I am currently working in yii, I have designed a user module which consists user registraion, user login & change password rule.
for these three process I have designed only one model i.e. user model. in this model I have defined a rule:
array('email, password, bus_name, bus_type', 'required'),
This rule is valid for actionRegister. but now I want to define a new required rule for actionChangePassword,
array('password, conf_password', 'required'),
How can I define rule for this action ?
Rules can be associated with scenarios. A certain rule will only be used if the model's current scenario property says it should.
Sample model code:
class User extends CActiveRecord {
const SCENARIO_CHANGE_PASSWORD = 'change-password';
public function rules() {
return array(
array('password, conf_password', 'required', 'on' => self::SCENARIO_CHANGE_PASSWORD),
);
}
}
Sample controller code:
public function actionChangePassword() {
$model = $this->loadModel(); // load the current user model somehow
$model->scenario = User::SCENARIO_CHANGE_PASSWORD; // set matching scenario
if(Yii::app()->request->isPostRequest && isset($_POST['User'])) {
$model->attributes = $_POST['User'];
if($model->save()) {
// success message, redirect and terminate request
}
// otherwise, fallthrough to displaying the form with errors intact
}
$this->render('change-password', array(
'model' => $model,
));
}
Related
I have a very simple scenario where I'm receiving a list of Variance Positions from the end user. To be able to validate the structure of the input, I created the following model for the single item that I should receive:
class VariancePositionsForm extends Model{
public $id;
public $position;
public function rules()
{
return [
[['id','position'], 'required'],
[['id', 'position'], 'integer'],
];
}
}
And in the controller, I have the following:
$variancePositions = [];
for($i=0;$i<sizeof(Yii::$app->request->post());$i++)
{
$variancePositions[] = new VariancePositionsForm();
}
VariancePositionsForm::loadMultiple($variancePositions, Yii::$app->request->post());
When I try to var_dump($variancePositions) however, I'm finding that its empty. In other words, loadMultiple() is not loading the models. What am I doing wrong?
Because you don't load the model from the form, only from json you have to add an empty string into the last parameter in this function:
VariancePositionsForm::loadMultiple($variancePositions, Yii::$app->request->post(), '');
look here:
https://github.com/yiisoft/yii2/blob/master/framework/base/Model.php#L884
I have a model Printer, a model Category, and a model for the relation between the two models CategoryPrinterRel
In the CategoryPrinterRel model I need a unique validator between the $category_id, and the client of the printer $printer->client_id
Up till now I have tried
public function rules()
{
[['category_id', $this->printer->client_id], 'unique', 'targetAttribute' => ['category_id']]
}
Is there any other way to do this though?
The problem with the method I'm using is that when the printer object is empty, trying $this->printer->client_id gives an error
I was looking for something more elegant, or built in. For now I have opted for a custom validator however. In the model:
public function rules()
{
return [
[['category_id', 'printer_id'], 'integer'],
[['printer_id', 'category_id'], 'required'],
[['cat_id'],'validateUniquenessOnClient']
];
}
public function validateUniquenessOnClient($attribute, $params, $validator)
{
$isPrinterUniqueOnClient = DbPrinterRepository::IsPrinterCatRelUniqueOnClient($this->category_id, $this->printer_id);
if(!$isPrinterGroupUniqueOnClient)
{
$this->addError($attribute, "There is already a printer using that category ({$this->cat->name}).");
}
}
I have two tables, business and review business, in review business I have user_id, business_id,rating and review field. I want to write a review, for that purpose, I need rating and review fields from the review business table, and I want to show them in a view of business which I called (user_business.php). I successfully bring the rating and review field from the review_business table, and user is able to give his review, but the thing is the data is not saving in the review business model. I am posting my code, please find the error.
This is my business controller.
<?php
class BusinessController extends RController
{
/**
* #var string the default layout for the views. Defaults to '//layouts/column2', meaning
* using two-column layout. See 'protected/views/layouts/column2.php'.
*/
public $layout='//layouts/admin';
/**
* #return array action filters
*/
public function filters()
{
return array(
// 'accessControl', // perform access control for CRUD operations
// 'postOnly + delete', // we only allow deletion via POST request
'rights',
);
}
/**
* Specifies the access control rules.
* This method is used by the 'accessControl' filter.
* #return array access control rules
*/
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('index','view'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update'),
'users'=>array('#'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('admin','delete'),
'users'=>array('admin'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
/**
* Displays a particular model.
* #param integer $id the ID of the model to be displayed
*/
public function actionView($id)
{
$this->render('view',array(
'model'=>$this->loadModel($id),
));
}
public function actionUserbusiness($id) // this is userbusiness
{
//render main layout
$this->layout='main';
$model2 = new ReviewBusiness(); getting fields of review business
$this->render('userbusiness',array(
'model'=>$this->loadModel($id),
'reviewmodel'=>$model2
));
}
/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
*/
public function actionCreate()
{
$model=new Business;
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['Business']))
{
$rnd = rand(0, 9999); // generate random number between 0-9999
$model->attributes = $_POST['Business'];
$uploadedFile = CUploadedFile::getInstance($model, 'image');
$fileName = "{$rnd}-{$uploadedFile}"; // random number + file name
$model->image = $fileName;
if ($model->save()) {
$uploadedFile->saveAs(Yii::app()->basePath . '/../img/' . $fileName);
$this->redirect(array('view', 'id' => $model->id));
}
}
$this->render('create', array(
'model' => $model,
));
}
/**
* Updates a particular model.
* If update is successful, the browser will be redirected to the 'view' page.
* #param integer $id the ID of the model to be updated
*/
public function actionUpdate($id)
{
$model=$this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['Business']))
{
//$model->attributes=$_POST['Business'];
$_POST['Business']['image'] = $model->image;
$model->attributes=$_POST['Business'];
$uploadedFile=CUploadedFile::getInstance($model,'image');
if($model->save())
{ if(!empty($uploadedFile)) // check if uploaded file is set or not
{
$uploadedFile->saveAs(Yii::app()->basePath.'/../img/'.$model->image);
}
$this->redirect(array('view','id'=>$model->id));
}
}
$this->render('update',array(
'model'=>$model,
));
}
/**
* Deletes a particular model.
* If deletion is successful, the browser will be redirected to the 'admin' page.
* #param integer $id the ID of the model to be deleted
*/
public function actionDelete($id)
{
if(Yii::app()->request->isPostRequest)
{
// we only allow deletion via POST request
$this->loadModel($id)->delete();
// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
if(!isset($_GET['ajax']))
$this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin'));
}
else
throw new CHttpException(400,'Invalid request. Please do not repeat this request again.');
}
/**
* Lists all models.
*/
public function actionIndex()
{
$dataProvider=new CActiveDataProvider('Business');
$this->render('index',array(
'dataProvider'=>$dataProvider,
));
}
/**
* Manages all models.
*/
public function actionAdmin()
{
$model=new Business('search');
$model->unsetAttributes(); // clear any default values
if(isset($_GET['Business']))
$model->attributes=$_GET['Business'];
$this->render('admin',array(
'model'=>$model,
));
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* #param integer $id the ID of the model to be loaded
* #return Business the loaded model
* #throws CHttpException
*/
public function loadModel($id)
{
$model=Business::model()->findByPk($id);
if($model===null)
throw new CHttpException(404,'The requested page does not exist.');
return $model;
}
/**
* Performs the AJAX validation.
* #param Business $model the model to be validated
*/
protected function performAjaxValidation($model)
{
if(isset($_POST['ajax']) && $_POST['ajax']==='business-form')
{
echo CActiveForm::validate($model);
Yii::app()->end();
}
}
}
Now view of userbusiness is given below. Oh and I am using dzraty extension for rating.
<?php $form=$this->beginWidget('bootstrap.widgets.BsActiveForm', array(
'id'=>'review-business-form',
// Please note: When you enable ajax validation, make sure the corresponding
// controller action is handling ajax validation correctly.
// There is a call to performAjaxValidation() commented in generated controller code.
// See class documentation of CActiveForm for details on this.
'enableAjaxValidation'=>false,
)); ?>
<?php
$this->widget('ext.DzRaty.DzRaty', array(
'model' => $reviewmodel,
'attribute' => 'rating',
)); ?>
</ul>
</div>
<div class="form-group">
<label>Review Text</label>
<?php echo $form->textarea($reviewmodel,'review',array('maxlength'=>500)); ?>
</div>
<?php echo BsHtml::submitButton('Submit', array('color' => BsHtml::BUTTON_COLOR_PRIMARY)); ?>
<?php $this->endWidget(); ?>
Is there a way to restrict view based on user's input in model in the controller?
I want to hide/show their own page based on their own choice.
profile_hide_show with values of 'p'=>public, 'f'=>friends, and 'm'=>me
public function accessRules()
{
return array(
array('allow',
'actions'=>array('view'),
'users'=>array('?'), //?based on user's selection in model,
),
);
}
The Yii access control allows you to perform basic control before descending into the local methods of the controller.
You can enable access control by using the 'expression' attribute of an access control list. For example :
public function accessRules(){
$owner_id = $this->loadModel()->owner_id;
return array(
array('allow',
'actions'=>array('action1'),
'expression'=>"{$user->id}=={$owner_id}",
),
array('allow',
'actions'=>array('action2'),
'expression'=>'(Yii::app()->user->id == ($_GET[\'id\']))',
),
array('allow',
'actions'=>array('action3'),
'expression'=>'"Yii::app()->controller->isEnabledByUser()',
)
);
}
If you see the expression for action3, you will see you can call functions that will return a true/false value that will be evaluated by the expression attribute.
public function isEnabledByUser(){
$user_id = Yii::app()->user->id;
$user = User::model()->findByPk($user_id);
if ($user->show_my_page == 'Y')
return true;
else
return false;
}
References
How to view data only made by the user?
Do this check in the action or loadModel function. You cannot access a model in the accessRules.
public function loadModel($id) {
$type = modelname();
$class = CActiveRecord::model($type);
$model = $class->findByPk($id);
if($model === null)
throw new CHttpException(404, 'The requested page does not exist.');
if($model->profile_hide_show != 'p')
throw new CHttpException(404, 'You cannot view this profile.');
return $model;
}
I am a newbie to yii. I have stuck my mind with yii-tutorials for creating roles in yii. but I am not getting how can I create role in yii. means I want to create two roles admin & staff and I want to give different priviliage to them.
I have created a role in user table, but I am not getting that how can I create a role and can assign priviliages to them, please help me guys
Thanks in advance
In your copenents/UserIdentity.php
class UserIdentity extends CUserIdentity{
private $_id;
public function authenticate()
{
$record=Members::model()->findByAttributes(array('username'=>trim($this->username)));
if($record===null)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if($record->password!==md5(trim($this->password)))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
$this->_id=$record->id;
$this->setState('username', $record->username);
$this->setState('name', $record->name);
$this->setState('type', $record->role);
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}
public function getId()
{
return $this->_id;
}
public function setId($id)
{
$this->_id = $id;
}
}
You can create a new column name as "role". set the members type "admin" or "staff" to role column.
Be careful to that line.
$this->setState('type', $record->role);
Create a new helper file. /protected/helpers/RoleHelper.php
class RoleHelper {
public static function GetRole(){
if (Yii::app()->user->type == "admin"){
//set the actions which admin can access
$actionlist = "'index','view','create','update','admin','delete'";
}
elseif (Yii::app()->user->type = "staff"){
//set the actions which staff can access
$actionlist = "'index','view','create','update'";
}
else {
$actionlist = "'index','view'";
}
return $actionlist;
}
}
and in your controllers -> accessRules function
public function accessRules()
{
return array(
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array(RoleHelper::GetRole()),
'users'=>array('#'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
and dont forget to add 'application.helpers.*' to /config/main.php
'import'=>array(
'application.models.*',
'application.components.*',
'application.helpers.*',
),
This source is pretty good specially for beginners..I am using this method till now:
Simple RBAC in YII
Just follow the instructions given while having your desired modifications.
Concrete Example:
WebUser.php (/components/WebUser.php)
<?php
class WebUser extends CWebUser
{
/**
* Overrides a Yii method that is used for roles in controllers (accessRules).
*
* #param string $operation Name of the operation required (here, a role).
* #param mixed $params (opt) Parameters for this operation, usually the object to access.
* #return bool Permission granted?
*/
public function checkAccess($operation, $params=array())
{
if (empty($this->id)) {
// Not identified => no rights
return false;
}
$role = $this->getState("evalRoles");
if ($role === 'SuperAdmin') {
return 'SuperAdmin'; // admin role has access to everything
}
if ($role === 'Administrator') {
return 'Administrator'; // admin role has access to everything
}
if ($role === 'Professor') {
return 'Professor'; //Regular Teaching Professor, has limited access
}
// allow access if the operation request is the current user's role
return ($operation === $role);
}
}
Just connect it with your components/UserIdentity.php and config/main.php:
'components' => array(
// ...
'user' => array(
'class' => 'WebUser',
),
and thats it..
to check the role of the logged in:
Yii::app->checkAccess("roles");
where checkAccess is the name of your function in WebUser...
Please note that evalRoles is a column in your table that will supply the role of an account (on my link provided, that would be the word roles used in the major part snippet)