From 320c1de8ae879b5abfbbbed98fb83f9f4e6cf032 Mon Sep 17 00:00:00 2001 From: iIronside Date: Wed, 28 Dec 2022 11:45:57 +0300 Subject: [PATCH] configure accesses rule --- README.md | 4 +- .../controllers/AccessesController.php | 10 +- .../controllers/DefaultController.php | 20 ---- .../modules/accesses/views/default/index.php | 12 -- .../controllers/AchievementsController.php | 10 +- .../balance/controllers/BalanceController.php | 10 +- .../controllers/CalendarController.php | 10 +- .../controllers/ResumeTemplateController.php | 3 + .../card/controllers/UserCardController.php | 10 +- .../company/controllers/CompanyController.php | 10 +- .../controllers/CompanyManagerController.php | 4 +- .../controllers/DocumentController.php | 3 + .../controllers/DocumentFieldController.php | 3 + .../DocumentFieldValueController.php | 3 + .../DocumentTemplateController.php | 3 + .../controllers/DefaultController.php | 20 ---- .../controllers/ManagerController.php | 3 + .../controllers/ManagerEmployeeController.php | 3 + .../hh/controllers/DefaultController.php | 20 ---- .../modules/hh/controllers/HhController.php | 10 +- .../hh/controllers/HhJobController.php | 10 +- backend/modules/hh/views/default/index.php | 12 -- .../holiday/controllers/HolidayController.php | 10 +- .../controllers/DefaultController.php | 20 ---- .../modules/interview/views/default/index.php | 12 -- .../notes/controllers/NotesController.php | 10 +- backend/modules/notes/models/Note.php | 2 +- .../options/controllers/DefaultController.php | 20 ---- .../modules/options/views/default/index.php | 12 -- .../project/controllers/ProjectController.php | 10 +- .../controllers/ProjectUserController.php | 3 + .../controllers/AnswerController.php | 3 + .../controllers/DefaultController.php | 20 ---- .../controllers/QuestionController.php | 3 + .../controllers/QuestionTypeController.php | 3 + .../QuestionnaireCategoryController.php | 3 + .../controllers/QuestionnaireController.php | 3 + .../UserQuestionnaireController.php | 3 + .../controllers/UserResponseController.php | 3 + .../questionnaire/views/default/index.php | 12 -- .../AdditionalFieldsController.php | 10 +- .../controllers/PositionController.php | 10 +- .../settings/controllers/SkillController.php | 19 +-- .../settings/controllers/StatusController.php | 10 +- .../task/controllers/DefaultController.php | 20 ---- .../task/controllers/TaskController.php | 3 + .../task/controllers/TaskUserController.php | 3 + backend/modules/task/views/default/index.php | 12 -- .../test/controllers/TestTaskController.php | 3 + backend/views/layouts/left.php | 54 ++++----- console/controllers/RbacController.php | 109 ++++++++++++++++++ 51 files changed, 236 insertions(+), 362 deletions(-) delete mode 100755 backend/modules/accesses/controllers/DefaultController.php delete mode 100755 backend/modules/accesses/views/default/index.php delete mode 100644 backend/modules/employee/controllers/DefaultController.php delete mode 100755 backend/modules/hh/controllers/DefaultController.php delete mode 100755 backend/modules/hh/views/default/index.php delete mode 100755 backend/modules/interview/controllers/DefaultController.php delete mode 100755 backend/modules/interview/views/default/index.php delete mode 100755 backend/modules/options/controllers/DefaultController.php delete mode 100755 backend/modules/options/views/default/index.php delete mode 100644 backend/modules/questionnaire/controllers/DefaultController.php delete mode 100644 backend/modules/questionnaire/views/default/index.php delete mode 100644 backend/modules/task/controllers/DefaultController.php delete mode 100644 backend/modules/task/views/default/index.php diff --git a/README.md b/README.md index a3cba05..394e692 100755 --- a/README.md +++ b/README.md @@ -43,5 +43,7 @@ environments/ contains environment-based overrides php yii migrate --migrationPath=@yii/rbac/migrations
и выполнить консольный скрипт
php yii rbac/init
- php yii rbac/create-company-manager-role + php yii rbac/create-editor
+ php yii rbac/create-company-manager-role
+ php yii rbac/create-default-access-rules

\ No newline at end of file diff --git a/backend/modules/accesses/controllers/AccessesController.php b/backend/modules/accesses/controllers/AccessesController.php index 9f8b4a9..3a4e7b9 100755 --- a/backend/modules/accesses/controllers/AccessesController.php +++ b/backend/modules/accesses/controllers/AccessesController.php @@ -33,14 +33,8 @@ class AccessesController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/accesses/controllers/DefaultController.php b/backend/modules/accesses/controllers/DefaultController.php deleted file mode 100755 index b09d36f..0000000 --- a/backend/modules/accesses/controllers/DefaultController.php +++ /dev/null @@ -1,20 +0,0 @@ -render('index'); - } -} diff --git a/backend/modules/accesses/views/default/index.php b/backend/modules/accesses/views/default/index.php deleted file mode 100755 index 48a44ff..0000000 --- a/backend/modules/accesses/views/default/index.php +++ /dev/null @@ -1,12 +0,0 @@ -
-

context->action->uniqueId ?>

-

- This is the view content for action "context->action->id ?>". - The action belongs to the controller "context) ?>" - in the "context->module->id ?>" module. -

-

- You may customize this page by editing the following file:
- -

-
diff --git a/backend/modules/achievements/controllers/AchievementsController.php b/backend/modules/achievements/controllers/AchievementsController.php index 7ecff3e..a1758d1 100755 --- a/backend/modules/achievements/controllers/AchievementsController.php +++ b/backend/modules/achievements/controllers/AchievementsController.php @@ -30,14 +30,8 @@ class AchievementsController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/balance/controllers/BalanceController.php b/backend/modules/balance/controllers/BalanceController.php index f0f04d0..d787d46 100755 --- a/backend/modules/balance/controllers/BalanceController.php +++ b/backend/modules/balance/controllers/BalanceController.php @@ -30,14 +30,8 @@ class BalanceController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/calendar/controllers/CalendarController.php b/backend/modules/calendar/controllers/CalendarController.php index eac83ea..90f5a47 100755 --- a/backend/modules/calendar/controllers/CalendarController.php +++ b/backend/modules/calendar/controllers/CalendarController.php @@ -26,14 +26,8 @@ class CalendarController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/card/controllers/ResumeTemplateController.php b/backend/modules/card/controllers/ResumeTemplateController.php index 7e1ebbb..2d18094 100644 --- a/backend/modules/card/controllers/ResumeTemplateController.php +++ b/backend/modules/card/controllers/ResumeTemplateController.php @@ -21,6 +21,9 @@ class ResumeTemplateController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/card/controllers/UserCardController.php b/backend/modules/card/controllers/UserCardController.php index 10da2a8..d81acfb 100755 --- a/backend/modules/card/controllers/UserCardController.php +++ b/backend/modules/card/controllers/UserCardController.php @@ -36,14 +36,8 @@ class UserCardController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin', 'profileEditor'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/company/controllers/CompanyController.php b/backend/modules/company/controllers/CompanyController.php index 9b56a05..790a9ac 100755 --- a/backend/modules/company/controllers/CompanyController.php +++ b/backend/modules/company/controllers/CompanyController.php @@ -29,14 +29,8 @@ class CompanyController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], 'log' => [ 'class' => \common\behaviors\LogBehavior::class, diff --git a/backend/modules/company/controllers/CompanyManagerController.php b/backend/modules/company/controllers/CompanyManagerController.php index 6d84fac..8aca470 100644 --- a/backend/modules/company/controllers/CompanyManagerController.php +++ b/backend/modules/company/controllers/CompanyManagerController.php @@ -21,6 +21,9 @@ class CompanyManagerController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ @@ -135,7 +138,6 @@ class CompanyManagerController extends Controller */ public function actionDismiss($id) { -// Debug::dd('fff'); $model = $this->findModel($id); $model->company_id = null; $model->update(false); diff --git a/backend/modules/document/controllers/DocumentController.php b/backend/modules/document/controllers/DocumentController.php index a7e9183..0f41c0c 100644 --- a/backend/modules/document/controllers/DocumentController.php +++ b/backend/modules/document/controllers/DocumentController.php @@ -25,6 +25,9 @@ class DocumentController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/document/controllers/DocumentFieldController.php b/backend/modules/document/controllers/DocumentFieldController.php index dca9519..54e6f12 100644 --- a/backend/modules/document/controllers/DocumentFieldController.php +++ b/backend/modules/document/controllers/DocumentFieldController.php @@ -20,6 +20,9 @@ class DocumentFieldController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/document/controllers/DocumentFieldValueController.php b/backend/modules/document/controllers/DocumentFieldValueController.php index 0f02980..6612bbb 100644 --- a/backend/modules/document/controllers/DocumentFieldValueController.php +++ b/backend/modules/document/controllers/DocumentFieldValueController.php @@ -23,6 +23,9 @@ class DocumentFieldValueController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/document/controllers/DocumentTemplateController.php b/backend/modules/document/controllers/DocumentTemplateController.php index 412fc07..4745db6 100644 --- a/backend/modules/document/controllers/DocumentTemplateController.php +++ b/backend/modules/document/controllers/DocumentTemplateController.php @@ -20,6 +20,9 @@ class DocumentTemplateController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/employee/controllers/DefaultController.php b/backend/modules/employee/controllers/DefaultController.php deleted file mode 100644 index e3be2d2..0000000 --- a/backend/modules/employee/controllers/DefaultController.php +++ /dev/null @@ -1,20 +0,0 @@ -render('index'); - } -} diff --git a/backend/modules/employee/controllers/ManagerController.php b/backend/modules/employee/controllers/ManagerController.php index db14476..33bee91 100644 --- a/backend/modules/employee/controllers/ManagerController.php +++ b/backend/modules/employee/controllers/ManagerController.php @@ -22,6 +22,9 @@ class ManagerController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/employee/controllers/ManagerEmployeeController.php b/backend/modules/employee/controllers/ManagerEmployeeController.php index c53d5ac..a8de30a 100644 --- a/backend/modules/employee/controllers/ManagerEmployeeController.php +++ b/backend/modules/employee/controllers/ManagerEmployeeController.php @@ -21,6 +21,9 @@ class ManagerEmployeeController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/hh/controllers/DefaultController.php b/backend/modules/hh/controllers/DefaultController.php deleted file mode 100755 index 40e9b0c..0000000 --- a/backend/modules/hh/controllers/DefaultController.php +++ /dev/null @@ -1,20 +0,0 @@ -render('index'); - } -} diff --git a/backend/modules/hh/controllers/HhController.php b/backend/modules/hh/controllers/HhController.php index e3d90fb..f443567 100755 --- a/backend/modules/hh/controllers/HhController.php +++ b/backend/modules/hh/controllers/HhController.php @@ -31,14 +31,8 @@ class HhController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/hh/controllers/HhJobController.php b/backend/modules/hh/controllers/HhJobController.php index 92d065d..c83686f 100755 --- a/backend/modules/hh/controllers/HhJobController.php +++ b/backend/modules/hh/controllers/HhJobController.php @@ -29,14 +29,8 @@ class HhJobController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/hh/views/default/index.php b/backend/modules/hh/views/default/index.php deleted file mode 100755 index ba855d9..0000000 --- a/backend/modules/hh/views/default/index.php +++ /dev/null @@ -1,12 +0,0 @@ -
-

context->action->uniqueId ?>

-

- This is the view content for action "context->action->id ?>". - The action belongs to the controller "context) ?>" - in the "context->module->id ?>" module. -

-

- You may customize this page by editing the following file:
- -

-
diff --git a/backend/modules/holiday/controllers/HolidayController.php b/backend/modules/holiday/controllers/HolidayController.php index 7b4cc58..560a6bf 100755 --- a/backend/modules/holiday/controllers/HolidayController.php +++ b/backend/modules/holiday/controllers/HolidayController.php @@ -27,14 +27,8 @@ class HolidayController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/interview/controllers/DefaultController.php b/backend/modules/interview/controllers/DefaultController.php deleted file mode 100755 index f49436c..0000000 --- a/backend/modules/interview/controllers/DefaultController.php +++ /dev/null @@ -1,20 +0,0 @@ -render('index'); - } -} diff --git a/backend/modules/interview/views/default/index.php b/backend/modules/interview/views/default/index.php deleted file mode 100755 index b4b5646..0000000 --- a/backend/modules/interview/views/default/index.php +++ /dev/null @@ -1,12 +0,0 @@ -
-

context->action->uniqueId ?>

-

- This is the view content for action "context->action->id ?>". - The action belongs to the controller "context) ?>" - in the "context->module->id ?>" module. -

-

- You may customize this page by editing the following file:
- -

-
diff --git a/backend/modules/notes/controllers/NotesController.php b/backend/modules/notes/controllers/NotesController.php index dcdaf2e..8ac282f 100755 --- a/backend/modules/notes/controllers/NotesController.php +++ b/backend/modules/notes/controllers/NotesController.php @@ -29,14 +29,8 @@ class NotesController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/notes/models/Note.php b/backend/modules/notes/models/Note.php index c8b7201..1e5ce46 100755 --- a/backend/modules/notes/models/Note.php +++ b/backend/modules/notes/models/Note.php @@ -5,7 +5,7 @@ namespace backend\modules\notes\models; use Yii; use common\models\FieldsValueNew; -class kNote extends \common\models\Note +class Note extends \common\models\Note { public $fields; diff --git a/backend/modules/options/controllers/DefaultController.php b/backend/modules/options/controllers/DefaultController.php deleted file mode 100755 index a4355ee..0000000 --- a/backend/modules/options/controllers/DefaultController.php +++ /dev/null @@ -1,20 +0,0 @@ -render('index'); - } -} diff --git a/backend/modules/options/views/default/index.php b/backend/modules/options/views/default/index.php deleted file mode 100755 index d179132..0000000 --- a/backend/modules/options/views/default/index.php +++ /dev/null @@ -1,12 +0,0 @@ -
-

context->action->uniqueId ?>

-

- This is the view content for action "context->action->id ?>". - The action belongs to the controller "context) ?>" - in the "context->module->id ?>" module. -

-

- You may customize this page by editing the following file:
- -

-
diff --git a/backend/modules/project/controllers/ProjectController.php b/backend/modules/project/controllers/ProjectController.php index b19086c..99d1593 100755 --- a/backend/modules/project/controllers/ProjectController.php +++ b/backend/modules/project/controllers/ProjectController.php @@ -33,14 +33,8 @@ class ProjectController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/project/controllers/ProjectUserController.php b/backend/modules/project/controllers/ProjectUserController.php index 7e5457c..0e60acd 100644 --- a/backend/modules/project/controllers/ProjectUserController.php +++ b/backend/modules/project/controllers/ProjectUserController.php @@ -24,6 +24,9 @@ class ProjectUserController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/questionnaire/controllers/AnswerController.php b/backend/modules/questionnaire/controllers/AnswerController.php index da3f20c..4d72b43 100644 --- a/backend/modules/questionnaire/controllers/AnswerController.php +++ b/backend/modules/questionnaire/controllers/AnswerController.php @@ -23,6 +23,9 @@ class AnswerController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/questionnaire/controllers/DefaultController.php b/backend/modules/questionnaire/controllers/DefaultController.php deleted file mode 100644 index 125ef17..0000000 --- a/backend/modules/questionnaire/controllers/DefaultController.php +++ /dev/null @@ -1,20 +0,0 @@ -render('index'); - } -} diff --git a/backend/modules/questionnaire/controllers/QuestionController.php b/backend/modules/questionnaire/controllers/QuestionController.php index 695d911..5dd7622 100644 --- a/backend/modules/questionnaire/controllers/QuestionController.php +++ b/backend/modules/questionnaire/controllers/QuestionController.php @@ -22,6 +22,9 @@ class QuestionController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/questionnaire/controllers/QuestionTypeController.php b/backend/modules/questionnaire/controllers/QuestionTypeController.php index 6049987..7468124 100644 --- a/backend/modules/questionnaire/controllers/QuestionTypeController.php +++ b/backend/modules/questionnaire/controllers/QuestionTypeController.php @@ -22,6 +22,9 @@ class QuestionTypeController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/questionnaire/controllers/QuestionnaireCategoryController.php b/backend/modules/questionnaire/controllers/QuestionnaireCategoryController.php index ce39afd..dc39eb7 100644 --- a/backend/modules/questionnaire/controllers/QuestionnaireCategoryController.php +++ b/backend/modules/questionnaire/controllers/QuestionnaireCategoryController.php @@ -22,6 +22,9 @@ class QuestionnaireCategoryController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/questionnaire/controllers/QuestionnaireController.php b/backend/modules/questionnaire/controllers/QuestionnaireController.php index bcafcc0..840778d 100644 --- a/backend/modules/questionnaire/controllers/QuestionnaireController.php +++ b/backend/modules/questionnaire/controllers/QuestionnaireController.php @@ -23,6 +23,9 @@ class QuestionnaireController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/questionnaire/controllers/UserQuestionnaireController.php b/backend/modules/questionnaire/controllers/UserQuestionnaireController.php index ee451c3..a0ec50a 100644 --- a/backend/modules/questionnaire/controllers/UserQuestionnaireController.php +++ b/backend/modules/questionnaire/controllers/UserQuestionnaireController.php @@ -26,6 +26,9 @@ class UserQuestionnaireController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/questionnaire/controllers/UserResponseController.php b/backend/modules/questionnaire/controllers/UserResponseController.php index 93f3387..ea4cc1b 100644 --- a/backend/modules/questionnaire/controllers/UserResponseController.php +++ b/backend/modules/questionnaire/controllers/UserResponseController.php @@ -23,6 +23,9 @@ class UserResponseController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/questionnaire/views/default/index.php b/backend/modules/questionnaire/views/default/index.php deleted file mode 100644 index 106676d..0000000 --- a/backend/modules/questionnaire/views/default/index.php +++ /dev/null @@ -1,12 +0,0 @@ -
-

context->action->uniqueId ?>

-

- This is the view content for action "context->action->id ?>". - The action belongs to the controller "context) ?>" - in the "context->module->id ?>" module. -

-

- You may customize this page by editing the following file:
- -

-
diff --git a/backend/modules/settings/controllers/AdditionalFieldsController.php b/backend/modules/settings/controllers/AdditionalFieldsController.php index 526880e..0ad7fce 100755 --- a/backend/modules/settings/controllers/AdditionalFieldsController.php +++ b/backend/modules/settings/controllers/AdditionalFieldsController.php @@ -30,14 +30,8 @@ class AdditionalFieldsController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/settings/controllers/PositionController.php b/backend/modules/settings/controllers/PositionController.php index c1093f6..2902506 100755 --- a/backend/modules/settings/controllers/PositionController.php +++ b/backend/modules/settings/controllers/PositionController.php @@ -27,14 +27,8 @@ class PositionController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/settings/controllers/SkillController.php b/backend/modules/settings/controllers/SkillController.php index 75ddc2c..e725cf2 100755 --- a/backend/modules/settings/controllers/SkillController.php +++ b/backend/modules/settings/controllers/SkillController.php @@ -30,15 +30,18 @@ class SkillController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin', 'profileEditor'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], +// 'access' => [ +// 'class' => AccessControl::className(), +// 'rules' => [ +// [ +// 'allow' => true, +// 'roles' => ['admin', 'profileEditor'], +// ], +// ], +// ], ]; } diff --git a/backend/modules/settings/controllers/StatusController.php b/backend/modules/settings/controllers/StatusController.php index f184091..c700afc 100755 --- a/backend/modules/settings/controllers/StatusController.php +++ b/backend/modules/settings/controllers/StatusController.php @@ -29,14 +29,8 @@ class StatusController extends Controller 'delete' => ['POST'], ], ], - 'access' => [ - 'class' => AccessControl::className(), - 'rules' => [ - [ - 'allow' => true, - 'roles' => ['admin'], - ], - ], + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), ], ]; } diff --git a/backend/modules/task/controllers/DefaultController.php b/backend/modules/task/controllers/DefaultController.php deleted file mode 100644 index 35ee099..0000000 --- a/backend/modules/task/controllers/DefaultController.php +++ /dev/null @@ -1,20 +0,0 @@ -render('index'); - } -} diff --git a/backend/modules/task/controllers/TaskController.php b/backend/modules/task/controllers/TaskController.php index 112d178..6629f55 100644 --- a/backend/modules/task/controllers/TaskController.php +++ b/backend/modules/task/controllers/TaskController.php @@ -24,6 +24,9 @@ class TaskController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/task/controllers/TaskUserController.php b/backend/modules/task/controllers/TaskUserController.php index 975a9a1..7ee8865 100644 --- a/backend/modules/task/controllers/TaskUserController.php +++ b/backend/modules/task/controllers/TaskUserController.php @@ -24,6 +24,9 @@ class TaskUserController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/modules/task/views/default/index.php b/backend/modules/task/views/default/index.php deleted file mode 100644 index d8e5c97..0000000 --- a/backend/modules/task/views/default/index.php +++ /dev/null @@ -1,12 +0,0 @@ -
-

context->action->uniqueId ?>

-

- This is the view content for action "context->action->id ?>". - The action belongs to the controller "context) ?>" - in the "context->module->id ?>" module. -

-

- You may customize this page by editing the following file:
- -

-
diff --git a/backend/modules/test/controllers/TestTaskController.php b/backend/modules/test/controllers/TestTaskController.php index b822473..12c2096 100644 --- a/backend/modules/test/controllers/TestTaskController.php +++ b/backend/modules/test/controllers/TestTaskController.php @@ -20,6 +20,9 @@ class TestTaskController extends Controller public function behaviors() { return [ + 'as AccessBehavior' => [ + 'class' => \developeruz\db_rbac\behaviors\AccessBehavior::className(), + ], 'verbs' => [ 'class' => VerbFilter::className(), 'actions' => [ diff --git a/backend/views/layouts/left.php b/backend/views/layouts/left.php index 3ea52dc..bf973f5 100755 --- a/backend/views/layouts/left.php +++ b/backend/views/layouts/left.php @@ -27,27 +27,27 @@ [ 'label' => 'Настройки', 'icon' => 'gears', 'url' => '#', 'items' => [ - ['label' => 'Статусы', 'icon' => 'anchor', 'url' => ['/settings/status'], 'active' => \Yii::$app->controller->id == 'status'], - ['label' => 'Доп. поля', 'icon' => 'file-text-o', 'url' => ['/settings/additional-fields'], 'active' => \Yii::$app->controller->id == 'additional-fields'], - ['label' => 'Должность', 'icon' => 'spotify', 'url' => ['/settings/position'], 'active' => \Yii::$app->controller->id == 'position'], - ['label' => 'Навыки', 'icon' => 'flask', 'url' => ['/settings/skill'], 'active' => \Yii::$app->controller->id == 'skill'], - ['label' => 'Шаблоны резюме', 'icon' => 'address-card ', 'url' => ['/card/resume-template'], 'active' => \Yii::$app->controller->id == 'resume-template'], - ['label' => 'Шаблоны документов', 'icon' => 'file', 'url' => ['/document/document-template'], 'active' => \Yii::$app->controller->id == 'document-template'], - ['label' => 'Поля документов', 'icon' => 'file-text', 'url' => ['/document/document-field'], 'active' => \Yii::$app->controller->id == 'document-field'], + ['label' => 'Статусы', 'icon' => 'anchor', 'url' => ['/settings/status'], 'active' => \Yii::$app->controller->id == 'status', 'visible' => Yii::$app->user->can('settings')], + ['label' => 'Доп. поля', 'icon' => 'file-text-o', 'url' => ['/settings/additional-fields'], 'active' => \Yii::$app->controller->id == 'additional-fields', 'visible' => Yii::$app->user->can('settings')], + ['label' => 'Должность', 'icon' => 'spotify', 'url' => ['/settings/position'], 'active' => \Yii::$app->controller->id == 'position', 'visible' => Yii::$app->user->can('settings')], + ['label' => 'Навыки', 'icon' => 'flask', 'url' => ['/settings/skill'], 'active' => \Yii::$app->controller->id == 'skill', 'visible' => Yii::$app->user->can('settings/skill')], + ['label' => 'Шаблоны резюме', 'icon' => 'address-card ', 'url' => ['/card/resume-template'], 'active' => \Yii::$app->controller->id == 'resume-template', 'visible' => Yii::$app->user->can('card')], + ['label' => 'Шаблоны документов', 'icon' => 'file', 'url' => ['/document/document-template'], 'active' => \Yii::$app->controller->id == 'document-template', 'visible' => Yii::$app->user->can('document')], + ['label' => 'Поля документов', 'icon' => 'file-text', 'url' => ['/document/document-field'], 'active' => \Yii::$app->controller->id == 'document-field', 'visible' => Yii::$app->user->can('document')], [ 'label' => 'Роли', 'icon' => 'users', 'url' => '#', 'items' => [ ['label' => 'Управление ролями', 'icon' => ' fa-sort-amount-asc', 'url' => ['/permit/access/role'], 'active' => \Yii::$app->controller->id == 'access'], ['label' => 'Правила доступа', 'icon' => 'list-alt', 'url' => ['/permit/access/permission'], 'active' => \Yii::$app->controller->id == 'access'], - ] + ], + 'visible' => Yii::$app->user->can('confidential_information') ] ], - 'visible' => Yii::$app->user->can('confidential_information') ], [ 'label' => 'Профили', 'icon' => 'address-book-o', 'url' => '#', 'items' => $menuItems, - 'visible' => Yii::$app->user->can('confidential_information') + 'visible' => Yii::$app->user->can('card') ], [ 'label' => 'Сотрудники', 'icon' => 'users', 'url' => '#', @@ -55,13 +55,13 @@ ['label' => 'Менеджеры', 'icon' => 'user-circle-o', 'url' => ['/employee/manager'], 'active' => \Yii::$app->controller->id == 'manager'], ['label' => 'Работники', 'icon' => 'user', 'url' => ['/employee/manager-employee'], 'active' => \Yii::$app->controller->id == 'manager-employee'], ], - 'visible' => Yii::$app->user->can('confidential_information') + 'visible' => Yii::$app->user->can('employee') ], - ['label' => 'Документы', 'icon' => 'archive', 'url' => ['/document/document'], 'active' => \Yii::$app->controller->id == 'document', 'visible' => Yii::$app->user->can('confidential_information')], + ['label' => 'Документы', 'icon' => 'archive', 'url' => ['/document/document'], 'active' => \Yii::$app->controller->id == 'document', 'visible' => Yii::$app->user->can('document')], [ 'label' => 'Проекты', 'icon' => 'cubes', 'url' => ['#'], 'items' => $projectItems, - 'visible' => Yii::$app->user->can('confidential_information') + 'visible' => Yii::$app->user->can('project') ], [ 'label' => 'Задачи', 'icon' => 'tasks', 'url' => '#', @@ -69,7 +69,7 @@ ['label' => 'Задачи', 'icon' => 'minus', 'url' => ['/task/task'], 'active' => \Yii::$app->controller->id == 'task'], ['label' => 'Исполнители задачи', 'icon' => 'users', 'url' => ['/task/task-user'], 'active' => \Yii::$app->controller->id == 'task-user'], ], - 'visible' => Yii::$app->user->can('confidential_information') + 'visible' => Yii::$app->user->can('task') ], [ 'label' => 'Компании', 'icon' => 'building', 'url' => '#', @@ -77,7 +77,7 @@ ['label' => 'Компании', 'icon' => 'building-o', 'url' => ['/company/company'], 'active' => \Yii::$app->controller->id == 'company'], ['label' => 'Менеджеры компаний', 'icon' => 'user-circle-o', 'url' => ['/company/company-manager'], 'active' => \Yii::$app->controller->id == 'company-manager'], ], - 'visible' => Yii::$app->user->can('confidential_information') + 'visible' => Yii::$app->user->can('company') ], [ 'label' => 'Hh.ru', 'icon' => 'user-circle', 'url' => '#', @@ -85,22 +85,22 @@ ['label' => 'Компании', 'icon' => 'building', 'url' => ['/hh/hh'], 'active' => \Yii::$app->controller->id == 'hh'], ['label' => 'Вакансии', 'icon' => 'user-md', 'url' => ['/hh/hh-job'], 'active' => \Yii::$app->controller->id == 'hh-job'], ], - 'visible' => Yii::$app->user->can('confidential_information') + 'visible' => Yii::$app->user->can('hh') ], - ['label' => 'Баланс', 'icon' => 'dollar', 'url' => ['/balance/balance'], 'active' => \Yii::$app->controller->id == 'balance', 'visible' => Yii::$app->user->can('confidential_information')], - ['label' => 'Отпуска', 'icon' => 'plane', 'url' => ['/holiday/holiday'], 'active' => \Yii::$app->controller->id == 'holiday', 'visible' => Yii::$app->user->can('confidential_information')], - ['label' => 'Достижения', 'icon' => 'trophy', 'url' => ['/achievements/achievements'], 'active' => \Yii::$app->controller->id == 'achievements', 'visible' => Yii::$app->user->can('confidential_information')], - ['label' => 'Доступы', 'icon' => 'key', 'url' => ['/accesses/accesses'], 'active' => \Yii::$app->controller->id == 'accesses', 'visible' => Yii::$app->user->can('confidential_information')], - ['label' => 'Заметки', 'icon' => 'sticky-note', 'url' => ['/notes/notes'], 'active' => \Yii::$app->controller->id == 'notes', 'visible' => Yii::$app->user->can('confidential_information')], - ['label' => 'Календарь ДР', 'icon' => 'calendar-check-o', 'url' => ['/calendar/calendar'], 'active' => \Yii::$app->controller->id == 'calendar', 'visible' => Yii::$app->user->can('confidential_information')], - ['label' => 'Отчеты', 'icon' => 'calendar', 'url' => ['/reports/reports'], 'active' => \Yii::$app->controller->id == 'reports', ], // 'visible' => Yii::$app->user->can('confidential_information') - ['label' => 'Опции', 'icon' => 'list-alt', 'url' => ['/options/options'], 'active' => \Yii::$app->controller->id == 'options', 'visible' => Yii::$app->user->can('confidential_information')], + ['label' => 'Баланс', 'icon' => 'dollar', 'url' => ['/balance/balance'], 'active' => \Yii::$app->controller->id == 'balance', 'visible' => Yii::$app->user->can('balance')], + ['label' => 'Отпуска', 'icon' => 'plane', 'url' => ['/holiday/holiday'], 'active' => \Yii::$app->controller->id == 'holiday', 'visible' => Yii::$app->user->can('holiday')], + ['label' => 'Достижения', 'icon' => 'trophy', 'url' => ['/achievements/achievements'], 'active' => \Yii::$app->controller->id == 'achievements', 'visible' => Yii::$app->user->can('achievements')], + ['label' => 'Доступы', 'icon' => 'key', 'url' => ['/accesses/accesses'], 'active' => \Yii::$app->controller->id == 'accesses', 'visible' => Yii::$app->user->can('accesses')], + ['label' => 'Заметки', 'icon' => 'sticky-note', 'url' => ['/notes/notes'], 'active' => \Yii::$app->controller->id == 'notes', 'visible' => Yii::$app->user->can('notes')], + ['label' => 'Календарь ДР', 'icon' => 'calendar-check-o', 'url' => ['/calendar/calendar'], 'active' => \Yii::$app->controller->id == 'calendar', 'visible' => Yii::$app->user->can('calendar')], + ['label' => 'Отчеты', 'icon' => 'calendar', 'url' => ['/reports/reports'], 'active' => \Yii::$app->controller->id == 'reports', 'visible' => Yii::$app->user->can('reports')], + ['label' => 'Опции', 'icon' => 'list-alt', 'url' => ['/options/options'], 'active' => \Yii::$app->controller->id == 'options', 'visible' => Yii::$app->user->can('options')], [ 'label' => 'Запрос интервью (' . \common\models\InterviewRequest::getNewCount() . ')', 'icon' => 'list-alt', 'url' => ['/interview/interview'], 'active' => \Yii::$app->controller->id == 'interview', - 'visible' => Yii::$app->user->can('confidential_information'), + 'visible' => Yii::$app->user->can('interview'), 'badge' => '4' ], [ @@ -114,9 +114,9 @@ ['label' => 'Анкеты пользователей', 'icon' => 'drivers-license', 'url' => ['/questionnaire/user-questionnaire'], 'active' => \Yii::$app->controller->id == 'user-questionnaire'], ['label' => 'Ответы пользователей', 'icon' => 'comments', 'url' => ['/questionnaire/user-response'], 'active' => \Yii::$app->controller->id == 'user-response'], ], - 'visible' => Yii::$app->user->can('confidential_information') + 'visible' => Yii::$app->user->can('questionnaire') ], - ['label' => 'Тестовые задания', 'icon' => 'file-text-o', 'url' => ['/test/test-task'], 'active' => \Yii::$app->controller->id == 'options', 'visible' => Yii::$app->user->can('confidential_information')], + ['label' => 'Тестовые задания', 'icon' => 'file-text-o', 'url' => ['/test/test-task'], 'active' => \Yii::$app->controller->id == 'options', 'visible' => Yii::$app->user->can('test')], /*['label' => 'Gii', 'icon' => 'file-code-o', 'url' => ['/gii']], diff --git a/console/controllers/RbacController.php b/console/controllers/RbacController.php index dd01012..33d84e1 100755 --- a/console/controllers/RbacController.php +++ b/console/controllers/RbacController.php @@ -85,4 +85,113 @@ class RbacController extends Controller return $user; } + + public function actionCreateDefaultAccessRules() + { + $auth = Yii::$app->authManager; + $admin = $auth->getRole('admin'); + $profileEditor = $auth->getRole('profileEditor'); + + $test = $auth->createPermission('test'); + $test->description = 'Модуль "Тестовые задания"'; + $auth->add($test); + $auth->addChild($admin, $test); + + $questionnaire = $auth->createPermission('questionnaire'); + $questionnaire->description = 'Модуль "Анкеты": Создание, редактирование анкет, категорий анкет, вопросов, проверка ответов пользователей'; + $auth->add($questionnaire); + $auth->addChild($admin, $questionnaire); + + $interview = $auth->createPermission('interview'); + $interview->description = 'Модуль "Запрос интервью"'; + $auth->add($interview); + $auth->addChild($admin, $interview); + + $options = $auth->createPermission('options'); + $options->description = 'Модуль "Опции"'; + $auth->add($options); + $auth->addChild($admin, $options); + + $reports = $auth->createPermission('reports'); + $reports->description = 'Модуль "Отчёты"'; + $auth->add($reports); + $auth->addChild($admin, $reports); + + $calendar = $auth->createPermission('calendar'); + $calendar->description = 'Модуль "Календарь ДР"'; + $auth->add($calendar); + $auth->addChild($admin, $calendar); + + $notes = $auth->createPermission('notes'); + $notes->description = 'Модуль "Заметки"'; + $auth->add($notes); + $auth->addChild($admin, $notes); + + $accesses = $auth->createPermission('accesses'); + $accesses->description = 'Модуль "Доступы"'; + $auth->add($accesses); + $auth->addChild($admin, $accesses); + + $achievements = $auth->createPermission('achievements'); + $achievements->description = 'Модуль "Достижения"'; + $auth->add($achievements); + $auth->addChild($admin, $achievements); + + $holiday = $auth->createPermission('holiday'); + $holiday->description = 'Модуль "Отпуска"'; + $auth->add($holiday); + $auth->addChild($admin, $holiday); + + $balance = $auth->createPermission('balance'); + $balance->description = 'Модуль "Баланс"'; + $auth->add($balance); + $auth->addChild($admin, $balance); + + $hh = $auth->createPermission('hh'); + $hh->description = 'Модуль "Hh.ru"'; + $auth->add($hh); + $auth->addChild($admin, $hh); + + $company = $auth->createPermission('company'); + $company->description = 'Модуль "Компании"'; + $auth->add($company); + $auth->addChild($admin, $company); + + $task = $auth->createPermission('task'); + $task->description = 'Модуль "Задачи"'; + $auth->add($task); + $auth->addChild($admin, $task); + + $project = $auth->createPermission('project'); + $project->description = 'Модуль "Проекты"'; + $auth->add($project); + $auth->addChild($admin, $project); + + $documents = $auth->createPermission('document'); + $documents->description = 'Модуль "Документы": Создание, редактирование документов, их полей и шаблонов'; + $auth->add($documents); + $auth->addChild($admin, $documents); + + $employee = $auth->createPermission('employee'); + $employee->description = 'Модуль "Сотрудники"'; + $auth->add($employee); + $auth->addChild($admin, $employee); + + $card = $auth->createPermission('card'); + $card->description = 'Модуль "Профили"'; + $auth->add($card); + $auth->addChild($admin, $card); + $auth->addChild($profileEditor, $card); + + $settings = $auth->createPermission('settings'); + $settings->description = 'Модуль "Настройки"'; + $auth->add($settings); + $auth->addChild($admin, $settings); + + $skills = $auth->createPermission('settings/skill'); + $skills->description = 'Навыки'; + $auth->add($skills); + $auth->addChild($admin, $skills); + $auth->addChild($profileEditor, $skills); + } } \ No newline at end of file