yii2-usuario icon indicating copy to clipboard operation
yii2-usuario copied to clipboard

Published 20 hours ago verified publisher icon 2amigos

usuario advanced template don't allow users to view backend

Open Wautvda opened this issue 6 years ago • 1 comments

What steps will reproduce the problem?

Create user, without required access right to backend pages. Use backend login.

What is the expected result?

Show error that you're not allowed to login and go back to frontend home

What do you get instead?

Backend template with menu, just none of the pages are accessible due to missing access rights.

	        'access' => [
		        'class' => AccessControl::class,
		        'rules' => [
			        [
				        'allow' => true,
				        'roles' => ['Admin'],
			        ],
		        ],
	        ],

Wautvda avatar Mar 17 '19 14:03 Wautvda

Solution can be something like.

'user' => [
            'on ' . FormEvent::EVENT_BEFORE_LOGIN => function ($e) {
                $e->isValid = \Da\User\Model::findByUsername($e->identity->username)->isAdmin;
                if(!$e->isValid)
                {
	                $homeUrl = \Yii::$app->urlManagerFrontend->createAbsoluteUrl(['']);
                    Yii::$app->session->setFlash('error', Yii::t("login","Access forbidden! Click <a href='$homeUrl'>here</a> to return to the home page."));
                }
            },
        ],

thx to @Eseperio ;) https://github.com/dektrium/yii2-user/issues/967

Wautvda avatar Mar 17 '19 15:03 Wautvda