From 89e635798cf73a88bdaa88648131ef2b9a64897f Mon Sep 17 00:00:00 2001 From: iIronside Date: Thu, 26 Jan 2023 15:28:15 +0300 Subject: [PATCH] for managers show only employees, show all profiles for users with permission show_all_profiles --- README.md | 2 +- backend/config/main.php | 2 +- .../modules/card/models/UserCardSearch.php | 25 ++-- console/controllers/RbacController.php | 118 ++---------------- 4 files changed, 27 insertions(+), 120 deletions(-) diff --git a/README.md b/README.md index f86d3cb..394e692 100755 --- a/README.md +++ b/README.md @@ -45,5 +45,5 @@ environments/ contains environment-based overrides php yii rbac/init
php yii rbac/create-editor
php yii rbac/create-company-manager-role
- `php yii rbac/create-default-access-rules`
+ php yii rbac/create-default-access-rules

\ No newline at end of file diff --git a/backend/config/main.php b/backend/config/main.php index 90fd8e3..bdd19d8 100755 --- a/backend/config/main.php +++ b/backend/config/main.php @@ -84,7 +84,7 @@ return [ 'components' => [ 'request' => [ 'csrfParam' => '_csrf-backend', - 'baseUrl' => '', // /secure TODO secure + 'baseUrl' => '/secure', 'parsers' => [ 'application/json' => 'yii\web\JsonParser', 'text/xml' => 'yii/web/XmlParser', diff --git a/backend/modules/card/models/UserCardSearch.php b/backend/modules/card/models/UserCardSearch.php index e35f42c..1c9ba20 100755 --- a/backend/modules/card/models/UserCardSearch.php +++ b/backend/modules/card/models/UserCardSearch.php @@ -2,7 +2,7 @@ namespace backend\modules\card\models; -use common\classes\Debug; +use backend\modules\employee\models\ManagerEmployee; use Yii; use yii\base\Model; use yii\data\ActiveDataProvider; @@ -42,13 +42,24 @@ class UserCardSearch extends UserCard * * @return ActiveDataProvider */ - public function search($params) + public function search($params): ActiveDataProvider { -// $userId = Yii::$app->user->; -// $userCard = UserCard::findOne($userId); + if (Yii::$app->user->can('show_all_profiles')) { + $query = UserCard::find(); + } else { + $userCard = UserCard::find() + ->where(['id_user' => Yii::$app->user->id]) + ->one(); - $query = UserCard::find(); - $query->where(['id'])->distinct() + $employeeIdList = ManagerEmployee::find() + ->where(['manager_id' => $userCard->manager->id]) + ->select('user_card_id') + ->column(); + + $query = UserCard::find()->where(['in', 'user_card.id', $employeeIdList]); + } + + $query->distinct() ->leftJoin('card_skill', 'card_skill.card_id=user_card.id') ->leftJoin('skill', 'skill.id=card_skill.skill_id'); @@ -64,7 +75,7 @@ class UserCardSearch extends UserCard return $dataProvider; } - $query->where(['deleted_at' => null]); + $query->andWhere(['deleted_at' => null]); if (isset($params['month'])) { $query->andFilterWhere(['=', 'MONTH(dob)', $params['month']]); diff --git a/console/controllers/RbacController.php b/console/controllers/RbacController.php index 65f2e34..50f9914 100755 --- a/console/controllers/RbacController.php +++ b/console/controllers/RbacController.php @@ -86,115 +86,6 @@ class RbacController extends Controller return $user; } -// public function actionCreateDefaultAccessRules() -// { -// $auth = Yii::$app->authManager; -// $admin = $auth->getRole('admin'); -// $profileEditor = $auth->getRole('profileEditor'); -// -// $test = $auth->createPermission('test'); -// $test->description = 'Модуль "Тестовые задания"'; -// $auth->add($test); -// $auth->addChild($admin, $test); -// -// $questionnaire = $auth->createPermission('questionnaire'); -// $questionnaire->description = 'Модуль "Анкеты": Создание, редактирование анкет, категорий анкет, вопросов, проверка ответов пользователей'; -// $auth->add($questionnaire); -// $auth->addChild($admin, $questionnaire); -// -// $interview = $auth->createPermission('interview'); -// $interview->description = 'Модуль "Запрос интервью"'; -// $auth->add($interview); -// $auth->addChild($admin, $interview); -// -// $options = $auth->createPermission('options'); -// $options->description = 'Модуль "Опции"'; -// $auth->add($options); -// $auth->addChild($admin, $options); -// -// $reports = $auth->createPermission('reports'); -// $reports->description = 'Модуль "Отчёты"'; -// $auth->add($reports); -// $auth->addChild($admin, $reports); -// -// $calendar = $auth->createPermission('calendar'); -// $calendar->description = 'Модуль "Календарь ДР"'; -// $auth->add($calendar); -// $auth->addChild($admin, $calendar); -// -// $notes = $auth->createPermission('notes'); -// $notes->description = 'Модуль "Заметки"'; -// $auth->add($notes); -// $auth->addChild($admin, $notes); -// -// $accesses = $auth->createPermission('accesses'); -// $accesses->description = 'Модуль "Доступы"'; -// $auth->add($accesses); -// $auth->addChild($admin, $accesses); -// -// $achievements = $auth->createPermission('achievements'); -// $achievements->description = 'Модуль "Достижения"'; -// $auth->add($achievements); -// $auth->addChild($admin, $achievements); -// -// $holiday = $auth->createPermission('holiday'); -// $holiday->description = 'Модуль "Отпуска"'; -// $auth->add($holiday); -// $auth->addChild($admin, $holiday); -// -// $balance = $auth->createPermission('balance'); -// $balance->description = 'Модуль "Баланс"'; -// $auth->add($balance); -// $auth->addChild($admin, $balance); -// -// $hh = $auth->createPermission('hh'); -// $hh->description = 'Модуль "Hh.ru"'; -// $auth->add($hh); -// $auth->addChild($admin, $hh); -// -// $company = $auth->createPermission('company'); -// $company->description = 'Модуль "Компании"'; -// $auth->add($company); -// $auth->addChild($admin, $company); -// -// $task = $auth->createPermission('task'); -// $task->description = 'Модуль "Задачи"'; -// $auth->add($task); -// $auth->addChild($admin, $task); -// -// $project = $auth->createPermission('project'); -// $project->description = 'Модуль "Проекты"'; -// $auth->add($project); -// $auth->addChild($admin, $project); -// -// $documents = $auth->createPermission('document'); -// $documents->description = 'Модуль "Документы": Создание, редактирование документов, их полей и шаблонов'; -// $auth->add($documents); -// $auth->addChild($admin, $documents); -// -// $employee = $auth->createPermission('employee'); -// $employee->description = 'Модуль "Сотрудники"'; -// $auth->add($employee); -// $auth->addChild($admin, $employee); -// -// $card = $auth->createPermission('card'); -// $card->description = 'Модуль "Профили"'; -// $auth->add($card); -// $auth->addChild($admin, $card); -// $auth->addChild($profileEditor, $card); -// -// $settings = $auth->createPermission('settings'); -// $settings->description = 'Модуль "Настройки"'; -// $auth->add($settings); -// $auth->addChild($admin, $settings); -// -// $skills = $auth->createPermission('settings/skill'); -// $skills->description = 'Навыки'; -// $auth->add($skills); -// $auth->addChild($admin, $skills); -// $auth->addChild($profileEditor, $skills); -// } - public function actionCreateDefaultAccessRules() { $auth = Yii::$app->authManager; @@ -369,7 +260,12 @@ class RbacController extends Controller $auth->addChild($admin, $mark); } -// var_dump($auth->getPermission('settings/mark')); - + if(!$auth->getPermission('show_all_profiles')) { + echo "create permission: show_all_profiles\n"; + $showAllProfiles = $auth->createPermission('show_all_profiles'); + $showAllProfiles->description = 'Показ всех сотрудников в модуле Профили'; + $auth->add($showAllProfiles); + $auth->addChild($admin, $showAllProfiles); + } } } \ No newline at end of file