init

hscstudio · Oct 25, 2015 · 4d1e97a · 4d1e97a
1 parent 980d0c8
commit 4d1e97a
Show file tree

Hide file tree

Showing 6 changed files with 85 additions and 27 deletions.
diff --git a/README.md b/README.md
@@ -109,10 +109,11 @@ use hscstudio\mimin\components\Mimin;
 ```
 ### Example dynamic button
 ```
-if (Yii::$app->user->can(Url::to(['create']))){
+if (((Mimin::filterRoute($this->context->id.'/create'))){
     echo Html::a('Create Note', ['create'], ['class' => 'btn btn-success']);
 }
 ```
 
 www.HafidMukhlasin.com
+
 Jakarta - Indonesia
diff --git a/components/Configs.php b/components/Configs.php
@@ -43,7 +43,7 @@ class Configs extends \yii\base\Object
     /**
      * @var Cache Cache component.
      */
-    public $cache = 'cache';
+    public $cache = 'null';
 
     /**
      * @var integer Cache duration. Default to a month.

diff --git a/components/Mimin.php b/components/Mimin.php
@@ -26,36 +26,55 @@
    *    $menuItems[] = ['label' => 'Administrator', 'items' => $items];
    * }
    */
-  public static function filterRouteMenu($routes,$strict=false)
+  public static function filterRoute($route,$strict=false)
   {
       $allowedRoutes = [];
       $user = Yii::$app->user;
+      $permission = (substr($route,0,1)=='/')?$route:'/'.$route;
+      if ($user->can($permission)) {
+          return true;
+      }
+
+      if(!$strict){
+          $pos = (strrpos($permission, '/'));
+          $parent = substr($permission, 0, $pos);
+          $authItems = AuthItem::find()->where(['like','name',$parent])->all();
+          foreach ($authItems as $authItem) {
+              $permission = $authItem->name;
+              if ($user->can($permission)) {
+                  return true;
+              }
+          }
+      }
+
+      return false;
+  }
+
+  /**
+   * @inheritdoc
+   * $items=[
+   *     ['label' => 'User', 'url' => ['/mimin/user']],
+   *     ['label' => 'Role', 'url' => ['/mimin/role']],
+   *     ['label' => 'Route', 'url' => ['/mimin/route']],
+   * ];
+   * $items = Mimin::filterRouteMenu($items);
+   * if(count($items)>0){
+   *    $menuItems[] = ['label' => 'Administrator', 'items' => $items];
+   * }
+   */
+  public static function filterRouteMenu($routes,$strict=false)
+  {
+      $allowedRoutes = [];
       $hr = 0;
       foreach ($routes as $route) {
           $value = ArrayHelper::getValue($route, 'url');
           if(is_array($value)){
               $permission = $value[0];
-              if ($user->can('/' . $permission) or $user->can($permission)) {
+              $allowed = self::filterRoute($permission,$strict);
+              if ($allowed) {
                   $allowedRoutes[] = $route;
                   continue;
               }
-
-              if(!$strict){
-                  /*
-
-                  */
-                  $pos = (strrpos($permission, '/'));
-                  $parent = substr($permission, 1, $pos-1);
-
-                  $authItems = AuthItem::find()->where(['like','name',$parent])->all();
-                  foreach ($authItems as $authItem) {
-                      $permission = $authItem->name;
-                      if ($user->can('/' . $permission) or $user->can($permission)) {
-                          $allowedRoutes[] = $route;
-                          break;
-                      }
-                  }
-              }
           }
           else {
               $allowedRoutes[] = $route;
@@ -69,7 +88,7 @@ public static function filterRouteMenu($routes,$strict=false)
   /**
    * @inheritdoc
    * Mimin::filterTemplateActionColumn(['update','delete'=>'drop','download'],$this->context->route)
-   * output {update} {delete} {download} 
+   * output {update} {delete} {download}
    * what's about 'delete' and 'drop'?
    * if button name different with route name
    * but for best practice, it should same
@@ -78,21 +97,29 @@ public static function filterTemplateActionColumn($actions,$currentRoute)
   {
       $template = '';
       $pos = (strrpos($currentRoute, '/'));
-      $parent = substr($currentRoute, 0, $pos+1);
-      $user = Yii::$app->user;
+      $parent = substr($currentRoute, 0, $pos);
       foreach ($actions as $key => $value) {
           if(is_integer($key)){
               $action = $value;
-              $permission = $parent . $action;
+              $permission = $parent . '/' . $action;
           }
           else{
               $action = $key;
-              $permission = $parent . $action;
+              $permission = $parent . '/' . $action;
           }
           $button = "{".$value."} ";
-          if ($user->can('/' . $permission) or $user->can($permission)) {
+          $allowed = self::filterRoute($permission,true);
+          if ($allowed) {
               $template .= $button;
+              continue;
           }
+          else{
+              $allowed = self::filterRoute($parent . '/' . '*',true);
+              if ($allowed) {
+                  $template .= $button;
+              }
+          }
+
       }
       return trim($template);
   }

diff --git a/controllers/RoleController.php b/controllers/RoleController.php
@@ -8,6 +8,7 @@
 use yii\web\Controller;
 use yii\web\NotFoundHttpException;
 use yii\filters\VerbFilter;
+use yii\filters\AccessControl;
 
 /**
  * AuthItemController implements the CRUD actions for AuthItem model.
@@ -17,6 +18,15 @@ class RoleController extends Controller
     public function behaviors()
     {
         return [
+            'access' => [
+                'class' => AccessControl::className(),
+                'rules' => [
+                    [
+                        'allow' => true,
+                        'roles' => ['@'],
+                    ],
+                ],
+            ],
             'verbs' => [
                 'class' => VerbFilter::className(),
                 'actions' => [

diff --git a/controllers/RouteController.php b/controllers/RouteController.php
@@ -8,6 +8,7 @@
 use yii\web\Controller;
 use yii\web\NotFoundHttpException;
 use yii\filters\VerbFilter;
+use yii\filters\AccessControl;
 
 use hscstudio\mimin\components\Configs;
 use yii\helpers\Inflector;
@@ -24,6 +25,15 @@ class RouteController extends Controller
     public function behaviors()
     {
         return [
+            'access' => [
+                'class' => AccessControl::className(),
+                'rules' => [
+                    [
+                        'allow' => true,
+                        'roles' => ['@'],
+                    ],
+                ],
+            ],
             'verbs' => [
                 'class' => VerbFilter::className(),
                 'actions' => [

diff --git a/controllers/UserController.php b/controllers/UserController.php
@@ -11,6 +11,7 @@
 use yii\web\NotFoundHttpException;
 use yii\filters\VerbFilter;
 use yii\helpers\ArrayHelper;
+use yii\filters\AccessControl;
 
 /**
  * UserController implements the CRUD actions for User model.
@@ -20,6 +21,15 @@ class UserController extends Controller
     public function behaviors()
     {
         return [
+            'access' => [
+                'class' => AccessControl::className(),
+                'rules' => [
+                    [
+                        'allow' => true,
+                        'roles' => ['@'],
+                    ],
+                ],
+            ],
             'verbs' => [
                 'class' => VerbFilter::className(),
                 'actions' => [