File: /home/aliazzsr/api.crm.vqode.com/components/actions/PermissionsAction.php
<?php
namespace app\components\actions;
use app\components\BaseModel;
use app\models\core\Permission;
use app\models\core\RolePermission;
use yii\helpers\Json;
use yii\rest\Action;
use yii\web\MethodNotAllowedHttpException;
use yii\web\NotFoundHttpException;
use yii\web\ServerErrorHttpException;
use yii\web\UnprocessableEntityHttpException;
/**
* Class PermissionsAction
* @package app\components\actions
* @todo refactoring require
*/
class PermissionsAction extends Action
{
/**
* Validates model attributes passed.
* @param integer $id
* @return array
* @throws MethodNotAllowedHttpException
* @throws NotFoundHttpException
* @throws \Exception
*/
public function run($id)
{
/** @var BaseModel $model */
$model = $this->findModel($id);
if(!$model) {
throw new NotFoundHttpException();
}
if ($this->checkAccess) {
call_user_func($this->checkAccess, $this->id, $model);
}
switch(\Yii::$app->request->getMethod()) {
case 'GET':
$result = $this->getPermissions($id);
break;
case 'PUT':
$result = $this->putPermissions($id);
break;
default:
throw new MethodNotAllowedHttpException();
}
return $result;
}
protected function getPermissions($roleId)
{
$result = [];
$permissions = RolePermission::findAll(['role_id' => $roleId]);
$rolePermissions = [];
foreach ($permissions as $permission) {
$rolePermissions[$permission->permission_name] = [
'permission_name' => $permission->permission_name,
'create' => $permission->create,
'read' => $permission->read,
'update' => $permission->update,
'delete' => $permission->delete,
];
}
// all permissions
foreach (Permission::find()->all() as $permission) {
if (isset($rolePermissions[$permission->name])) {
$result[] = $rolePermissions[$permission->name];
} else {
$result[] = [
'permission_name' => $permission->name,
'create' => false,
'read' => false,
'update' => false,
'delete' => false,
];
}
}
return $result;
}
/**
* @param $roleId
* @return array
* @throws \Exception
*/
protected function putPermissions($roleId)
{
$tran = \Yii::$app->db->beginTransaction();
try {
$request = Json::decode(\Yii::$app->request->getRawBody());
RolePermission::deleteAll(['role_id' => $roleId]);
foreach ($request as $item) {
$permission = new RolePermission(['role_id' => $roleId]);
$permission->setAttributes($item);
if (!$permission->validate()) {
throw new UnprocessableEntityHttpException();
}
if (!$permission->save(false)) {
throw new ServerErrorHttpException();
}
}
$tran->commit();
} catch (UnprocessableEntityHttpException $e) {
$tran->rollBack();
throw new UnprocessableEntityHttpException();
} catch (\Exception $e) {
$tran->rollBack();
throw new ServerErrorHttpException();
}
return $this->getPermissions($roleId);
}
}