update config permission
This commit is contained in:
@@ -22,6 +22,9 @@ class UserController extends Controller {
|
||||
if (Yii::$app->user->isGuest) {
|
||||
return $this->redirect(['/site/login']);
|
||||
}
|
||||
if (!Yii::$app->user->can("administrator")) {
|
||||
return $this->redirect(["/dashboard"]);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -43,11 +46,16 @@ class UserController extends Controller {
|
||||
* @return mixed
|
||||
*/
|
||||
public function actionIndex() {
|
||||
$this->view->title = "Người dùng";
|
||||
$this->view->params['breadcrumbs'][] = "Hệ thống";
|
||||
$this->view->params['breadcrumbs'][] = $this->view->title;
|
||||
|
||||
$searchModel = new UserSearch();
|
||||
$dataProvider = $searchModel->search(Yii::$app->request->queryParams);
|
||||
return $this->renderAjax("index", [
|
||||
|
||||
return $this->render('index', [
|
||||
'searchModel' => $searchModel,
|
||||
'dataProvider' => $dataProvider
|
||||
'dataProvider' => $dataProvider,
|
||||
]);
|
||||
}
|
||||
|
||||
@@ -84,6 +92,14 @@ class UserController extends Controller {
|
||||
* @return mixed
|
||||
*/
|
||||
public function actionCreate() {
|
||||
if (!Yii::$app->user->can("administrator")) {
|
||||
Yii::$app->response->format = "json";
|
||||
return [
|
||||
"title" => "403",
|
||||
"form" => Yii::t("app", "Bạn không có quyền truy cập!")
|
||||
];
|
||||
}
|
||||
|
||||
$model = new User();
|
||||
if (Yii::$app->request->post()) {
|
||||
$post = Yii::$app->request->post();
|
||||
@@ -111,8 +127,7 @@ class UserController extends Controller {
|
||||
}
|
||||
}
|
||||
return [
|
||||
'stt' => true,
|
||||
'url' => Url::to(['/user'])
|
||||
'stt' => true
|
||||
];
|
||||
} else {
|
||||
Yii::$app->response->format = "json";
|
||||
@@ -135,6 +150,14 @@ class UserController extends Controller {
|
||||
* @throws NotFoundHttpException if the model cannot be found
|
||||
*/
|
||||
public function actionUpdate($id) {
|
||||
if (!Yii::$app->user->can("administrator")) {
|
||||
Yii::$app->response->format = "json";
|
||||
return [
|
||||
"title" => "403",
|
||||
"form" => Yii::t("app", "Bạn không có quyền truy cập!")
|
||||
];
|
||||
}
|
||||
|
||||
$model = $this->findModel($id);
|
||||
if (Yii::$app->request->post()) {
|
||||
$post = Yii::$app->request->post();
|
||||
@@ -150,6 +173,7 @@ class UserController extends Controller {
|
||||
$model->username = $post['Username'];
|
||||
$model->phone_number = $post['PhoneNumber'];
|
||||
$model->email = $post['Email'];
|
||||
$model->quota = $post['Quota'];
|
||||
$model->save();
|
||||
AuthAssignment::deleteAll(['user_id' => $id]);
|
||||
$auth = Yii::$app->authManager;
|
||||
@@ -159,11 +183,7 @@ class UserController extends Controller {
|
||||
$auth->assign($role, $id);
|
||||
}
|
||||
}
|
||||
Yii::$app->response->format = "json";
|
||||
return [
|
||||
'stt' => true,
|
||||
'url' => Url::to(['/user'])
|
||||
];
|
||||
return true;
|
||||
} else {
|
||||
Yii::$app->response->format = "json";
|
||||
return [
|
||||
@@ -185,12 +205,13 @@ class UserController extends Controller {
|
||||
* @throws NotFoundHttpException if the model cannot be found
|
||||
*/
|
||||
public function actionDelete($id) {
|
||||
if (Yii::$app->request->isAjax) {
|
||||
$this->findModel($id)->delete();
|
||||
AuthAssignment::deleteAll(['user_id' => $id]);
|
||||
Yii::$app->response->format = "json";
|
||||
return ["url" => Url::to(['/user'])];
|
||||
if (!Yii::$app->user->can("administrator")) {
|
||||
throw new \yii\web\ForbiddenHttpException(Yii::t("app", "Bạn không có quyền truy cập!"));
|
||||
}
|
||||
|
||||
$this->findModel($id)->delete();
|
||||
AuthAssignment::deleteAll(['user_id' => $id]);
|
||||
return $this->redirect(['index']);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -209,27 +230,27 @@ class UserController extends Controller {
|
||||
}
|
||||
|
||||
public function actionProfiles() {
|
||||
if (Yii::$app->user->isGuest) {
|
||||
return $this->redirect(['/site/login']);
|
||||
}
|
||||
|
||||
$model = $this->findModel(Yii::$app->user->id);
|
||||
$this->view->title = Yii::t("app", "Thông tin cá nhân");
|
||||
$this->view->params['breadcrumbs'][] = $this->view->title;
|
||||
|
||||
return $this->render('profiles', [
|
||||
"model" => $model
|
||||
]);
|
||||
}
|
||||
|
||||
public function actionInfo($id) {
|
||||
if (Yii::$app->request->post()) {
|
||||
$model = $this->findModel($id);
|
||||
$post = Yii::$app->request->post();
|
||||
$model->first_name = $post['Name'];
|
||||
$model->phone_number = $post['PhoneNumber'];
|
||||
$model->email = $post['Email'];
|
||||
return $model->save();
|
||||
} else {
|
||||
Yii::$app->response->format = "json";
|
||||
if (Yii::$app->user->isGuest) {
|
||||
return [
|
||||
"title" => "Lỗi",
|
||||
"form" => "Bạn chưa đăng nhập hệ thống"
|
||||
];
|
||||
}
|
||||
return [
|
||||
"title" => "Thông tin cá nhân",
|
||||
"form" => $this->renderPartial('profiles', [
|
||||
"model" => $model
|
||||
])
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -241,19 +262,15 @@ class UserController extends Controller {
|
||||
$model->save();
|
||||
return true;
|
||||
} else {
|
||||
Yii::$app->response->format = "json";
|
||||
if (Yii::$app->user->isGuest) {
|
||||
return [
|
||||
"title" => "Lỗi",
|
||||
"form" => "Bạn chưa đăng nhập hệ thống"
|
||||
];
|
||||
return $this->redirect(['/site/login']);
|
||||
}
|
||||
return [
|
||||
"title" => "Đổi mật khẩu",
|
||||
"form" => $this->renderPartial('password', [
|
||||
"model" => $model
|
||||
])
|
||||
];
|
||||
$this->view->title = Yii::t("app", "Đổi mật khẩu");
|
||||
$this->view->params['breadcrumbs'][] = $this->view->title;
|
||||
|
||||
return $this->render('password', [
|
||||
"model" => $model
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user