From 37307e14cf15e7dd003fa60d18388f5b0c9847df Mon Sep 17 00:00:00 2001 From: david Date: Tue, 2 Oct 2012 19:50:45 +0000 Subject: [PATCH] =?UTF-8?q?Tareas=20#1124=20->=20Un=20agente=20puede=20mod?= =?UTF-8?q?ificar=20la=20empresa=20si=20sabe=20la=20URL=20de=20modificaci?= =?UTF-8?q?=C3=B3n?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: https://192.168.0.254/svn/Proyectos.Incam_PROFIND_Web/trunk@52 3fe1ab16-cfe0-e34b-8c9f-7d8c168d430d --- .../controllers/EmpresaController.php | 3 +- .../controllers/EquipoController.php | 3 +- www/protected/controllers/SiteController.php | 5 ++-- .../controllers/SubscripcionController.php | 30 +++++++++++++++++-- 4 files changed, 34 insertions(+), 7 deletions(-) diff --git a/www/protected/controllers/EmpresaController.php b/www/protected/controllers/EmpresaController.php index e8356bd..bdf621e 100644 --- a/www/protected/controllers/EmpresaController.php +++ b/www/protected/controllers/EmpresaController.php @@ -20,9 +20,10 @@ class EmpresaController extends Controller { */ public function accessRules() { return array( - array('allow', // allow authenticated user to perform 'create' and 'update' actions + array('allow', 'actions' => array('modificar'), 'users' => array('@'), + 'expression' => 'Yii::app()->user->esCoordinador', ), array('deny', // deny all users 'users' => array('*'), diff --git a/www/protected/controllers/EquipoController.php b/www/protected/controllers/EquipoController.php index d80e757..a72d887 100644 --- a/www/protected/controllers/EquipoController.php +++ b/www/protected/controllers/EquipoController.php @@ -18,9 +18,10 @@ class EquipoController extends Controller { */ public function accessRules() { return array( - array('allow', // allow admin user to perform 'admin' and 'delete' actions + array('allow', 'actions' => array('index', 'delete'), 'users' => array('@'), + 'expression' => 'Yii::app()->user->esCoordinador', ), array('deny', // deny all users 'users' => array('*'), diff --git a/www/protected/controllers/SiteController.php b/www/protected/controllers/SiteController.php index a998723..bafd760 100644 --- a/www/protected/controllers/SiteController.php +++ b/www/protected/controllers/SiteController.php @@ -9,10 +9,11 @@ class SiteController extends Controller { public function accessRules() { return array( array('allow', - 'actions' => array('login', 'callback'), + 'actions' => array('login', 'callback', 'error'), 'users' => array('*') ), array('allow', + 'actions' => array('logout'), 'users' => array('@') ), array('deny'), @@ -89,7 +90,7 @@ class SiteController extends Controller { */ public function actionLogout() { Yii::app()->user->logout(); - $this->redirect(Yii::app()->homeUrl); + $this->redirect(Yii::app()->params['frontpage']); } public function actionCallback() { diff --git a/www/protected/controllers/SubscripcionController.php b/www/protected/controllers/SubscripcionController.php index 18c9df3..3518d32 100644 --- a/www/protected/controllers/SubscripcionController.php +++ b/www/protected/controllers/SubscripcionController.php @@ -2,13 +2,37 @@ class SubscripcionController extends Controller { + /** + * @return array action filters + */ + public function filters() { + return array( + 'accessControl', // perform access control for CRUD operations + ); + } + + /** + * Specifies the access control rules. + * This method is used by the 'accessControl' filter. + * @return array access control rules + */ + public function accessRules() { + return array( + array('allow', + 'actions' => array('modificar'), + 'users' => array('@'), + 'expression' => 'Yii::app()->user->esCoordinador', + ), + array('deny', // deny all users + 'users' => array('*'), + ), + ); + } + public function actionModificar($id) { $model = $this->loadModel($id); - // Uncomment the following line if AJAX validation is needed - // $this->performAjaxValidation($model); - if (isset($_POST['Subscripcion'])) { $model->attributes = $_POST['Subscripcion'];