letter = MailerLetter::model();

--- a/common/modules/users/views/user-admin/importCSV.php
+++ b/common/modules/users/views/user-admin/importCSV.php
-<style type="text/css">
-    .old_value {
-        text-decoration: line-through;
-        color: #990000;
-    }
-</style>
-
-
-<?php if (isset($form)): ?>
-
-    <?php if (Yii::app()->user->hasFlash('import_done')): ?>
-        <?php echo $this->msg(Yii::app()->user->getFlash('import_done'), 'ok'); ?>
-    <?php endif ?>
-
-    <span style="font-size: 14px; color: #008C66;">Краткая инструкция по файла реестра пользователей</span><br /><br />
-    <div>
-    Для загрузки реестра пользователей на сайт необходимо:
-    <ol>
-       <ul>1. заполнить <a href="/upload/users/users.xls">шаблон</a> в формате MS Excel. Поля для назначения тестов имеют формат "да/нет".</ul>
-       <ul>2. сохранить файл как CSV (разделители-запятые)</ul>
-
-       <ul>3. выбрать группу пользователей из раскрывающегося списка выше</ul>
-       <ul>4. загрузить файл на сайт c помощью кнопки ниже</ul>
-    </ol>
-    <span style="color: red;">Важно!</span> Не используйте клавишу ENTER для перевода строки при заполнении шаблона. Если это необходимо, пользуйтесь вместо этого тегом <strong><span style="color: red">&lt;br&gt;</span></strong>.
-
-    <?php echo $form; ?>
-
-<?php endif ?>
-
-
-
-<?php if (isset($users)): ?>
-
-    <form method="post">
-        <input type="hidden" name="role" value="<?php echo $_POST['User']['role'] ?>" />
-        <input type="hidden" name="send_email" value="<?php echo $_POST['User']['send_email'] ?>" />
-        <?php
-        $model = User::model();
-        $model->scenario = User::SCENARIO_CSV_IMPORT;
-        ?>
-
-
-        <?php foreach ($users as $i => $user): ?>
-
-            <?php
-            $user["password"] = isset($user["password"]) ? $user["password"] : PasswordGenerator::generate(6);
-
-            $object = $model->findByAttributes(array('login' => trim($user['login'])));
-
-            if ($object)
-            {
-                foreach ($object->attributes as $attr => $value)
-                {
-                    if (isset($user[$attr]) && ($user[$attr] != $value))
-                    {
-                        if ($attr == 'password')
-                        {
-                            $user[$attr] = trim($user[$attr]);
-                            if (empty($user[$attr]))
-                            {
-                                $object->$attr = null;
-                                continue;
-                            }
-
-                            if (md5($user[$attr]) != $object->$attr)
-                            {
-                                $object->$attr = "<div class='old_value'>{$value}</div> <br/> {$user[$attr]}";
-                            }
-                            else
-                            {
-                                $object->$attr = $user[$attr];
-                            }
-                        }
-                        else if ($attr == 'city_id')
-                        {
-                            if ($object->city)
-                            {
-                                if ($user[$attr] && $user[$attr] != $object->city->name)
-                                {
-                                    $object->$attr = "<div class='old_value'>{$object->city->name}</div> <br/> {$user[$attr]}";
-                                }
-                                else
-                                {
-                                    $object->$attr = $object->city->name;
-                                }
-                            }
-                        }
-                        else
-                        {
-                            $object->$attr = "<div class='old_value'>{$value}</div><br/> {$user[$attr]}";
-                        }
-                    }
-                }
-            }
-            else
-            {
-                $object = new User;
-                $object->attributes = $user;
-                $object->password   = $user["password"];
-            }
-
-            $checked = 'checked';
-
-            ?>
-
-
-            <h3 style="color: <?php echo $object->isNewRecord ? 'green' : 'orange' ?>">
-                <input type="checkbox" name='users[<?php echo $i; ?>][checked]'<?php echo $object->isNewRecord ? $checked : ''; ?>> &nbsp;
-                <?php echo $object->isNewRecord ? 'Будет добавлено' : 'Будет отредактировано'; ?>
-            </h3>
-
-            <?php
-            $this->widget('application.components.DetailView', array(
-                'data' => $object,
-                'attributes' => array(
-                    'last_name:raw',
-                    'first_name:raw',
-                    'patronymic:raw',
-                    'email:raw',
-                    'login:raw',
-                    'password:raw',
-                    'phone:raw',
-                    'phone_ext:raw',
-                    'fax:raw',
-                    array('name' => 'city_id', 'type' => 'raw', 'value' => isset($model->city) ? $model->city->name : null),
-                    'company:raw',
-                    'post:raw',
-                    'address:raw',
-                ),
-            ));
-
-            ?>
-
-            <?php foreach ($user as $label => $value): ?>
-                <input type='hidden' name='users[<?php echo $i; ?>][<?php echo $label; ?>]' value='<?php echo $value; ?>' />
-            <?php endforeach ?>
-
-            <br/>
-
-            <?php endforeach ?>
-
-        <input type="submit" value="Обновить" class="submit mid" />
-    </form>
-
-<?php endif ?>