127 lines
3.4 KiB
PHP
127 lines
3.4 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of the 2amigos/yii2-usuario project.
|
|
*
|
|
* (c) 2amigOS! <http://2amigos.us/>
|
|
*
|
|
* For the full copyright and license information, please view
|
|
* the LICENSE file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Da\User\Controller;
|
|
|
|
use Da\User\Model\User;
|
|
use Da\User\Query\ProfileQuery;
|
|
use Da\User\Traits\ModuleAwareTrait;
|
|
use Yii;
|
|
use yii\base\Module;
|
|
use yii\filters\AccessControl;
|
|
use yii\web\Controller;
|
|
use yii\web\ForbiddenHttpException;
|
|
use yii\web\NotFoundHttpException;
|
|
|
|
class ProfileController extends Controller
|
|
{
|
|
use ModuleAwareTrait;
|
|
|
|
/** @var int will allow only profile owner */
|
|
const PROFILE_VISIBILITY_OWNER = 0;
|
|
/** @var int will allow profile owner and admin users */
|
|
const PROFILE_VISIBILITY_ADMIN = 1;
|
|
/** @var int will allow any logged-in users */
|
|
const PROFILE_VISIBILITY_USERS = 2;
|
|
/** @var int will allow anyone, including guests */
|
|
public const PROFILE_VISIBILITY_PUBLIC = 3;
|
|
|
|
protected $profileQuery;
|
|
|
|
/**
|
|
* ProfileController constructor.
|
|
*
|
|
* @param string $id
|
|
* @param Module $module
|
|
* @param ProfileQuery $profileQuery
|
|
* @param array $config
|
|
*/
|
|
public function __construct($id, Module $module, ProfileQuery $profileQuery, array $config = [])
|
|
{
|
|
$this->profileQuery = $profileQuery;
|
|
parent::__construct($id, $module, $config);
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function behaviors()
|
|
{
|
|
return [
|
|
'access' => [
|
|
'class' => AccessControl::class,
|
|
'rules' => [
|
|
[
|
|
'allow' => true,
|
|
'actions' => ['index'],
|
|
'roles' => ['@'],
|
|
],
|
|
[
|
|
'allow' => true,
|
|
'actions' => ['show'],
|
|
'roles' => ['?', '@'],
|
|
],
|
|
],
|
|
],
|
|
];
|
|
}
|
|
|
|
public function actionIndex()
|
|
{
|
|
return $this->redirect(['show', 'id' => Yii::$app->user->getId()]);
|
|
}
|
|
|
|
public function actionShow($id)
|
|
{
|
|
$user = Yii::$app->user;
|
|
$id = (int) $id;
|
|
|
|
/** @var ?User $identity */
|
|
$identity = $user->getIdentity();
|
|
|
|
switch($this->module->profileVisibility) {
|
|
case static::PROFILE_VISIBILITY_OWNER:
|
|
if($identity === null || $id !== $user->getId()) {
|
|
throw new ForbiddenHttpException();
|
|
}
|
|
break;
|
|
case static::PROFILE_VISIBILITY_ADMIN:
|
|
if($id === $user->getId() || ($identity !== null && $identity->getIsAdmin())) {
|
|
break;
|
|
}
|
|
throw new ForbiddenHttpException();
|
|
case static::PROFILE_VISIBILITY_USERS:
|
|
if((!$user->getIsGuest())) {
|
|
break;
|
|
}
|
|
throw new ForbiddenHttpException();
|
|
case static::PROFILE_VISIBILITY_PUBLIC:
|
|
break;
|
|
default:
|
|
throw new ForbiddenHttpException();
|
|
|
|
}
|
|
|
|
$profile = $this->profileQuery->whereUserId($id)->one();
|
|
|
|
if ($profile === null) {
|
|
throw new NotFoundHttpException();
|
|
}
|
|
|
|
return $this->render(
|
|
'show',
|
|
[
|
|
'profile' => $profile,
|
|
]
|
|
);
|
|
}
|
|
}
|