My application technically has two areas, a global area (feedback, user profile, user settings, etc) and a group area (contacts, projects, group profile, group settings, etc).
I am using the RBAC DBManager for the global area, and it works just fine, but I am having issues implementing an authorization mechanism for the group area.
The reason, is that groups can be shared among the users, and a user may have multiple assignments in the group_access table (id, group_id, user_id, item_name) as they may be members of multiple groups, and they may have different permission levels for those groups.
Here is my auth setup:
$auth = Yii::$app->authManager;
// group permissions
$manageGroupUsers = $auth->createPermission('manage_group_users');
$manageGroupUsers->description = 'Manage Group Users';
$auth->add($manageGroupUsers);
$manageGroupSettings = $auth->createPermission('manage_group_settings');
$manageGroupSettings->description = 'Manage Group Settings';
$auth->add($manageGroupSettings);
// app permissions
$manageAppUsers = $auth->createPermission('manage_app_users');
$manageAppUsers->description = 'Manage App Users';
$auth->add($manageAppUsers);
$manageAppGroups = $auth->createPermission('manage_app_groups');
$manageAppGroups->description = 'Manage App Groups';
$auth->add($manageAppGroups);
$manageAppSettings = $auth->createPermission('manage_app_settings');
$manageAppSettings->description = 'Manage App Settings';
$auth->add($manageAppSettings);
$manageAppFeedback = $auth->createPermission('manage_app_feedback');
$manageAppFeedback->description = 'Manage App Feedback';
$auth->add($manageAppFeedback);
// group roles
// -- create role
$groupUser = $auth->createRole('group_user');
$groupUser->description = 'Group Users';
$auth->add($groupUser);
// -- create role
$groupAdmin = $auth->createRole('group_admin');
$groupAdmin->description = 'Group Administrators';
$auth->add($groupAdmin);
// add permissions
$auth->addChild($groupAdmin, $manageGroupUsers);
$auth->addChild($groupAdmin, $manageGroupSettings);
// inherit permissions
$auth->addChild($groupAdmin, $groupUser);
// -- create role
$groupCreator = $auth->createRole('group_creator');
$groupCreator->description = 'Group Creators';
$auth->add($groupCreator);
// inherit permissions
$auth->addChild($groupCreator, $groupAdmin);
// app roles
// -- create role
$appUser = $auth->createRole('app_user');
$appUser->description = 'App Users';
$auth->add($appUser);
// -- create role
$appSupport = $auth->createRole('app_support');
$appSupport->description = 'Support Users';
$auth->add($appSupport);
// add permissions
$auth->addChild($appSupport, $manageAppFeedback);
// -- create role
$appAdmin = $auth->createRole('app_admin');
$appAdmin->description = 'App Administrators';
$auth->add($appAdmin);
// add permissions
$auth->addChild($appAdmin, $manageAppUsers);
$auth->addChild($appAdmin, $manageAppGroups);
$auth->addChild($appAdmin, $manageAppSettings);
// inherit permissions
$auth->addChild($appAdmin, $appUser);
$auth->addChild($appAdmin, $appSupport);
// -- create role
$appCreator = $auth->createRole('app_creator');
$appCreator->description = 'App Creators';
$auth->add($appCreator);
// inherit permissions
$auth->addChild($appCreator, $appAdmin);
My group_access table has the same schema as the auth_assignment table, with the exception that it has a group_id column, and the user_id column is NOT unique.
The user will only have one assignment concerning the global area, but may have many different assigments on the group area as they might have admin privelidges on group a, but only user privielidges on group b.
My DB is set up like:
Users (status_id, username, auth_key, password_hash, email, etc)
Groups (status_id, name, description, etc)
Group_Access (group_id, user_id, item_name) Each user gets one assignment for each group they have access to.
sample_group_access_records [
[
'id' => 1,
'user_id' => 35,
'group_id' => 17,
'item_name' => 'group_admin'
],
[
'id' => 2,
'user_id' => 35,
'group_id' => 356,
'item_name' => 'group_user'
],
[
'id' => 3,
'user_id' => 35,
'group_id' => 211,
'item_name' => 'group_creator'
],
];
The checkAccess function can qualify the userID, and I can even use the shorter "can" version which works great for the logged in user, but I need to check access based on a user option like below:
Option::getOption('user', 'active_group_id')
This is a custom function that pulls the active group id from a user options table. If a user switches groups, this will be changed. My options model has three types 'app', 'user', 'group'.
It would be nice if I could figure out a function that works the same was as the native checkAccess but be called checkGroupAccess and automatically get the active_group_id and pull the user assignments from the group_access table and perform the permission check.
I hope this makes sense.
Thank you for your time.
Mike
** UPDATED **
So, I have a solution, that uses custom checkAccess functions to check for proper permissions on the group or global areas.
I have two tables (user_access, group_access) that have a similar schema to the default {{auth_assignment}} table, of which I am not using now. I am using the {{auth_item}}, {{auth_item_child}}, and {{auth_rule}} tables.
I have two models, one for each of the access tables GroupAccess => group_access, and UserAccess => user_access.
I also have a model for the access functions and have mapped it to the components configuration.
Here is my access model:
<?php
namespace app\models;
use Yii;
class Access
{
public function canUser($type, $permissionName, $params = [])
{
switch ($type) {
case 'group':
$userID = Yii::$app->user->identity->id;
$groupID = Yii::$app->options->getOption('user', 'active_group_id');
$queryAll = GroupAccess::find()
->where('user_id = :user_id and group_id = :group_id', [':user_id' => $userID, ':group_id' => $groupID])
->asArray()
->all();
$assignments = [];
foreach ($queryAll as $queryItem) {
$assignments[$queryItem['item_name']] = [
'userId' => $queryItem['user_id'],
'roleName' => $queryItem['item_name'],
'createdAt' => $queryItem['created_date'],
];
}
$result = self::checkAccess($userID, $permissionName, $assignments, $params);
return $result;
break;
case 'user':
$userID = Yii::$app->user->identity->id;
$queryAll = UserAccess::find()
->where(['user_id' => $userID])
->asArray()
->all();
$assignments = [];
foreach ($queryAll as $queryItem) {
$assignments[$queryItem['item_name']] = [
'userId' => $queryItem['user_id'],
'roleName' => $queryItem['item_name'],
'createdAt' => $queryItem['created_date'],
];
}
$result = self::checkAccess($userID, $permissionName, $assignments, $params);
return $result;
break;
}
}
public function checkAccess($userID, $permissionName, $assignments, $params = [])
{
$auth = Yii::$app->authManager;
$auth->loadFromCache();
if ($auth->items !== null) {
return $auth->checkAccessFromCache($userID, $permissionName, $params, $assignments);
} else {
return $auth->checkAccessRecursive($userID, $permissionName, $params, $assignments);
}
}
public function assign($type, $role, $userID = null, $groupID = null)
{
switch ($type) {
case 'group':
// clear existing assigments
self::revoke('group', $userID, $groupID);
$groupAccess = new GroupAccess();
$groupAccess->group_id = $groupID;
$groupAccess->user_id = $userID;
$groupAccess->item_name = $role;
$groupAccess->created_date = time();
return $groupAccess->save();
break;
case 'user':
// clear existing assignments
self::revoke('user', $userID);
$userAccess = new UserAccess();
$userAccess->user_id = $userID;
$userAccess->item_name = $role;
$userAccess->created_date = time();
return $userAccess->save();
break;
}
}
public function revoke($type, $userID, $groupID = null)
{
switch ($type) {
case 'group':
GroupAccess::deleteAll('user_id = :user_id and group_id = :group_id', [':user_id' => $userID, ':group_id' => $groupID]);
break;
case 'user':
UserAccess::deleteAll('user_id = :user_id', [':user_id' => $userID]);
break;
}
}
}
And here are some sample uses to access the functions:
// get the user option
echo Yii::$app->options->getOption('user', 'active_group_id');
// assign group role
Yii::$app->access->assign('group', 'group_creator', 22, 18);
// assign user role
Yii::$app->access->assign('user', 'app_user', 22);
// revoke group access
Yii::$app->access->revoke('group', 22, 18);
// revoke user access
Yii::$app->access->revoke('user', 22);
// test user permission
var_dump(Yii::$app->access->canUser('user', 'manage_app_settings'));
// test the group permission
var_dump(Yii::$app->access->canUser('group', 'manage_group_settings'));
In essence, I copied the checkAccess function from the DbManager and reworked it a little to check for user access based on group.
The only issue, is that I had to make a change to the actual source DbManager class to make the $items (property), checkAccessFromCache (function), and checkAccessRecursive (function) all public so they can be accessed outside of the class. The main drawback is updateability...
Any way around this?
Thanks.
Here is a working final solution.
So, another day, more refactoring.
My final solution uses the checkAccess function in the DbManager/ManagerInterface source files, but I added the $assignments parameter to be passed. The main issue is that I had to build my own assignments list for checking. Make sure you comment out the lines where the $assignments variable is set.
Here is my new access model:
<?php
namespace app\models;
use Yii;
class Access
{
public function canUser($type, $permissionName, $params = [])
{
$auth = Yii::$app->authManager;
switch ($type) {
case 'group':
$userID = Yii::$app->user->identity->id;
$groupID = Yii::$app->options->getOption('user', 'active_group_id');
$queryAll = GroupAccess::find()
->where('user_id = :user_id and group_id = :group_id', [':user_id' => $userID, ':group_id' => $groupID])
->asArray()
->all();
$assignments = [];
foreach ($queryAll as $queryItem) {
$assignments[$queryItem['item_name']] = [
'userId' => $queryItem['user_id'],
'roleName' => $queryItem['item_name'],
'createdAt' => $queryItem['created_date'],
];
}
$result = $auth->checkAccess($userID, $permissionName, $assignments, $params);
return $result;
break;
case 'user':
$userID = Yii::$app->user->identity->id;
$queryAll = UserAccess::find()
->where('user_id = :user_id', [':user_id' => $userID])
->asArray()
->all();
$assignments = [];
foreach ($queryAll as $queryItem) {
$assignments[$queryItem['item_name']] = [
'userId' => $queryItem['user_id'],
'roleName' => $queryItem['item_name'],
'createdAt' => $queryItem['created_date'],
];
}
$result = $auth->checkAccess($userID, $permissionName, $assignments, $params);
return $result;
break;
}
}
public function assign($type, $role, $userID = null, $groupID = null)
{
switch ($type) {
case 'group':
// clear existing assigments
self::revoke('group', $userID, $groupID);
$groupAccess = new GroupAccess();
$groupAccess->group_id = $groupID;
$groupAccess->user_id = $userID;
$groupAccess->item_name = $role;
$groupAccess->created_date = time();
return $groupAccess->save();
break;
case 'user':
// clear existing assignments
self::revoke('user', $userID);
$userAccess = new UserAccess();
$userAccess->user_id = $userID;
$userAccess->item_name = $role;
$userAccess->created_date = time();
return $userAccess->save();
break;
}
}
public function revoke($type, $userID, $groupID = null)
{
switch ($type) {
case 'group':
GroupAccess::deleteAll('user_id = :user_id and group_id = :group_id', [':user_id' => $userID, ':group_id' => $groupID]);
break;
case 'user':
UserAccess::deleteAll('user_id = :user_id', [':user_id' => $userID]);
break;
}
}
}
And here is the modified checkAccess function in DbManager:
public function checkAccess($userId, $permissionName, $assignments, $params = [])
{
//$assignments = $this->getAssignments($userId);
$this->loadFromCache();
if ($this->items !== null) {
return $this->checkAccessFromCache($userId, $permissionName, $params, $assignments);
} else {
return $this->checkAccessRecursive($userId, $permissionName, $params, $assignments);
}
}
And here is the modified checkAccess function in ManagerInterface.php:
public function checkAccess($userId, $permissionName, $assignments, $params = []);
I did not change the $items, checkAccessFromCache, and checkAccessRecursive functions to public from protected.
And here is my UserAccess model:
<?php
namespace app\models;
use Yii;
use yii\db\ActiveRecord;
/**
* This is the model class for table "app_user_access".
*
* #property integer $id
* #property integer $user_id
* #property string $item_name
* #property integer $created_date
*
* #property AppAuthItem $itemName
* #property AppUsers $user
*/
class UserAccess extends ActiveRecord
{
/**
* #inheritdoc
*/
public static function tableName()
{
return 'app_user_access';
}
/**
* #inheritdoc
*/
public function rules()
{
return [
[['user_id', 'item_name', 'created_date'], 'required'],
[['user_id', 'created_date'], 'integer'],
[['item_name'], 'string', 'max' => 64]
];
}
/**
* #inheritdoc
*/
public function attributeLabels()
{
return [
'id' => 'ID',
'user_id' => 'User ID',
'item_name' => 'Item Name',
'created_date' => 'Created Date',
];
}
/**
* #return \yii\db\ActiveQuery
*/
public function getItemName()
{
return $this->hasOne(AppAuthItem::className(), ['name' => 'item_name']);
}
/**
* #return \yii\db\ActiveQuery
*/
public function getUser()
{
return $this->hasOne(AppUsers::className(), ['id' => 'user_id']);
}
}
And here is the the GroupAccess Model:
<?php
namespace app\models;
use Yii;
use yii\db\ActiveRecord;
/**
* This is the model class for table "app_group_access".
*
* #property integer $id
* #property integer $group_id
* #property integer $user_id
* #property string $item_name
* #property integer $created_date
*
* #property AppUsers $user
* #property AppAuthItem $itemName
* #property AppGroups $group
*/
class GroupAccess extends ActiveRecord
{
/**
* #inheritdoc
*/
public static function tableName()
{
return 'app_group_access';
}
/**
* #inheritdoc
*/
public function rules()
{
return [
[['group_id', 'user_id', 'item_name', 'created_date'], 'required'],
[['group_id', 'user_id', 'created_date'], 'integer'],
[['item_name'], 'string', 'max' => 64]
];
}
/**
* #inheritdoc
*/
public function attributeLabels()
{
return [
'id' => 'ID',
'group_id' => 'Group ID',
'user_id' => 'User ID',
'item_name' => 'Item Name',
'created_date' => 'Created Date',
];
}
/**
* #return \yii\db\ActiveQuery
*/
public function getUser()
{
return $this->hasOne(AppUsers::className(), ['id' => 'user_id']);
}
/**
* #return \yii\db\ActiveQuery
*/
public function getItemName()
{
return $this->hasOne(AppAuthItem::className(), ['name' => 'item_name']);
}
/**
* #return \yii\db\ActiveQuery
*/
public function getGroup()
{
return $this->hasOne(AppGroups::className(), ['id' => 'group_id']);
}
}
And once again, some useful samples:
// assign group role
Yii::$app->access->assign('group', 'group_creator', 24, 20);
// assign user role
Yii::$app->access->assign('user', 'app_user', 24);
// revoke group
Yii::$app->access->revoke('group', 22, 18);
// revoke user
Yii::$app->access->revoke('user', 22);
// test user permission
var_dump(Yii::$app->access->canUser('user', 'manage_app_settings'));
// test the group permission
var_dump(Yii::$app->access->canUser('group', 'manage_group_settings'));
Related
I am trying to use or operator in my rest request Yii2 but I cannot succeed.
Everytime I have this error :
[
{
"field": "filter",
"message": "Operator \"or\" requires multiple operands."
}
]
I tested several things but nothing works.
I want to filter
statut=0 or statut=1
Do you know or I can do it ?
I tried to
http://url/api/tickets/gestions?filter[or][statut][statut]=[0,1]
But it does not work
Here's the method within controller that manage this request :
public function actionIndex()
{
return ActionsHelper::actionIndex(
$this->modelClass,
$this->modelClass . 'Search'
);
}
$this->modelClass is defined above and is equal to 'api\modules\tickets\models\TicketGestion';
Here is ActionsHelper::actionIndex
public function actionIndex($model, $searchModel = null, $moreFilter = null,
$pagination = false)
{
$filterCondition = null;
if ($searchModel) {
$filter = new ActiveDataFilter([
'searchModel' => $searchModel
]);
if ($filter->load(\Yii::$app->request->get())) {
$filterCondition = $filter->build();
if ($filterCondition === false) {
return $filter;
}
}
}
$query = $model::find();
if ($filterCondition !== null) {
$query->andWhere($filterCondition);
}
if ($moreFilter !== null) {
$query->andWhere($moreFilter);
}
if ($pagination !== false) {
$pagination = [
'pageSize' => 100
];
}
return new ActiveDataProvider([
'query' => $query,
'pagination' => $pagination
]);
}
Here's the search model, generated by Gii
<?php
namespace api\modules\tickets\models;
use Yii;
use yii\base\Model;
use yii\data\ActiveDataProvider;
use api\modules\tickets\models\TicketGestion;
/**
* TicketGestionSearch represents the model behind the search form of `api\modules\tickets\models\TicketGestion`.
*/
class TicketGestionSearch extends TicketGestion
{
/**
* {#inheritdoc}
*/
public function rules()
{
return [
[['id', 'priorite', 'quicree', 'quirea', 'statut', 'recurrentid', 'typerea', 'client'], 'integer'],
[['dispatch', 'service', 'type', 'sujet', 'datecrea', 'dateecheance', 'daterea'], 'safe'],
[['duree'], 'number'],
];
}
/**
* {#inheritdoc}
*/
public function scenarios()
{
// bypass scenarios() implementation in the parent class
return Model::scenarios();
}
/**
* Creates data provider instance with search query applied
*
* #param array $params
*
* #return ActiveDataProvider
*/
public function search($params)
{
$query = TicketGestion::find();
// add conditions that should always apply here
$dataProvider = new ActiveDataProvider([
'query' => $query,
]);
$this->load($params);
if (!$this->validate()) {
// uncomment the following line if you do not want to return any records when validation fails
// $query->where('0=1');
return $dataProvider;
}
if ($this->dispatch == 'null') {
$this->dispatch = 1;
}
// grid filtering conditions
$query->andFilterWhere([
'id' => $this->id,
'priorite' => $this->priorite,
'quicree' => $this->quicree,
'quirea' => $this->quirea,
'datecrea' => $this->datecrea,
'dateecheance' => $this->dateecheance,
'daterea' => $this->daterea,
'duree' => $this->duree,
'statut' => $this->statut,
'recurrentid' => $this->recurrentid,
'typerea' => $this->typerea,
'client' => $this->client,
]);
$query->andFilterWhere(['like', 'service', $this->service])
->andFilterWhere(['like', 'type', $this->type])
->andFilterWhere(['like', 'sujet', $this->sujet])
->andFilterWhere(['likes', 'dispatch', $this->dispatch]);
return $dataProvider;
}
}
You were on a right track, using ActiveDataFilter, but building arrays from get is done like this (example is from my controller):
http://localhost/ntb/web/index.php?r=assembly%2Findex&filter[or][0][status]=1004&filter[or][1][status]=1005&page=1&per-page=10
so for your example it should be like this:
http://url/api/tickets/gestions?filter[or][0][statut]=0&filter[or][1][statut]=1
This was the way to build a working 'or' filter for me.
I am new with Yii2, im trying to make sales transaction, but i have problem for dropdownlist in detail section.
for this module, i have 3 tables :
1. for header, table salesheader
2. for detail, table salesdetail
3. for item, table item
this is my code :
on controller :
public function actionUpdate($id)
{
$model = $this->findModel($id); //find appropriate record in salesheader
//$modeldetail = salesdetail::findModel($id);
$modeldetail = new salesdetail();
if ($model->load(Yii::$app->request->post()) && $model->save()) {
return $this->redirect(['index']);
} else {
$item = item::find()->select(["concat('[',code,'] - ', name) as item", "id"])->indexBy('id')->column();
$detail = salesdetail::find()->select(["*"])->all(); //find appropriate record in salesdetail
return $this->render('update', [
'model' => $model,
'modeldetail' => $modeldetail,
'item' => $item,
'detail' => $detail
]);
}
}
on salesheader model
namespace app\models;
use Yii;
class salesheader extends \yii\db\ActiveRecord
{
public static function tableName()
{
return 'salesheader';
}
public function rules()
{
return [
[['partnerId', 'date', 'term', 'name'], 'required'],
[['name', 'invNumber'], 'string'],
[['partnerId', 'term'], 'integer']
];
}
public function attributeLabels()
{
return [
'partnerId' => 'Customer',
'date' => 'Date',
'invNumber' => 'Inv. Number',
'term' => 'Term',
'name' => 'Name'
];
}
on salesdetail model
namespace app\models;
use Yii;
class salesdetail extends \yii\db\ActiveRecord
{
public static function tableName()
{
return 'salesdetail';
}
public function rules()
{
return [
[['itemId', 'qty', 'price'], 'required'],
[['unit'], 'string']
];
}
/**
* #inheritdoc
*/
public function attributeLabels()
{
return [
'itemId' => 'Item',
];
}
}
on my view
<?= $form->field($detail, 'itemId')->dropDownList($item)->label(false) ?>
and when open the page in browser, i got this error "Call to a member function isAttributeRequired() on a non-object"
and if i change this line on controller
//$modeldetail = salesdetail::findModel($id);
$modeldetail = new salesdetail();
to this one
$modeldetail = salesdetail::findModel($id);
//$modeldetail = new salesdetail();
then the error would be "Call to undefined method app\models\salesdetail::findModel()"
can somebody tell me what am i doing wrong ?
and how to get appropriate data from salesdetail based on salesheader and put it on dropdownlist ?
Thank you for ur help
I've a query to get mrp*rate from table productbatch upto 2 decimal point.
I've tried the following query Productbatch::find()->select('mrp, rate, round((mrp*rate),2) as rateval')->asArray()->one();
When I use only mrp*rate it gives the result but there's 6 or 7 digits after decimal. Please let me know how can I get the result upto 2 decimal points.
example
If I don't use round and if mrp = 32 and rate = 24.64, the result of mrp*rate it gives - 788.47998046875..
If I use Round as shown in the code it doesn't give the result.
What I want is - 788.48.
Productbatch Model
<?php
namespace frontend\modules\invoice\models;
use Yii;
/**
* This is the model class for table "productbatch".
*
* #property integer $itemid
* #property string $productname
* #property string $batchno
* #property string $mfgdate
* #property string $expdate
* #property double $mrp
* #property double $rate
*
* #property Productnames $productname0
*/
class Productbatch extends \yii\db\ActiveRecord
{
public $rateval;
/**
* #inheritdoc
*/
public static function tableName()
{
return 'productbatch';
}
/**
* #inheritdoc
*/
public function rules()
{
return [
[['batchno'], 'string'],
[['mfgdate', 'expdate'], 'safe'],
[['mrp', 'rate'], 'number'],
[['productname'], 'string', 'max' => 25],
[['productname'], 'exist', 'skipOnError' => true, 'targetClass' => Productnames::className(), 'targetAttribute' => ['productname' => 'productnames_productname']],
];
}
/**
* #inheritdoc
*/
public function attributeLabels()
{
return [
'itemid' => 'Itemid',
'productname' => 'Productname',
'batchno' => 'Batchno',
'mfgdate' => 'Mfgdate',
'expdate' => 'Expdate',
'mrp' => 'Mrp',
'rate' => 'Rate',
];
}
/**
* #return \yii\db\ActiveQuery
*/
public function getProductname0()
{
return $this->hasOne(Productnames::className(), ['productnames_productname' => 'productname']);
}
public static function getBatchNo($cat_id)
{
$out = [];
$data = Productbatch::find()
->where(['productname' => $cat_id])
->orDerBy([
'expdate'=>SORT_DESC,
])
->limit(5)
->asArray()
->all();
foreach ($data as $dat) {
$out[] = ['id' => $dat['batchno'], 'name' => $dat['batchno']];
}
return $output = [
'output' => $out,
'selected' => ''
];
}
public static function getItemdetails($cat_id, $subcat_id)
{
$out = [];
$data = Productbatch::find()
->where(['productname' => $cat_id])
->andWhere(['batchno' => $subcat_id])
->orDerBy([
'expdate'=>SORT_DESC,
])
->limit(5)
->asArray()
->all();
foreach ($data as $dat) {
$out[] = ['id' => $dat['itemid'], 'name' => $dat['itemid']];
}
return $output = [
'output' => $out,
'selected' => ''
];
}
// public static function getItemdetails($cat_id, $subcat_id)
// {
// $out = [];
// $data = Productbatch::find()
// ->where(['productname' => $cat_id])
// ->andWhere(['batchno' => $subcat_id])
// ->orDerBy([
// 'expdate'=>SORT_DESC,
// ])
// ->limit(5)
// ->asArray()
// ->all();
// foreach ($data as $dat) {
// $out[] = ['id' => $dat['itemid'], 'name' => $dat['itemid']];
// }
// return $output = [
// 'output' => $out,
// 'selected' => ''
// ];
// }
}
Controller Action -
public function actionGetForItemid($prodname , $batchno)
{
$item = Productbatch::find()->joinWith(['productname0'])->joinWith(['productname0', 'productname0.hsncode'])->select('max(itemid) as itemid, expdate, mrp,rate, productname, batchno, round(rate*mrp,2) as rateval')->where(['productname'=>$prodname])->andWhere(['batchno'=>$batchno])->asArray()->one();
echo Json::encode($item);
}
Javascript that is calling the controller action -
<?php
/* start getting the itemid */
$script = <<< JS
function getItemID(item) {
var index = item.attr("id").replace(/[^0-9.]/g, "");
var batch = product = 0;
var id = item.attr("id");
var myString = id.split("-").pop();
if (myString == "productname") {
fetch = index.concat("-batchno");
product = item.val();
batch = $("#productsales-"+fetch+"").val();
} else {
fetch = index.concat("-productname");
batch = item.val();
product = $("#productsales-"+fetch+"").val();
}
$.get('index.php?r=invoice/bills/get-for-itemid',{ prodname : product,batchno : batch}, function(data){
alert(data);
var data = $.parseJSON(data);
var getItemid = data;
itemID = "productsales-".concat(index).concat("-itemid");
$("#"+itemID+"").val(getItemid["itemid"]);
expDate = "productsales-".concat(index).concat("-expdate");
$("#"+expDate+"").val(getItemid["expdate"]);
mRP = "productsales-".concat(index).concat("-mrp");
$("#"+mRP+"").val(getItemid["mrp"]);
rATE = "productsales-".concat(index).concat("-rate");
$("#"+rATE+"").val(getItemid["rateval"]);
});
}
JS;
$this->registerJs($script, View::POS_END);
/* end getting the itemid */
?>
Form fields that is being populated -
<?= $form->field($modelsProductsales, "[{$i}]rate")->label(false)->textInput(['maxlength' => true,'class' => 'rate','placeholder' => 'Rate']) ?>
Be sure your Productbatch model has a publica var rateval
class Productbatch extends \yii\db\ActiveRecord
{
public $rateval
...
and then you can refer to the rateval content in you views using
$model->rateval;
OR do the fact you have the result not rounded whet you use mrp*rate
a simple solution could be round in javascript
Math.round(num * 100) / 100
and in your case
$("#"+rATE+"").val( Math.round( getItemid["rateval"]*100)/100 );
Am using yii2 can i get an extension which has a physical interface for managing role based user access (R.B.A.C.).
I have tried using
mdmsoft, dektrium, yii rbac plus but none has any explanation of how
to set up a physical one
I have create a physical interface for managing role based user simply using gii based on the tables provided by the defualt RBAC model provided by Yii2 and extendig the related action for inserting the proper value for assignments, roles, item and item_child. ..
eg: for create Assignments
public function actionCreate()
{
$model = new AuthAssignment();
$auth = Yii::$app->authManager;
if ($model->load(Yii::$app->request->post()) ) {
$auth->assign($auth->getRole($model->item_name), $model->user_id);
return $this->redirect(['view', 'item_name' => $model->item_name, 'user_id' => $model->user_id]);
} else {
return $this->render('create', [
'model' => $model,
]);
}
}
and for create Item
public function actionCreate()
{
$model = new AuthItem();
$auth = Yii::$app->authManager;
if ($model->load(Yii::$app->request->post())) {
switch ($model->type) {
case AuthItem::TYPE_ROLE : // 1 = TYPE_ROLE
$role = $auth->createRole($model->name);
$role->data = $model->data;
//$role->ruleName = $model->rule_name;
$role->description = $model->description;
//$role->type = $model->type;
$auth->add($role);
break;
case AuthItem::TYPE_PERMISSION : // 2 = TYPE_PERMISSION
$permission = $auth->createPermission($model->name);
$permission->data = $model->data;
//$permission->ruleName = $model->rule_name;
$permission->description = $model->description;
//$permission->type = $model->type;
$auth->add($permission);
break;
default:
break;
}
return $this->redirect(['view', 'id' => $model->name]);
} else {
return $this->render('create', [
'model' => $model,
]);
}
}
Getting error when I am trying to create dynamic form in using yii2-dynamicform. at the time of create method it is working fine but at the time of update showing the error. I have two tables one is
1.vendors &
2.vendors_more_categories
Relation is 1-* between vendors & vendors_more_categories I just refereed https://github.com/wbraganca/yii2-dynamicform this link.
<?php
namespace app\controllers;
namespace backend\controllers;
use Yii;
use app\models\Vendors;
use app\models\VendorsSearch;
use yii\web\Controller;
use yii\web\NotFoundHttpException;
use yii\filters\VerbFilter;
use yii\web\UploadedFile;
use yii\filters\AccessControl;
use app\models\VendorsMoreCategories;
use backend\models\Model;
use yii\web\Response;
use yii\widgets\ActiveForm;
use yii\helpers\ArrayHelper;
/**
* VendorsController implements the CRUD actions for Vendors model.
*/
class VendorsController extends Controller
{
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'only' => ['index','create', 'update', 'delete'],
'rules' => [
[
'actions' => ['index','create', 'update', 'delete'],
'allow' => true,
'roles' => ['#'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'delete' => ['post'],
],
],
];
}
/**
* Lists all Vendors models.
* #return mixed
*/
public function actionIndex()
{
$searchModel = new VendorsSearch();
$dataProvider = $searchModel->search(Yii::$app->request->queryParams);
return $this->render('index', [
'searchModel' => $searchModel,
'dataProvider' => $dataProvider,
]);
}
/**
* Displays a single Vendors model.
* #param integer $id
* #return mixed
*/
public function actionView($id)
{
return $this->render('view', [
'model' => $this->findModel($id),
]);
}
/**
* Creates a new Vendors model.
* If creation is successful, the browser will be redirected to the 'view' page.
* #return mixed
*/
public function actionCreate()
{
$model = new Vendors();
$modelsVendorsMoreCategories = [new VendorsMoreCategories];
if($model->load(Yii::$app->request->post())){
$modelsVendorsMoreCategories = Model::createMultiple(VendorsMoreCategories::classname());
Model::loadMultiple($modelsVendorsMoreCategories, Yii::$app->request->post());
// validate all models
$valid = $model->validate();
$valid = Model::validateMultiple($modelsVendorsMoreCategories) && $valid;
if ($valid) {
$transaction = \Yii::$app->db->beginTransaction();
try {
if ($flag = $model->save(false)) {
foreach ($modelsVendorsMoreCategories as $modelVendorsMoreCategories) {
$modelVendorsMoreCategories->vmc_ven_id = $model->ven_id;
if (! ($flag = $modelVendorsMoreCategories->save(false))) {
$transaction->rollBack();
break;
}
}
}
if ($flag) {
$transaction->commit();
$model->file = UploadedFile::getInstance($model, 'file');
$save_file = '';
if($model->file){
$imagename = Vendors::find()->orderBy('ven_id DESC')->one();
$imagename=$imagename->ven_id+1;
$imagepath = 'images/imgvendors/'; // Create folder under web/uploads/logo
$model->ven_business_logo = $imagepath.$imagename.'.'.$model->file->extension;
$save_file = 1;
}
if ($model->save(false)) {
if($save_file){
$model->file->saveAs($model->ven_business_logo);
}
return $this->redirect(['view', 'id' => $model->ven_id]);
}
}
} catch (Exception $e) {
$transaction->rollBack();
}
}
}else {
return $this->render('create', [
'model' => $model,
'modelsVendorsMoreCategories' => (empty($modelsVendorsMoreCategories)) ? [new VendorsMoreCategories] : $modelsVendorsMoreCategories
]);
}
}
/**
* Updates an existing Vendors model.
* If update is successful, the browser will be redirected to the 'view' page.
* #param integer $id
* #return mixed
*/
public function actionUpdate($id)
{
$model = $this->findModel($id);
//print_r($model->attributes);
$modelsVendorsMoreCategories = $model->ven_id;
if($model->load(Yii::$app->request->post())){
$oldIDs = ArrayHelper::map($modelsVendorsMoreCategories, 'id', 'id');
$modelsVendorsMoreCategories = Model::createMultiple(VendorsMoreCategories::classname(), $modelsVendorsMoreCategories);
Model::loadMultiple($modelsVendorsMoreCategories, Yii::$app->request->post());
$deletedIDs = array_diff($oldIDs, array_filter(ArrayHelper::map($modelsVendorsMoreCategories, 'id', 'id')));
// validate all models
$valid = $model->validate();
$valid = Model::validateMultiple($modelsVendorsMoreCategories) && $valid;
if ($valid) {
$transaction = \Yii::$app->db->beginTransaction();
try {
if ($flag = $model->save(false)) {
if (! empty($deletedIDs)) {
Address::deleteAll(['id' => $deletedIDs]);
}
foreach ($modelsVendorsMoreCategories as $modelVendorsMoreCategories) {
$modelVendorsMoreCategories->vmc_ven_id = $model->ven_id;
if (! ($flag = $modelVendorsMoreCategories->save(false))) {
$transaction->rollBack();
break;
}
}
}
if ($flag) {
$transaction->commit();
$model->file = UploadedFile::getInstance($model, 'file');
$save_file = '';
if($model->file){
$imagepath = 'images/imgvendors/'; // Create folder under web/uploads/logo
$model->ven_business_logo = $imagepath.$model->ven_id.'.'.$model->file->extension;
$save_file = 1;
}
if ($model->save(false)) {
if($save_file){
$model->file->saveAs($model->ven_business_logo);
}
return $this->redirect(['view', 'id' => $model->ven_id]);
}
}
} catch (Exception $e) {
$transaction->rollBack();
}
}
}else {
return $this->render('update', [
'model' => $model,
'modelsVendorsMoreCategories' => (empty($modelsVendorsMoreCategories)) ? [new VendorsMoreCategories] : $modelsVendorsMoreCategories
]);
}
}
/**
* Deletes an existing Vendors model.
* If deletion is successful, the browser will be redirected to the 'index' page.
* #param integer $id
* #return mixed
*/
public function actionDelete($id)
{
$this->findModel($id)->delete();
return $this->redirect(['index']);
}
/**
* Finds the Vendors model based on its primary key value.
* If the model is not found, a 404 HTTP exception will be thrown.
* #param integer $id
* #return Vendors the loaded model
* #throws NotFoundHttpException if the model cannot be found
*/
protected function findModel($id)
{
if (($model = Vendors::findOne($id)) !== null) {
return $model;
} else {
throw new NotFoundHttpException('The requested page does not exist.');
}
}
//Function used for deleting the images
public function actionDeleteimg($id, $field)
{
$img = $this->findModel($id)->$field;
if($img){
if (!unlink($img)) {
return false;
}
}
$img = $this->findModel($id);
$img->$field = NULL;
$img->update();
return $this->redirect(['update', 'id' => $id]);
}
//Function used for getting more sub categories for vendor
public function actionGetSubCategories()
{
$mbcid=$_GET['ven_main_category_id'];
$sbcid=$_GET['ven_sub_category_id'];
echo $mbcid;
}
public function actionLists($id)
{
$countVendors = Vendors::find()->where(['ven_contact_person_id' => $id])->count();
$vendors = Vendors::find()->where(['ven_contact_person_id' => $id])->all();
if ($countVendors > 0) {
foreach ($vendors as $vendor) {
echo "<option value='" . $vendor->ven_id . "'>" . $vendor->ven_company_name . "</option>";
}
} else {
echo "<option></option>";
}
}
}
You accessing modelsVendorsMoreCategories[0] (as an element of an array )
'model'=> $modelsVendorsMoreCategories[0],
in your DinamicForm widget but when you update the model you pass as $modelsVendorsMoreCategories this value
$modelsVendorsMoreCategories = $model->ven_id;
(don't seems an array, you must be sure this object contain an array with a proper element in 0 index))
'modelsVendorsMoreCategories' => (empty($modelsVendorsMoreCategories)) ?
[new VendorsMoreCategories] : $modelsVendorsMoreCategories
]);
$modelsVendorsMoreCategories should contain the VendorsMoreCategories model in actionUpdate method. In this code ($modelsVendorsMoreCategories = $model->ven_id) $modelsVendorsMoreCategories contains $model->ven_id. It is an integer value, not the VendorsMoreCategories object.
The Vendors model should contain a relation on the VendorsMoreCategories model:
class Vendors extends \yii\db\ActiveRecord
{
....
public function getVendorsMoreCategories()
{
return $this->hasMany(VendorsMoreCategories::className(), 'vendor_id'=>'id']);
}
}
And then, you should use that relation in your actionUpdate method:
$model = $this->findModel($id);
$modelsVendorsMoreCategories = $model->vendorsMoreCategories;
if(!$modelsVendorsMoreCategories) {
$modelsVendorsMoreCategories = [new VendorsMoreCategories];
}
In your actionUpdate you have:
$modelsVendorsMoreCategories = $model->ven_id;
But you should have:
$modelsVendorsMoreCategories = $model->nameOfMyRelation;
To get what's the real name, go in your $model, and look for something like:
/**
* #return \yii\db\ActiveQuery
*/
public function getNameOfMyRelation()
{
return $this->hasMany(VendorsMoreCategories::className(), ['ven_id' => 'id']);
}
If you don't have any function making the relation of this two tables, write one. If you having trouble doing that, you can always use the gii's model generator and check the Vendors model (you dont need to replace it, just preview the code).
Check your create.php file in view folder, pass required variable on
_form.php file from here as:-
<?= $this->render('_form', [
'model' => $model,
'modelsAddress' => $modelsAddress,
]) ?>
Check Your create file in view folder:
Controller:
Controller pass the parameter into create.php
return $this->render('create', [
'model' => $model,
'modelsVendorsMoreCategories' => (empty($modelsVendorsMoreCategories)) ? [new VendorsMoreCategories] : $modelsVendorsMoreCategories
]);
View:create.php
If You miss the parameter: 'modelsVendorsMoreCategories' =>$modelsVendorsMoreCategories.
It shows the Undefined variable error in _form.php page.
<?= $this->render('_form', [
'model' => $model,
'modelsVendorsMoreCategories' =>$modelsVendorsMoreCategories
])?>
View:_form.php
$modelsVendorsMoreCategories[0];
the paramater not passing before now it passing.