diff --git a/README.md b/README.md
index a3cba05..394e692 100755
--- a/README.md
+++ b/README.md
@@ -43,5 +43,7 @@ environments/ contains environment-based overrides
php yii migrate --migrationPath=@yii/rbac/migrations
и выполнить консольный скрипт
php yii rbac/init
- php yii rbac/create-company-manager-role
+ php yii rbac/create-editor
+ php yii rbac/create-company-manager-role
+ php yii rbac/create-default-access-rules
\ No newline at end of file
diff --git a/backend/modules/accesses/controllers/AccessesController.php b/backend/modules/accesses/controllers/AccessesController.php
index 9f8b4a9..3a4e7b9 100755
--- a/backend/modules/accesses/controllers/AccessesController.php
+++ b/backend/modules/accesses/controllers/AccessesController.php
@@ -33,14 +33,8 @@ class AccessesController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/accesses/controllers/DefaultController.php b/backend/modules/accesses/controllers/DefaultController.php
deleted file mode 100755
index b09d36f..0000000
--- a/backend/modules/accesses/controllers/DefaultController.php
+++ /dev/null
@@ -1,20 +0,0 @@
-render('index');
- }
-}
diff --git a/backend/modules/accesses/views/default/index.php b/backend/modules/accesses/views/default/index.php
deleted file mode 100755
index 48a44ff..0000000
--- a/backend/modules/accesses/views/default/index.php
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
= $this->context->action->uniqueId ?>
-
- This is the view content for action "= $this->context->action->id ?>".
- The action belongs to the controller "= get_class($this->context) ?>"
- in the "= $this->context->module->id ?>" module.
-
-
- You may customize this page by editing the following file:
- = __FILE__ ?>
-
-
diff --git a/backend/modules/achievements/controllers/AchievementsController.php b/backend/modules/achievements/controllers/AchievementsController.php
index 7ecff3e..a1758d1 100755
--- a/backend/modules/achievements/controllers/AchievementsController.php
+++ b/backend/modules/achievements/controllers/AchievementsController.php
@@ -30,14 +30,8 @@ class AchievementsController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/balance/controllers/BalanceController.php b/backend/modules/balance/controllers/BalanceController.php
index f0f04d0..d787d46 100755
--- a/backend/modules/balance/controllers/BalanceController.php
+++ b/backend/modules/balance/controllers/BalanceController.php
@@ -30,14 +30,8 @@ class BalanceController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/calendar/controllers/CalendarController.php b/backend/modules/calendar/controllers/CalendarController.php
index eac83ea..90f5a47 100755
--- a/backend/modules/calendar/controllers/CalendarController.php
+++ b/backend/modules/calendar/controllers/CalendarController.php
@@ -26,14 +26,8 @@ class CalendarController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/card/controllers/ResumeTemplateController.php b/backend/modules/card/controllers/ResumeTemplateController.php
index 7e1ebbb..2d18094 100644
--- a/backend/modules/card/controllers/ResumeTemplateController.php
+++ b/backend/modules/card/controllers/ResumeTemplateController.php
@@ -21,6 +21,9 @@ class ResumeTemplateController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/card/controllers/UserCardController.php b/backend/modules/card/controllers/UserCardController.php
index 10da2a8..d81acfb 100755
--- a/backend/modules/card/controllers/UserCardController.php
+++ b/backend/modules/card/controllers/UserCardController.php
@@ -36,14 +36,8 @@ class UserCardController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin', 'profileEditor'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/company/controllers/CompanyController.php b/backend/modules/company/controllers/CompanyController.php
index 9b56a05..790a9ac 100755
--- a/backend/modules/company/controllers/CompanyController.php
+++ b/backend/modules/company/controllers/CompanyController.php
@@ -29,14 +29,8 @@ class CompanyController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
'log' => [
'class' => \common\behaviors\LogBehavior::class,
diff --git a/backend/modules/company/controllers/CompanyManagerController.php b/backend/modules/company/controllers/CompanyManagerController.php
index 6d84fac..8aca470 100644
--- a/backend/modules/company/controllers/CompanyManagerController.php
+++ b/backend/modules/company/controllers/CompanyManagerController.php
@@ -21,6 +21,9 @@ class CompanyManagerController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
@@ -135,7 +138,6 @@ class CompanyManagerController extends Controller
*/
public function actionDismiss($id)
{
-// Debug::dd('fff');
$model = $this->findModel($id);
$model->company_id = null;
$model->update(false);
diff --git a/backend/modules/document/controllers/DocumentController.php b/backend/modules/document/controllers/DocumentController.php
index a7e9183..0f41c0c 100644
--- a/backend/modules/document/controllers/DocumentController.php
+++ b/backend/modules/document/controllers/DocumentController.php
@@ -25,6 +25,9 @@ class DocumentController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/document/controllers/DocumentFieldController.php b/backend/modules/document/controllers/DocumentFieldController.php
index dca9519..54e6f12 100644
--- a/backend/modules/document/controllers/DocumentFieldController.php
+++ b/backend/modules/document/controllers/DocumentFieldController.php
@@ -20,6 +20,9 @@ class DocumentFieldController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/document/controllers/DocumentFieldValueController.php b/backend/modules/document/controllers/DocumentFieldValueController.php
index 0f02980..6612bbb 100644
--- a/backend/modules/document/controllers/DocumentFieldValueController.php
+++ b/backend/modules/document/controllers/DocumentFieldValueController.php
@@ -23,6 +23,9 @@ class DocumentFieldValueController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/document/controllers/DocumentTemplateController.php b/backend/modules/document/controllers/DocumentTemplateController.php
index 412fc07..4745db6 100644
--- a/backend/modules/document/controllers/DocumentTemplateController.php
+++ b/backend/modules/document/controllers/DocumentTemplateController.php
@@ -20,6 +20,9 @@ class DocumentTemplateController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/employee/controllers/DefaultController.php b/backend/modules/employee/controllers/DefaultController.php
deleted file mode 100644
index e3be2d2..0000000
--- a/backend/modules/employee/controllers/DefaultController.php
+++ /dev/null
@@ -1,20 +0,0 @@
-render('index');
- }
-}
diff --git a/backend/modules/employee/controllers/ManagerController.php b/backend/modules/employee/controllers/ManagerController.php
index db14476..33bee91 100644
--- a/backend/modules/employee/controllers/ManagerController.php
+++ b/backend/modules/employee/controllers/ManagerController.php
@@ -22,6 +22,9 @@ class ManagerController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/employee/controllers/ManagerEmployeeController.php b/backend/modules/employee/controllers/ManagerEmployeeController.php
index c53d5ac..a8de30a 100644
--- a/backend/modules/employee/controllers/ManagerEmployeeController.php
+++ b/backend/modules/employee/controllers/ManagerEmployeeController.php
@@ -21,6 +21,9 @@ class ManagerEmployeeController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/hh/controllers/DefaultController.php b/backend/modules/hh/controllers/DefaultController.php
deleted file mode 100755
index 40e9b0c..0000000
--- a/backend/modules/hh/controllers/DefaultController.php
+++ /dev/null
@@ -1,20 +0,0 @@
-render('index');
- }
-}
diff --git a/backend/modules/hh/controllers/HhController.php b/backend/modules/hh/controllers/HhController.php
index e3d90fb..f443567 100755
--- a/backend/modules/hh/controllers/HhController.php
+++ b/backend/modules/hh/controllers/HhController.php
@@ -31,14 +31,8 @@ class HhController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/hh/controllers/HhJobController.php b/backend/modules/hh/controllers/HhJobController.php
index 92d065d..c83686f 100755
--- a/backend/modules/hh/controllers/HhJobController.php
+++ b/backend/modules/hh/controllers/HhJobController.php
@@ -29,14 +29,8 @@ class HhJobController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/hh/views/default/index.php b/backend/modules/hh/views/default/index.php
deleted file mode 100755
index ba855d9..0000000
--- a/backend/modules/hh/views/default/index.php
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
= $this->context->action->uniqueId ?>
-
- This is the view content for action "= $this->context->action->id ?>".
- The action belongs to the controller "= get_class($this->context) ?>"
- in the "= $this->context->module->id ?>" module.
-
-
- You may customize this page by editing the following file:
- = __FILE__ ?>
-
-
diff --git a/backend/modules/holiday/controllers/HolidayController.php b/backend/modules/holiday/controllers/HolidayController.php
index 7b4cc58..560a6bf 100755
--- a/backend/modules/holiday/controllers/HolidayController.php
+++ b/backend/modules/holiday/controllers/HolidayController.php
@@ -27,14 +27,8 @@ class HolidayController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/interview/controllers/DefaultController.php b/backend/modules/interview/controllers/DefaultController.php
deleted file mode 100755
index f49436c..0000000
--- a/backend/modules/interview/controllers/DefaultController.php
+++ /dev/null
@@ -1,20 +0,0 @@
-render('index');
- }
-}
diff --git a/backend/modules/interview/views/default/index.php b/backend/modules/interview/views/default/index.php
deleted file mode 100755
index b4b5646..0000000
--- a/backend/modules/interview/views/default/index.php
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
= $this->context->action->uniqueId ?>
-
- This is the view content for action "= $this->context->action->id ?>".
- The action belongs to the controller "= get_class($this->context) ?>"
- in the "= $this->context->module->id ?>" module.
-
-
- You may customize this page by editing the following file:
- = __FILE__ ?>
-
-
diff --git a/backend/modules/notes/controllers/NotesController.php b/backend/modules/notes/controllers/NotesController.php
index dcdaf2e..8ac282f 100755
--- a/backend/modules/notes/controllers/NotesController.php
+++ b/backend/modules/notes/controllers/NotesController.php
@@ -29,14 +29,8 @@ class NotesController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/notes/models/Note.php b/backend/modules/notes/models/Note.php
index c8b7201..1e5ce46 100755
--- a/backend/modules/notes/models/Note.php
+++ b/backend/modules/notes/models/Note.php
@@ -5,7 +5,7 @@ namespace backend\modules\notes\models;
use Yii;
use common\models\FieldsValueNew;
-class kNote extends \common\models\Note
+class Note extends \common\models\Note
{
public $fields;
diff --git a/backend/modules/options/controllers/DefaultController.php b/backend/modules/options/controllers/DefaultController.php
deleted file mode 100755
index a4355ee..0000000
--- a/backend/modules/options/controllers/DefaultController.php
+++ /dev/null
@@ -1,20 +0,0 @@
-render('index');
- }
-}
diff --git a/backend/modules/options/views/default/index.php b/backend/modules/options/views/default/index.php
deleted file mode 100755
index d179132..0000000
--- a/backend/modules/options/views/default/index.php
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
= $this->context->action->uniqueId ?>
-
- This is the view content for action "= $this->context->action->id ?>".
- The action belongs to the controller "= get_class($this->context) ?>"
- in the "= $this->context->module->id ?>" module.
-
-
- You may customize this page by editing the following file:
- = __FILE__ ?>
-
-
diff --git a/backend/modules/project/controllers/ProjectController.php b/backend/modules/project/controllers/ProjectController.php
index b19086c..99d1593 100755
--- a/backend/modules/project/controllers/ProjectController.php
+++ b/backend/modules/project/controllers/ProjectController.php
@@ -33,14 +33,8 @@ class ProjectController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/project/controllers/ProjectUserController.php b/backend/modules/project/controllers/ProjectUserController.php
index 7e5457c..0e60acd 100644
--- a/backend/modules/project/controllers/ProjectUserController.php
+++ b/backend/modules/project/controllers/ProjectUserController.php
@@ -24,6 +24,9 @@ class ProjectUserController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/questionnaire/controllers/AnswerController.php b/backend/modules/questionnaire/controllers/AnswerController.php
index da3f20c..4d72b43 100644
--- a/backend/modules/questionnaire/controllers/AnswerController.php
+++ b/backend/modules/questionnaire/controllers/AnswerController.php
@@ -23,6 +23,9 @@ class AnswerController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/questionnaire/controllers/DefaultController.php b/backend/modules/questionnaire/controllers/DefaultController.php
deleted file mode 100644
index 125ef17..0000000
--- a/backend/modules/questionnaire/controllers/DefaultController.php
+++ /dev/null
@@ -1,20 +0,0 @@
-render('index');
- }
-}
diff --git a/backend/modules/questionnaire/controllers/QuestionController.php b/backend/modules/questionnaire/controllers/QuestionController.php
index 695d911..5dd7622 100644
--- a/backend/modules/questionnaire/controllers/QuestionController.php
+++ b/backend/modules/questionnaire/controllers/QuestionController.php
@@ -22,6 +22,9 @@ class QuestionController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/questionnaire/controllers/QuestionTypeController.php b/backend/modules/questionnaire/controllers/QuestionTypeController.php
index 6049987..7468124 100644
--- a/backend/modules/questionnaire/controllers/QuestionTypeController.php
+++ b/backend/modules/questionnaire/controllers/QuestionTypeController.php
@@ -22,6 +22,9 @@ class QuestionTypeController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/questionnaire/controllers/QuestionnaireCategoryController.php b/backend/modules/questionnaire/controllers/QuestionnaireCategoryController.php
index ce39afd..dc39eb7 100644
--- a/backend/modules/questionnaire/controllers/QuestionnaireCategoryController.php
+++ b/backend/modules/questionnaire/controllers/QuestionnaireCategoryController.php
@@ -22,6 +22,9 @@ class QuestionnaireCategoryController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/questionnaire/controllers/QuestionnaireController.php b/backend/modules/questionnaire/controllers/QuestionnaireController.php
index bcafcc0..840778d 100644
--- a/backend/modules/questionnaire/controllers/QuestionnaireController.php
+++ b/backend/modules/questionnaire/controllers/QuestionnaireController.php
@@ -23,6 +23,9 @@ class QuestionnaireController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/questionnaire/controllers/UserQuestionnaireController.php b/backend/modules/questionnaire/controllers/UserQuestionnaireController.php
index ee451c3..a0ec50a 100644
--- a/backend/modules/questionnaire/controllers/UserQuestionnaireController.php
+++ b/backend/modules/questionnaire/controllers/UserQuestionnaireController.php
@@ -26,6 +26,9 @@ class UserQuestionnaireController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/questionnaire/controllers/UserResponseController.php b/backend/modules/questionnaire/controllers/UserResponseController.php
index 93f3387..ea4cc1b 100644
--- a/backend/modules/questionnaire/controllers/UserResponseController.php
+++ b/backend/modules/questionnaire/controllers/UserResponseController.php
@@ -23,6 +23,9 @@ class UserResponseController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/questionnaire/views/default/index.php b/backend/modules/questionnaire/views/default/index.php
deleted file mode 100644
index 106676d..0000000
--- a/backend/modules/questionnaire/views/default/index.php
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
= $this->context->action->uniqueId ?>
-
- This is the view content for action "= $this->context->action->id ?>".
- The action belongs to the controller "= get_class($this->context) ?>"
- in the "= $this->context->module->id ?>" module.
-
-
- You may customize this page by editing the following file:
- = __FILE__ ?>
-
-
diff --git a/backend/modules/settings/controllers/AdditionalFieldsController.php b/backend/modules/settings/controllers/AdditionalFieldsController.php
index 526880e..0ad7fce 100755
--- a/backend/modules/settings/controllers/AdditionalFieldsController.php
+++ b/backend/modules/settings/controllers/AdditionalFieldsController.php
@@ -30,14 +30,8 @@ class AdditionalFieldsController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/settings/controllers/PositionController.php b/backend/modules/settings/controllers/PositionController.php
index c1093f6..2902506 100755
--- a/backend/modules/settings/controllers/PositionController.php
+++ b/backend/modules/settings/controllers/PositionController.php
@@ -27,14 +27,8 @@ class PositionController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/settings/controllers/SkillController.php b/backend/modules/settings/controllers/SkillController.php
index 75ddc2c..e725cf2 100755
--- a/backend/modules/settings/controllers/SkillController.php
+++ b/backend/modules/settings/controllers/SkillController.php
@@ -30,15 +30,18 @@ class SkillController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin', 'profileEditor'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
+// 'access' => [
+// 'class' => AccessControl::className(),
+// 'rules' => [
+// [
+// 'allow' => true,
+// 'roles' => ['admin', 'profileEditor'],
+// ],
+// ],
+// ],
];
}
diff --git a/backend/modules/settings/controllers/StatusController.php b/backend/modules/settings/controllers/StatusController.php
index f184091..c700afc 100755
--- a/backend/modules/settings/controllers/StatusController.php
+++ b/backend/modules/settings/controllers/StatusController.php
@@ -29,14 +29,8 @@ class StatusController extends Controller
'delete' => ['POST'],
],
],
- 'access' => [
- 'class' => AccessControl::className(),
- 'rules' => [
- [
- 'allow' => true,
- 'roles' => ['admin'],
- ],
- ],
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
],
];
}
diff --git a/backend/modules/task/controllers/DefaultController.php b/backend/modules/task/controllers/DefaultController.php
deleted file mode 100644
index 35ee099..0000000
--- a/backend/modules/task/controllers/DefaultController.php
+++ /dev/null
@@ -1,20 +0,0 @@
-render('index');
- }
-}
diff --git a/backend/modules/task/controllers/TaskController.php b/backend/modules/task/controllers/TaskController.php
index 112d178..6629f55 100644
--- a/backend/modules/task/controllers/TaskController.php
+++ b/backend/modules/task/controllers/TaskController.php
@@ -24,6 +24,9 @@ class TaskController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/task/controllers/TaskUserController.php b/backend/modules/task/controllers/TaskUserController.php
index 975a9a1..7ee8865 100644
--- a/backend/modules/task/controllers/TaskUserController.php
+++ b/backend/modules/task/controllers/TaskUserController.php
@@ -24,6 +24,9 @@ class TaskUserController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/modules/task/views/default/index.php b/backend/modules/task/views/default/index.php
deleted file mode 100644
index d8e5c97..0000000
--- a/backend/modules/task/views/default/index.php
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
= $this->context->action->uniqueId ?>
-
- This is the view content for action "= $this->context->action->id ?>".
- The action belongs to the controller "= get_class($this->context) ?>"
- in the "= $this->context->module->id ?>" module.
-
-
- You may customize this page by editing the following file:
- = __FILE__ ?>
-
-
diff --git a/backend/modules/test/controllers/TestTaskController.php b/backend/modules/test/controllers/TestTaskController.php
index b822473..12c2096 100644
--- a/backend/modules/test/controllers/TestTaskController.php
+++ b/backend/modules/test/controllers/TestTaskController.php
@@ -20,6 +20,9 @@ class TestTaskController extends Controller
public function behaviors()
{
return [
+ 'as AccessBehavior' => [
+ 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(),
+ ],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
diff --git a/backend/views/layouts/left.php b/backend/views/layouts/left.php
index 3ea52dc..bf973f5 100755
--- a/backend/views/layouts/left.php
+++ b/backend/views/layouts/left.php
@@ -27,27 +27,27 @@
[
'label' => 'Настройки', 'icon' => 'gears', 'url' => '#',
'items' => [
- ['label' => 'Статусы', 'icon' => 'anchor', 'url' => ['/settings/status'], 'active' => \Yii::$app->controller->id == 'status'],
- ['label' => 'Доп. поля', 'icon' => 'file-text-o', 'url' => ['/settings/additional-fields'], 'active' => \Yii::$app->controller->id == 'additional-fields'],
- ['label' => 'Должность', 'icon' => 'spotify', 'url' => ['/settings/position'], 'active' => \Yii::$app->controller->id == 'position'],
- ['label' => 'Навыки', 'icon' => 'flask', 'url' => ['/settings/skill'], 'active' => \Yii::$app->controller->id == 'skill'],
- ['label' => 'Шаблоны резюме', 'icon' => 'address-card ', 'url' => ['/card/resume-template'], 'active' => \Yii::$app->controller->id == 'resume-template'],
- ['label' => 'Шаблоны документов', 'icon' => 'file', 'url' => ['/document/document-template'], 'active' => \Yii::$app->controller->id == 'document-template'],
- ['label' => 'Поля документов', 'icon' => 'file-text', 'url' => ['/document/document-field'], 'active' => \Yii::$app->controller->id == 'document-field'],
+ ['label' => 'Статусы', 'icon' => 'anchor', 'url' => ['/settings/status'], 'active' => \Yii::$app->controller->id == 'status', 'visible' => Yii::$app->user->can('settings')],
+ ['label' => 'Доп. поля', 'icon' => 'file-text-o', 'url' => ['/settings/additional-fields'], 'active' => \Yii::$app->controller->id == 'additional-fields', 'visible' => Yii::$app->user->can('settings')],
+ ['label' => 'Должность', 'icon' => 'spotify', 'url' => ['/settings/position'], 'active' => \Yii::$app->controller->id == 'position', 'visible' => Yii::$app->user->can('settings')],
+ ['label' => 'Навыки', 'icon' => 'flask', 'url' => ['/settings/skill'], 'active' => \Yii::$app->controller->id == 'skill', 'visible' => Yii::$app->user->can('settings/skill')],
+ ['label' => 'Шаблоны резюме', 'icon' => 'address-card ', 'url' => ['/card/resume-template'], 'active' => \Yii::$app->controller->id == 'resume-template', 'visible' => Yii::$app->user->can('card')],
+ ['label' => 'Шаблоны документов', 'icon' => 'file', 'url' => ['/document/document-template'], 'active' => \Yii::$app->controller->id == 'document-template', 'visible' => Yii::$app->user->can('document')],
+ ['label' => 'Поля документов', 'icon' => 'file-text', 'url' => ['/document/document-field'], 'active' => \Yii::$app->controller->id == 'document-field', 'visible' => Yii::$app->user->can('document')],
[
'label' => 'Роли', 'icon' => 'users', 'url' => '#',
'items' => [
['label' => 'Управление ролями', 'icon' => ' fa-sort-amount-asc', 'url' => ['/permit/access/role'], 'active' => \Yii::$app->controller->id == 'access'],
['label' => 'Правила доступа', 'icon' => 'list-alt', 'url' => ['/permit/access/permission'], 'active' => \Yii::$app->controller->id == 'access'],
- ]
+ ],
+ 'visible' => Yii::$app->user->can('confidential_information')
]
],
- 'visible' => Yii::$app->user->can('confidential_information')
],
[
'label' => 'Профили', 'icon' => 'address-book-o', 'url' => '#',
'items' => $menuItems,
- 'visible' => Yii::$app->user->can('confidential_information')
+ 'visible' => Yii::$app->user->can('card')
],
[
'label' => 'Сотрудники', 'icon' => 'users', 'url' => '#',
@@ -55,13 +55,13 @@
['label' => 'Менеджеры', 'icon' => 'user-circle-o', 'url' => ['/employee/manager'], 'active' => \Yii::$app->controller->id == 'manager'],
['label' => 'Работники', 'icon' => 'user', 'url' => ['/employee/manager-employee'], 'active' => \Yii::$app->controller->id == 'manager-employee'],
],
- 'visible' => Yii::$app->user->can('confidential_information')
+ 'visible' => Yii::$app->user->can('employee')
],
- ['label' => 'Документы', 'icon' => 'archive', 'url' => ['/document/document'], 'active' => \Yii::$app->controller->id == 'document', 'visible' => Yii::$app->user->can('confidential_information')],
+ ['label' => 'Документы', 'icon' => 'archive', 'url' => ['/document/document'], 'active' => \Yii::$app->controller->id == 'document', 'visible' => Yii::$app->user->can('document')],
[
'label' => 'Проекты', 'icon' => 'cubes', 'url' => ['#'],
'items' => $projectItems,
- 'visible' => Yii::$app->user->can('confidential_information')
+ 'visible' => Yii::$app->user->can('project')
],
[
'label' => 'Задачи', 'icon' => 'tasks', 'url' => '#',
@@ -69,7 +69,7 @@
['label' => 'Задачи', 'icon' => 'minus', 'url' => ['/task/task'], 'active' => \Yii::$app->controller->id == 'task'],
['label' => 'Исполнители задачи', 'icon' => 'users', 'url' => ['/task/task-user'], 'active' => \Yii::$app->controller->id == 'task-user'],
],
- 'visible' => Yii::$app->user->can('confidential_information')
+ 'visible' => Yii::$app->user->can('task')
],
[
'label' => 'Компании', 'icon' => 'building', 'url' => '#',
@@ -77,7 +77,7 @@
['label' => 'Компании', 'icon' => 'building-o', 'url' => ['/company/company'], 'active' => \Yii::$app->controller->id == 'company'],
['label' => 'Менеджеры компаний', 'icon' => 'user-circle-o', 'url' => ['/company/company-manager'], 'active' => \Yii::$app->controller->id == 'company-manager'],
],
- 'visible' => Yii::$app->user->can('confidential_information')
+ 'visible' => Yii::$app->user->can('company')
],
[
'label' => 'Hh.ru', 'icon' => 'user-circle', 'url' => '#',
@@ -85,22 +85,22 @@
['label' => 'Компании', 'icon' => 'building', 'url' => ['/hh/hh'], 'active' => \Yii::$app->controller->id == 'hh'],
['label' => 'Вакансии', 'icon' => 'user-md', 'url' => ['/hh/hh-job'], 'active' => \Yii::$app->controller->id == 'hh-job'],
],
- 'visible' => Yii::$app->user->can('confidential_information')
+ 'visible' => Yii::$app->user->can('hh')
],
- ['label' => 'Баланс', 'icon' => 'dollar', 'url' => ['/balance/balance'], 'active' => \Yii::$app->controller->id == 'balance', 'visible' => Yii::$app->user->can('confidential_information')],
- ['label' => 'Отпуска', 'icon' => 'plane', 'url' => ['/holiday/holiday'], 'active' => \Yii::$app->controller->id == 'holiday', 'visible' => Yii::$app->user->can('confidential_information')],
- ['label' => 'Достижения', 'icon' => 'trophy', 'url' => ['/achievements/achievements'], 'active' => \Yii::$app->controller->id == 'achievements', 'visible' => Yii::$app->user->can('confidential_information')],
- ['label' => 'Доступы', 'icon' => 'key', 'url' => ['/accesses/accesses'], 'active' => \Yii::$app->controller->id == 'accesses', 'visible' => Yii::$app->user->can('confidential_information')],
- ['label' => 'Заметки', 'icon' => 'sticky-note', 'url' => ['/notes/notes'], 'active' => \Yii::$app->controller->id == 'notes', 'visible' => Yii::$app->user->can('confidential_information')],
- ['label' => 'Календарь ДР', 'icon' => 'calendar-check-o', 'url' => ['/calendar/calendar'], 'active' => \Yii::$app->controller->id == 'calendar', 'visible' => Yii::$app->user->can('confidential_information')],
- ['label' => 'Отчеты', 'icon' => 'calendar', 'url' => ['/reports/reports'], 'active' => \Yii::$app->controller->id == 'reports', ], // 'visible' => Yii::$app->user->can('confidential_information')
- ['label' => 'Опции', 'icon' => 'list-alt', 'url' => ['/options/options'], 'active' => \Yii::$app->controller->id == 'options', 'visible' => Yii::$app->user->can('confidential_information')],
+ ['label' => 'Баланс', 'icon' => 'dollar', 'url' => ['/balance/balance'], 'active' => \Yii::$app->controller->id == 'balance', 'visible' => Yii::$app->user->can('balance')],
+ ['label' => 'Отпуска', 'icon' => 'plane', 'url' => ['/holiday/holiday'], 'active' => \Yii::$app->controller->id == 'holiday', 'visible' => Yii::$app->user->can('holiday')],
+ ['label' => 'Достижения', 'icon' => 'trophy', 'url' => ['/achievements/achievements'], 'active' => \Yii::$app->controller->id == 'achievements', 'visible' => Yii::$app->user->can('achievements')],
+ ['label' => 'Доступы', 'icon' => 'key', 'url' => ['/accesses/accesses'], 'active' => \Yii::$app->controller->id == 'accesses', 'visible' => Yii::$app->user->can('accesses')],
+ ['label' => 'Заметки', 'icon' => 'sticky-note', 'url' => ['/notes/notes'], 'active' => \Yii::$app->controller->id == 'notes', 'visible' => Yii::$app->user->can('notes')],
+ ['label' => 'Календарь ДР', 'icon' => 'calendar-check-o', 'url' => ['/calendar/calendar'], 'active' => \Yii::$app->controller->id == 'calendar', 'visible' => Yii::$app->user->can('calendar')],
+ ['label' => 'Отчеты', 'icon' => 'calendar', 'url' => ['/reports/reports'], 'active' => \Yii::$app->controller->id == 'reports', 'visible' => Yii::$app->user->can('reports')],
+ ['label' => 'Опции', 'icon' => 'list-alt', 'url' => ['/options/options'], 'active' => \Yii::$app->controller->id == 'options', 'visible' => Yii::$app->user->can('options')],
[
'label' => 'Запрос интервью (' . \common\models\InterviewRequest::getNewCount() . ')',
'icon' => 'list-alt',
'url' => ['/interview/interview'],
'active' => \Yii::$app->controller->id == 'interview',
- 'visible' => Yii::$app->user->can('confidential_information'),
+ 'visible' => Yii::$app->user->can('interview'),
'badge' => '4'
],
[
@@ -114,9 +114,9 @@
['label' => 'Анкеты пользователей', 'icon' => 'drivers-license', 'url' => ['/questionnaire/user-questionnaire'], 'active' => \Yii::$app->controller->id == 'user-questionnaire'],
['label' => 'Ответы пользователей', 'icon' => 'comments', 'url' => ['/questionnaire/user-response'], 'active' => \Yii::$app->controller->id == 'user-response'],
],
- 'visible' => Yii::$app->user->can('confidential_information')
+ 'visible' => Yii::$app->user->can('questionnaire')
],
- ['label' => 'Тестовые задания', 'icon' => 'file-text-o', 'url' => ['/test/test-task'], 'active' => \Yii::$app->controller->id == 'options', 'visible' => Yii::$app->user->can('confidential_information')],
+ ['label' => 'Тестовые задания', 'icon' => 'file-text-o', 'url' => ['/test/test-task'], 'active' => \Yii::$app->controller->id == 'options', 'visible' => Yii::$app->user->can('test')],
/*['label' => 'Gii', 'icon' => 'file-code-o', 'url' => ['/gii']],
diff --git a/console/controllers/RbacController.php b/console/controllers/RbacController.php
index dd01012..33d84e1 100755
--- a/console/controllers/RbacController.php
+++ b/console/controllers/RbacController.php
@@ -85,4 +85,113 @@ class RbacController extends Controller
return $user;
}
+
+ public function actionCreateDefaultAccessRules()
+ {
+ $auth = Yii::$app->authManager;
+ $admin = $auth->getRole('admin');
+ $profileEditor = $auth->getRole('profileEditor');
+
+ $test = $auth->createPermission('test');
+ $test->description = 'Модуль "Тестовые задания"';
+ $auth->add($test);
+ $auth->addChild($admin, $test);
+
+ $questionnaire = $auth->createPermission('questionnaire');
+ $questionnaire->description = 'Модуль "Анкеты": Создание, редактирование анкет, категорий анкет, вопросов, проверка ответов пользователей';
+ $auth->add($questionnaire);
+ $auth->addChild($admin, $questionnaire);
+
+ $interview = $auth->createPermission('interview');
+ $interview->description = 'Модуль "Запрос интервью"';
+ $auth->add($interview);
+ $auth->addChild($admin, $interview);
+
+ $options = $auth->createPermission('options');
+ $options->description = 'Модуль "Опции"';
+ $auth->add($options);
+ $auth->addChild($admin, $options);
+
+ $reports = $auth->createPermission('reports');
+ $reports->description = 'Модуль "Отчёты"';
+ $auth->add($reports);
+ $auth->addChild($admin, $reports);
+
+ $calendar = $auth->createPermission('calendar');
+ $calendar->description = 'Модуль "Календарь ДР"';
+ $auth->add($calendar);
+ $auth->addChild($admin, $calendar);
+
+ $notes = $auth->createPermission('notes');
+ $notes->description = 'Модуль "Заметки"';
+ $auth->add($notes);
+ $auth->addChild($admin, $notes);
+
+ $accesses = $auth->createPermission('accesses');
+ $accesses->description = 'Модуль "Доступы"';
+ $auth->add($accesses);
+ $auth->addChild($admin, $accesses);
+
+ $achievements = $auth->createPermission('achievements');
+ $achievements->description = 'Модуль "Достижения"';
+ $auth->add($achievements);
+ $auth->addChild($admin, $achievements);
+
+ $holiday = $auth->createPermission('holiday');
+ $holiday->description = 'Модуль "Отпуска"';
+ $auth->add($holiday);
+ $auth->addChild($admin, $holiday);
+
+ $balance = $auth->createPermission('balance');
+ $balance->description = 'Модуль "Баланс"';
+ $auth->add($balance);
+ $auth->addChild($admin, $balance);
+
+ $hh = $auth->createPermission('hh');
+ $hh->description = 'Модуль "Hh.ru"';
+ $auth->add($hh);
+ $auth->addChild($admin, $hh);
+
+ $company = $auth->createPermission('company');
+ $company->description = 'Модуль "Компании"';
+ $auth->add($company);
+ $auth->addChild($admin, $company);
+
+ $task = $auth->createPermission('task');
+ $task->description = 'Модуль "Задачи"';
+ $auth->add($task);
+ $auth->addChild($admin, $task);
+
+ $project = $auth->createPermission('project');
+ $project->description = 'Модуль "Проекты"';
+ $auth->add($project);
+ $auth->addChild($admin, $project);
+
+ $documents = $auth->createPermission('document');
+ $documents->description = 'Модуль "Документы": Создание, редактирование документов, их полей и шаблонов';
+ $auth->add($documents);
+ $auth->addChild($admin, $documents);
+
+ $employee = $auth->createPermission('employee');
+ $employee->description = 'Модуль "Сотрудники"';
+ $auth->add($employee);
+ $auth->addChild($admin, $employee);
+
+ $card = $auth->createPermission('card');
+ $card->description = 'Модуль "Профили"';
+ $auth->add($card);
+ $auth->addChild($admin, $card);
+ $auth->addChild($profileEditor, $card);
+
+ $settings = $auth->createPermission('settings');
+ $settings->description = 'Модуль "Настройки"';
+ $auth->add($settings);
+ $auth->addChild($admin, $settings);
+
+ $skills = $auth->createPermission('settings/skill');
+ $skills->description = 'Навыки';
+ $auth->add($skills);
+ $auth->addChild($admin, $skills);
+ $auth->addChild($profileEditor, $skills);
+ }
}
\ No newline at end of file