Administrator / test_3

Commit 0c0cdc9d8f8c78c073c1ecb427c2031ee5bc5cc9

Authored by Yarik
1 parent 2f324895

test

Showing 6 changed files with 73 additions and 14 deletions   Show diff stats
Inline Side-by-side
common/config/main.php
  Show/Hide comments   View file @0c0cdc9
@@ -146,6 +146,7 @@ @@ -146,6 +146,7 @@
146 // ], 146 // ],
147 'authManager' => [ 147 'authManager' => [
148 'class' => 'yii\rbac\DbManager', 148 'class' => 'yii\rbac\DbManager',
  149 + 'defaultRoles' => ['USER'],
149 ], 150 ],
150 151
151 //подключаем конфигурации API соц сетей для авторизации 152 //подключаем конфигурации API соц сетей для авторизации
common/modules/comment/Controller.php
  Show/Hide comments   View file @0c0cdc9
@@ -19,6 +19,10 @@ @@ -19,6 +19,10 @@
19 { 19 {
20 \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON; 20 \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;
21 $post = \Yii::$app->request->post('Comment'); 21 $post = \Yii::$app->request->post('Comment');
  22 + $get = \Yii::$app->request->get();
  23 + if(empty($post['comment_id']) && !empty($get['comment_id'])) {
  24 + $post['comment_id'] = $get['comment_id'];
  25 + }
22 if(!empty($post['comment_id'])) { 26 if(!empty($post['comment_id'])) {
23 if($model = \common\modules\comment\models\Comment::findOne($post['comment_id'])) { 27 if($model = \common\modules\comment\models\Comment::findOne($post['comment_id'])) {
24 /** 28 /**
common/modules/comment/models/Comment.php
  Show/Hide comments   View file @0c0cdc9
@@ -3,6 +3,7 @@ @@ -3,6 +3,7 @@
3 3
4 use common\models\User; 4 use common\models\User;
5 use yii\db\ActiveQuery; 5 use yii\db\ActiveQuery;
  6 + use yii\helpers\Url;
6 7
7 /** 8 /**
8 * Class Comment 9 * Class Comment
@@ -40,6 +41,8 @@ @@ -40,6 +41,8 @@
40 */ 41 */
41 public $guestComment = true; 42 public $guestComment = true;
42 43
  44 + public $buttons = [ ];
  45 +
43 public function rules() 46 public function rules()
44 { 47 {
45 return [ 48 return [
@@ -176,7 +179,8 @@ @@ -176,7 +179,8 @@
176 'comment.model' => $model, 179 'comment.model' => $model,
177 'comment.model_id' => $model_id, 180 'comment.model_id' => $model_id,
178 'comment.status' => 1, 181 'comment.status' => 1,
179 - ])->with('rating'); 182 + ])
  183 + ->with('rating');
180 } 184 }
181 185
182 public function postComment() 186 public function postComment()
@@ -221,15 +225,24 @@ @@ -221,15 +225,24 @@
221 $this->addError('comment_id', 'Comment ID not found'); 225 $this->addError('comment_id', 'Comment ID not found');
222 return false; 226 return false;
223 } else { 227 } else {
224 - if($this->status == self::STATUS_DELETED) {  
225 - return false;  
226 - }  
227 - $this->status = self::STATUS_DELETED;  
228 - if($this->update()) {  
229 - $this->clearSafe();  
230 - return true; 228 + if($this->user_id == \Yii::$app->user->id) {
  229 + if($this->delete()) {
  230 + return true;
  231 + } else {
  232 + $this->addError('comment_id', 'Can\'t delete post.');
  233 + return false;
  234 + }
231 } else { 235 } else {
232 - return false; 236 + if($this->status == self::STATUS_DELETED) {
  237 + return false;
  238 + }
  239 + $this->status = self::STATUS_DELETED;
  240 + if($this->update()) {
  241 + $this->clearSafe();
  242 + return true;
  243 + } else {
  244 + return false;
  245 + }
233 } 246 }
234 } 247 }
235 } else { 248 } else {
@@ -270,13 +283,15 @@ @@ -270,13 +283,15 @@
270 if($this->scenario == self::SCENARIO_GUEST) { 283 if($this->scenario == self::SCENARIO_GUEST) {
271 return false; 284 return false;
272 } else { 285 } else {
273 - return \Yii::$app->user->can(\common\modules\comment\Permissions::DELETE, [ 286 + return (\Yii::$app->user->can(\common\modules\comment\Permissions::DELETE, [
274 'model' => $this->model, 287 'model' => $this->model,
275 'model_id' => $this->model_id, 288 'model_id' => $this->model_id,
  289 + 'comment' => $this,
276 ]) || \Yii::$app->user->can(\common\modules\comment\Permissions::DELETE_OWN, [ 290 ]) || \Yii::$app->user->can(\common\modules\comment\Permissions::DELETE_OWN, [
277 'model' => $this->model, 291 'model' => $this->model,
278 'model_id' => $this->model_id, 292 'model_id' => $this->model_id,
279 - ]); 293 + 'comment' => $this,
  294 + ]));
280 } 295 }
281 } 296 }
282 297
@@ -313,7 +328,7 @@ @@ -313,7 +328,7 @@
313 'model' => $this->className(), 328 'model' => $this->className(),
314 ]) 329 ])
315 ->one(); 330 ->one();
316 - if(!$rating instanceof \common\modules\comment\models\Rating && !empty($this->primaryKey)) { 331 + if(!$rating instanceof \common\modules\comment\models\Rating && !empty( $this->primaryKey )) {
317 $rating = new \common\modules\comment\models\Rating([ 332 $rating = new \common\modules\comment\models\Rating([
318 'model' => $this->className(), 333 'model' => $this->className(),
319 'model_id' => $this->comment_id, 334 'model_id' => $this->comment_id,
@@ -355,4 +370,14 @@ @@ -355,4 +370,14 @@
355 return $this->hasOne(User::className(), [ 'id' => 'user_id' ]); 370 return $this->hasOne(User::className(), [ 'id' => 'user_id' ]);
356 } 371 }
357 372
  373 + public function buildButtons()
  374 + {
  375 + if($this->checkDelete()) {
  376 + $this->buttons[ 'delete' ] = Url::to([
  377 + 'artbox-comment/delete',
  378 + 'comment_id' => $this->comment_id,
  379 + ]);
  380 + }
  381 + }
  382 +
358 } 383 }
common/modules/comment/rbac/ArtboxCommentDeleteOwnRule.php
  Show/Hide comments   View file @0c0cdc9
@@ -11,7 +11,12 @@ @@ -11,7 +11,12 @@
11 11
12 public function execute($user, $item, $params) 12 public function execute($user, $item, $params)
13 { 13 {
14 - return true; 14 + if(!empty($params['comment'])) {
  15 + if($params['comment']->user_id == \Yii::$app->user->id) {
  16 + return true;
  17 + }
  18 + }
  19 + return false;
15 } 20 }
16 21
17 } 22 }
18 \ No newline at end of file 23 \ No newline at end of file
common/modules/comment/rbac/ArtboxCommentDeleteRule.php
  Show/Hide comments   View file @0c0cdc9
@@ -2,6 +2,8 @@ @@ -2,6 +2,8 @@
2 2
3 namespace common\modules\comment\rbac; 3 namespace common\modules\comment\rbac;
4 4
  5 + use common\models\User;
  6 + use yii\db\ActiveRecord;
5 use yii\rbac\Rule; 7 use yii\rbac\Rule;
6 8
7 class ArtboxCommentDeleteRule extends Rule 9 class ArtboxCommentDeleteRule extends Rule
@@ -11,7 +13,21 @@ @@ -11,7 +13,21 @@
11 13
12 public function execute($user, $item, $params) 14 public function execute($user, $item, $params)
13 { 15 {
14 - return true; 16 + /**
  17 + * @var ActiveRecord $model
  18 + */
  19 + if(!empty($params['model']) && !empty($params['model_id'])) {
  20 + $model = new $params['model'];
  21 + if($model instanceof ActiveRecord) {
  22 + $model = $model::findOne($params['model_id']);
  23 + if($model->hasAttribute('user_id') && $model->user_id == \Yii::$app->user->id) {
  24 + return true;
  25 + } elseif($model instanceof User && $model->id == \Yii::$app->user->id) {
  26 + return true;
  27 + }
  28 + }
  29 + }
  30 + return false;
15 } 31 }
16 32
17 } 33 }
18 \ No newline at end of file 34 \ No newline at end of file
common/modules/comment/widgets/views/_review_comment_view.php
  Show/Hide comments   View file @0c0cdc9
@@ -11,6 +11,7 @@ @@ -11,6 +11,7 @@
11 * @var User $user 11 * @var User $user
12 */ 12 */
13 $user = $model->user; 13 $user = $model->user;
  14 + $model->buildButtons();
14 ?> 15 ?>
15 <div class="comments-name"><?= $user->name ?></div> 16 <div class="comments-name"><?= $user->name ?></div>
16 <?php 17 <?php
@@ -34,6 +35,13 @@ @@ -34,6 +35,13 @@
34 <div class="comments-content"> 35 <div class="comments-content">
35 <?= $model->text ?> 36 <?= $model->text ?>
36 </div> 37 </div>
  38 + <div>
  39 + <?php
  40 + if(!empty($model->buttons['delete'])) {
  41 + echo Html::a('Удалить', $model->buttons['delete'], ['data-method' => 'post', 'data-confirm' => 'Really?']);
  42 + }
  43 + ?>
  44 + </div>
37 <?php 45 <?php
38 /* == PROJECT INFO == 46 /* == PROJECT INFO ==
39 ?> 47 ?>