From 7bdb458b786192de381c6c964a037914ec91feb3 Mon Sep 17 00:00:00 2001 From: dongpd Date: Mon, 25 May 2020 11:42:14 +0700 Subject: [PATCH] update config permission --- controllers/ConfigController.php | 10 ++- controllers/UserController.php | 95 +++++++++++++---------- db/app.db | Bin 106496 -> 106496 bytes views/config/cau-hinh-nhan-dien.tpl | 29 +++---- views/config/index.tpl | 3 +- views/user/index.tpl | 36 ++++----- views/user/password.tpl | 62 +++++++++------ views/user/profiles.tpl | 114 ++++++++++++++++------------ 8 files changed, 196 insertions(+), 153 deletions(-) diff --git a/controllers/ConfigController.php b/controllers/ConfigController.php index 260ce31a..a5f910c5 100644 --- a/controllers/ConfigController.php +++ b/controllers/ConfigController.php @@ -152,9 +152,15 @@ class ConfigController extends Controller { 'method' => "POST" ] ]; - $apiConfig = json_decode(file_get_contents("http://localhost:4004/ReadAPIConfig", false, stream_context_create($options)), true); + $ip = "192.168.0.42"; + $tempConfig = json_decode(file_get_contents("http://localhost:4004/ReadAPIConfig", false, stream_context_create($options)), true); + if ($tempConfig['status']) { + $t = json_decode($tempConfig['data'], true); + $temp = explode(":", $t['servermqtt']); + $ip = $temp[0]; + } return $this->render('index', [ - "apiConfig" => $apiConfig + "ip" => $ip ]); } diff --git a/controllers/UserController.php b/controllers/UserController.php index 1c3a22c2..266fb230 100644 --- a/controllers/UserController.php +++ b/controllers/UserController.php @@ -22,6 +22,9 @@ class UserController extends Controller { if (Yii::$app->user->isGuest) { return $this->redirect(['/site/login']); } + if (!Yii::$app->user->can("administrator")) { + return $this->redirect(["/dashboard"]); + } } /** @@ -43,11 +46,16 @@ class UserController extends Controller { * @return mixed */ public function actionIndex() { + $this->view->title = "Người dùng"; + $this->view->params['breadcrumbs'][] = "Hệ thống"; + $this->view->params['breadcrumbs'][] = $this->view->title; + $searchModel = new UserSearch(); $dataProvider = $searchModel->search(Yii::$app->request->queryParams); - return $this->renderAjax("index", [ + + return $this->render('index', [ 'searchModel' => $searchModel, - 'dataProvider' => $dataProvider + 'dataProvider' => $dataProvider, ]); } @@ -84,6 +92,14 @@ class UserController extends Controller { * @return mixed */ public function actionCreate() { + if (!Yii::$app->user->can("administrator")) { + Yii::$app->response->format = "json"; + return [ + "title" => "403", + "form" => Yii::t("app", "Bạn không có quyền truy cập!") + ]; + } + $model = new User(); if (Yii::$app->request->post()) { $post = Yii::$app->request->post(); @@ -111,8 +127,7 @@ class UserController extends Controller { } } return [ - 'stt' => true, - 'url' => Url::to(['/user']) + 'stt' => true ]; } else { Yii::$app->response->format = "json"; @@ -135,6 +150,14 @@ class UserController extends Controller { * @throws NotFoundHttpException if the model cannot be found */ public function actionUpdate($id) { + if (!Yii::$app->user->can("administrator")) { + Yii::$app->response->format = "json"; + return [ + "title" => "403", + "form" => Yii::t("app", "Bạn không có quyền truy cập!") + ]; + } + $model = $this->findModel($id); if (Yii::$app->request->post()) { $post = Yii::$app->request->post(); @@ -150,6 +173,7 @@ class UserController extends Controller { $model->username = $post['Username']; $model->phone_number = $post['PhoneNumber']; $model->email = $post['Email']; + $model->quota = $post['Quota']; $model->save(); AuthAssignment::deleteAll(['user_id' => $id]); $auth = Yii::$app->authManager; @@ -159,11 +183,7 @@ class UserController extends Controller { $auth->assign($role, $id); } } - Yii::$app->response->format = "json"; - return [ - 'stt' => true, - 'url' => Url::to(['/user']) - ]; + return true; } else { Yii::$app->response->format = "json"; return [ @@ -185,12 +205,13 @@ class UserController extends Controller { * @throws NotFoundHttpException if the model cannot be found */ public function actionDelete($id) { - if (Yii::$app->request->isAjax) { - $this->findModel($id)->delete(); - AuthAssignment::deleteAll(['user_id' => $id]); - Yii::$app->response->format = "json"; - return ["url" => Url::to(['/user'])]; + if (!Yii::$app->user->can("administrator")) { + throw new \yii\web\ForbiddenHttpException(Yii::t("app", "Bạn không có quyền truy cập!")); } + + $this->findModel($id)->delete(); + AuthAssignment::deleteAll(['user_id' => $id]); + return $this->redirect(['index']); } /** @@ -209,27 +230,27 @@ class UserController extends Controller { } public function actionProfiles() { + if (Yii::$app->user->isGuest) { + return $this->redirect(['/site/login']); + } + $model = $this->findModel(Yii::$app->user->id); + $this->view->title = Yii::t("app", "Thông tin cá nhân"); + $this->view->params['breadcrumbs'][] = $this->view->title; + + return $this->render('profiles', [ + "model" => $model + ]); + } + + public function actionInfo($id) { if (Yii::$app->request->post()) { + $model = $this->findModel($id); $post = Yii::$app->request->post(); $model->first_name = $post['Name']; $model->phone_number = $post['PhoneNumber']; $model->email = $post['Email']; return $model->save(); - } else { - Yii::$app->response->format = "json"; - if (Yii::$app->user->isGuest) { - return [ - "title" => "Lỗi", - "form" => "Bạn chưa đăng nhập hệ thống" - ]; - } - return [ - "title" => "Thông tin cá nhân", - "form" => $this->renderPartial('profiles', [ - "model" => $model - ]) - ]; } } @@ -241,19 +262,15 @@ class UserController extends Controller { $model->save(); return true; } else { - Yii::$app->response->format = "json"; if (Yii::$app->user->isGuest) { - return [ - "title" => "Lỗi", - "form" => "Bạn chưa đăng nhập hệ thống" - ]; + return $this->redirect(['/site/login']); } - return [ - "title" => "Đổi mật khẩu", - "form" => $this->renderPartial('password', [ - "model" => $model - ]) - ]; + $this->view->title = Yii::t("app", "Đổi mật khẩu"); + $this->view->params['breadcrumbs'][] = $this->view->title; + + return $this->render('password', [ + "model" => $model + ]); } } diff --git a/db/app.db b/db/app.db index c1dbe0d2125ebccbf3f5f35444d030286afbd8b7..100c77b5bff9cef6e4638fdab758278f103d98f7 100644 GIT binary patch delta 166 zcmZoTz}9epZGtqT(?l6(Rwo8MnGG9L7VvX1@n?OsSSk(Dh5>s+B^D>J|iV{omi_GFqduUF6VJ`zzf0Kd#E&omaqniZ-w)0Ou>aWIR P#?<`QfBRd1M&SSe`-L=$ delta 194 zcmZoTz}9epZGtqT!$cWpRtE+>1FMZG3;4Mh`Ij>AFXe0EH`}bJP{KF4N$!O;1H*I% zQwBwGLth4l(twPIyB6ju9GUQN_sV1-b$Cl&x`DB|xuLP4v9U>FN^WKzh+tq~NCN8F zyi{IZfRT0bQGI)$(JvVIU+`bx-?3THVHN-69rlvqEG+8$EMQHU#U(|FCHX~0ab@?b pC%>?l0jht?!2g#2CjZgRf&tt4Cm;1!V=`iCe(S&etv{o1005
+ {$username=Yii::$app->user->identity->username}
    -
  • +
    • @@ -360,7 +361,7 @@
    • -
  • +
    • @@ -449,7 +450,7 @@
    • -
  • +
    • @@ -489,7 +490,7 @@
        -
      • +
      • :
        {$config_json.engine.max_fps}
        @@ -510,12 +511,12 @@
          -
        • +
        • :
          {$config_json.recognition.enable}
          • -
        • +
        • :
          {$config_json.recognition.accuracy}
          @@ -525,29 +526,29 @@ :
          {$config_json.recognition.server_recog}
          • -
        • +
        • :
          {$config_json.recognition.request_timeout}
          • -
        • +
        • :
          {$config_json.recognition.num_face_recog}
          • -
        • +
        • :
          {$config_json.recognition.first_time_recog}
          • -
        • +
        • :
          {$config_json.recognition.next_time_recog}
        • -
      • +
        • @@ -573,12 +574,12 @@
        • -
      • +
      • {$config_json.id_city}
        • -
      • +
        • @@ -594,7 +595,7 @@
        • -
      • +
        • diff --git a/views/config/index.tpl b/views/config/index.tpl index ff921398..5e9251f0 100644 --- a/views/config/index.tpl +++ b/views/config/index.tpl @@ -43,8 +43,7 @@
          server IP
          - {$temp=explode(":",$apiConfig.servermqtt)} - +
          diff --git a/views/user/index.tpl b/views/user/index.tpl index 28c763b3..e396fc36 100644 --- a/views/user/index.tpl +++ b/views/user/index.tpl @@ -1,30 +1,23 @@ +{extends file=$smarty.current_dir|cat:'/../extends.tpl'} {use class="yii\helpers\Url"} {use class="yii\grid\GridView"} -{use class="yii\widgets\Pjax" type="block"} - -
          - -
          -
          -
          - {Pjax id="user-list-modal" enablePushState=false timeout=false enableReplaceState=false} +{use class="app\assets\UserAsset"} +{UserAsset::register($this)|void} +{block name='content'} + {if \Yii::$app->user->can("administrator")} +
          + +
          + {/if} +
          {GridView::widget([ - 'id' => 'user-list-gridview', 'dataProvider' => $dataProvider, 'filterModel' => $searchModel, 'layout'=> \app\helpers\UserGrid::getLayout(), 'tableOptions' => [ - 'class' => 'table table-striped table-bordered table-user', + 'class' => 'table table-striped table-bordered', 'style' => 'background:#fff;min-width:700px;' ], 'columns' => [ @@ -51,5 +44,4 @@ ] ] ])} - {/Pjax} -
          \ No newline at end of file +{/block} \ No newline at end of file diff --git a/views/user/password.tpl b/views/user/password.tpl index 7e765788..23bca6df 100644 --- a/views/user/password.tpl +++ b/views/user/password.tpl @@ -1,24 +1,38 @@ - -
          - - - -
          -
          - - - -
          -
          - - - -
          - -
          - -
          \ No newline at end of file +{extends file=$smarty.current_dir|cat:'/../extends.tpl'} +{use class="yii\helpers\Url"} +{use class="yii\grid\GridView"} +{use class="app\assets\UserAsset"} +{UserAsset::register($this)|void} +{block name='content'} +
          +
          +
          + +
          +
          + + + +
          +
          + + + +
          +
          + + + +
          + +
          + +
          +
          +
          +
          +{/block} \ No newline at end of file diff --git a/views/user/profiles.tpl b/views/user/profiles.tpl index f3208539..7bbc3936 100644 --- a/views/user/profiles.tpl +++ b/views/user/profiles.tpl @@ -1,51 +1,65 @@ -
          - {$directoryAsset=Yii::$app->assetManager->getPublishedUrl('@vendor/almasaeed2010/adminlte/dist')} - {if !Yii::$app->user->isGuest} - {$img=Yii::$app->user->identity->user_image} - {if $img==null} - {$img=$directoryAsset|cat:"/img/user2-160x160.jpg"} - {else} - {$img=Yii::getAlias("@images_folder")|cat:$img} - {/if} - {/if} - - -
          -
          -
          - - - -
          -
          - - - -
          -
          - - - -
          -
          - - - -
          -
          - +{extends file=$smarty.current_dir|cat:'/../extends.tpl'} +{use class="yii\helpers\Url"} +{use class="yii\grid\GridView"} +{use class="app\assets\UserAsset"} +{UserAsset::register($this)|void} +{block name='content'}
          - {$model->roleName} -
          -
          - -
          - -
          \ No newline at end of file +
          +
          +
          +
          + {$directoryAsset=Yii::$app->assetManager->getPublishedUrl('@vendor/almasaeed2010/adminlte/dist')} + {if !Yii::$app->user->isGuest} + {$img=Yii::$app->user->identity->user_image} + {if $img==null} + {$img=$directoryAsset|cat:"/img/user2-160x160.jpg"} + {else} + {$img=Yii::getAlias("@images_folder")|cat:$img} + {/if} + {/if} + + +
          +
          +
          + + + +
          +
          + + + +
          +
          + + + +
          +
          + + + +
          +
          + +
          + {$model->roleName} +
          +
          + +
          + +
          +
          +
          +
          +{/block} \ No newline at end of file