Archivado/Incam_PROFIND_Web
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Tareas #1124 -> Un agente puede modificar la empresa si sabe la URL de modificación

Browse Source 
git-svn-id: https://192.168.0.254/svn/Proyectos.Incam_PROFIND_Web/trunk@52 3fe1ab16-cfe0-e34b-8c9f-7d8c168d430d
This commit is contained in:
David Arranz 2012-10-02 19:50:45 +00:00
parent 3df8ebee09
commit 37307e14cf
4 changed files with 34 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
www/protected/controllers/EmpresaController.php
View File

@ -20,9 +20,10 @@ class EmpresaController extends Controller {
*/ */
public function accessRules() { public function accessRules() {
return array( return array(
array('allow', // allow authenticated user to perform 'create' and 'update' actions array('allow',
'actions' => array('modificar'), 'actions' => array('modificar'),
'users' => array('@'), 'users' => array('@'),
'expression' => 'Yii::app()->user->esCoordinador',
), ),
array('deny', // deny all users array('deny', // deny all users
'users' => array('*'), 'users' => array('*'),

3
www/protected/controllers/EquipoController.php
View File

@ -18,9 +18,10 @@ class EquipoController extends Controller {
*/ */
public function accessRules() { public function accessRules() {
return array( return array(
array('allow', // allow admin user to perform 'admin' and 'delete' actions array('allow',
'actions' => array('index', 'delete'), 'actions' => array('index', 'delete'),
'users' => array('@'), 'users' => array('@'),
'expression' => 'Yii::app()->user->esCoordinador',
), ),
array('deny', // deny all users array('deny', // deny all users
'users' => array('*'), 'users' => array('*'),

5
www/protected/controllers/SiteController.php
View File

@ -9,10 +9,11 @@ class SiteController extends Controller {
public function accessRules() { public function accessRules() {
return array( return array(
array('allow', array('allow',
'actions' => array('login', 'callback'), 'actions' => array('login', 'callback', 'error'),
'users' => array('*') 'users' => array('*')
), ),
array('allow', array('allow',
'actions' => array('logout'),
'users' => array('@') 'users' => array('@')
), ),
array('deny'), array('deny'),
@ -89,7 +90,7 @@ class SiteController extends Controller {
*/ */
public function actionLogout() { public function actionLogout() {
Yii::app()->user->logout(); Yii::app()->user->logout();
$this->redirect(Yii::app()->homeUrl); $this->redirect(Yii::app()->params['frontpage']);
} }
public function actionCallback() { public function actionCallback() {

30
www/protected/controllers/SubscripcionController.php
View File

@ -2,13 +2,37 @@
class SubscripcionController extends Controller class SubscripcionController extends Controller
{ {
/**
* @return array action filters
*/
public function filters() {
return array(
'accessControl', // perform access control for CRUD operations
);
}
/**
* Specifies the access control rules.
* This method is used by the 'accessControl' filter.
* @return array access control rules
*/
public function accessRules() {
return array(
array('allow',
'actions' => array('modificar'),
'users' => array('@'),
'expression' => 'Yii::app()->user->esCoordinador',
),
array('deny', // deny all users
'users' => array('*'),
),
);
}
public function actionModificar($id) public function actionModificar($id)
{ {
$model = $this->loadModel($id); $model = $this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if (isset($_POST['Subscripcion'])) { if (isset($_POST['Subscripcion'])) {
$model->attributes = $_POST['Subscripcion']; $model->attributes = $_POST['Subscripcion'];