YII2根据用户ID在视图文件中显示数据

时间:2017-10-06 11:24:40

标签: yii2 yii2-basic-app yii2-model yii2-user

我正在制作我的拼贴项目,其中管理员可以创建员工(教师),教师现在可以创建学生我的问题是,在索引和视图文件中,任何员工都可以看到最近添加的学生总列表。

我想在视图/索引文件上添加条件,以便特定教师可以查看他或她创建的学生列表。

我在用户表和员工表之间建立了链接(由&更新创建)

此致 Yuvraj Verma

<section class="content doc-user-profile">
    <div class="col-md-12 text-center">
    </div>
    </div>
    <table class="table table-striped">
        <tr>
            <th><?= $info->getAttributeLabel('stu_unique_id') ?></th>
            <td><?= Html::encode($info->stu_unique_id) ?></td>
        </tr>
        <tr>
            <th><?php echo Yii::t('stu', 'Name'); ?></th>
            <td><?= Html::encode($this->title) ?></td>
        </tr>

        <tr>
            <th><?= $info->getAttributeLabel('stu_email_id') ?></th>
            <td><?= Html::encode($info->stu_email_id) ?></td>
        </tr>
        <tr>
            <th><?= $info->getAttributeLabel('stu_mobile_no') ?></th>
            <td><?= $info->stu_mobile_no ?></td>
        </tr>
        <tr>
            <th><?php echo Yii::t('stu', 'Status'); ?></th>
            <td>
                <?php if($model->is_status==0) : ?>
                <span class="label label-success"><?php echo Yii::t('stu', 'Active'); ?></span>
                <?php else : ?>
                <span class="label label-danger"><?php echo Yii::t('stu', 'InActive'); ?></span>
                <?php endif; ?>
            </td>
        </tr>
    </table>
</div>

<div class="col-lg-9 profile-data">
    <ul class="nav nav-tabs responsive" id = "profileTab">
        <li class="active" id = "personal-tab"><a href="#personal" data-toggle="tab"><i class="fa fa-street-view"></i> <?php echo Yii::t('stu', 'Personal'); ?></a></li>
    </ul>
     <div id='content' class="tab-content responsive">
        <div class="tab-pane active" id="personal">
            <?= $this->render('_tab_stu_personal', ['info' => $info, 'model' => $model]) ?> 
        </div>
    </div>
</div>
 </div> <!---End Row Div--->

学生创建控制器如下:

public function actionCreate()
{
    $model = new StuMaster();
    $info = new StuInfo();
    $user =new User();
    $auth_assign = new AuthAssignment();

    if (Yii::$app->request->isAjax) {
        if($info->load(Yii::$app->request->post())) {
            \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;
            return ActiveForm::validate($info);
        }
        if($model->load(Yii::$app->request->post())) {
            \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;
            return ActiveForm::validate($model);
        }
    }

    $stud_uniq_no = \app\modules\student\models\StuInfo::find()->max('stu_unique_id');
    $uniq_id = NULL;
    if(empty($stud_uniq_no)) {
        $uniq_id = $info->stu_unique_id = 1;
    }
    else {
        $chk_id = StuInfo::find()->where(['stu_unique_id' => $stud_uniq_no])->exists();
        if($chk_id)
            $uniq_id = $stud_uniq_no + 1;
        else
            $uniq_id = $stud_uniq_no;
    }

    if ($model->load(Yii::$app->request->post()) && $info->load(Yii::$app->request->post()))

    {

        if (Yii::$app->request->isAjax) {
                    \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;
                    return ActiveForm::validate($info);
        }
        if (Yii::$app->request->isAjax) {
                    \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;
                    return ActiveForm::validate($model);
        }

        $model->attributes = $_POST['StuMaster'];
        $info->attributes = $_POST['StuInfo'];

        $info->stu_dob = Yii::$app->dateformatter->getDateFormat($_POST['StuInfo']['stu_dob']);
        if(empty($_POST['StuInfo']['stu_email_id']))
        $info->stu_email_id = NULL;
        else
        $info->stu_email_id = strtolower($_POST['StuInfo']['stu_email_id']);

        $login_id = \app\models\Organization::find()->one()->org_stu_prefix.$uniq_id;
        $user->user_login_id = $login_id;
        $user->user_password =  md5($user->user_login_id.$user->user_login_id);
        $user->user_type = "S";
        $user->created_by = Yii::$app->getid->getId();
        $user->created_at = new \yii\db\Expression('NOW()');

        if($info->save(false))
        {
        $user->save(false);
        }


        $model->stu_master_stu_info_id = $info->stu_info_id;
        $model->stu_master_user_id = $user->user_id;
        $model->created_by = Yii::$app->getid->getId();
        $model->created_at = new \yii\db\Expression('NOW()');
        $model->save(false);

        $s_info = StuInfo::findOne($model->stu_master_stu_info_id);
        $s_info->stu_info_stu_master_id = $model->stu_master_id;
        $s_info->save(false);

        $auth_assign->item_name = 'Student';
        $auth_assign->user_id = $user->user_id;
        $auth_assign->created_at =  date_format(date_create(),'U');
        $auth_assign->save(false);

        if ($model->save()) {
        return $this->redirect(['view', 'id'=>$model->stu_master_id]);
        }
        else
        return $this->render('create', ['model' => $model, 'info' => $info, 'uniq_id'=>$uniq_id]);
    } else {
        return $this->render('create', [
        'model' => $model, 'info' => $info, 'uniq_id'=>$uniq_id
        ]);
    }
}

2 个答案:

答案 0 :(得分:0)

在“modelSearch”的搜索功能中添加created_by过滤器:

public function search($params)
{
    $query = StuInfo::find();
     ...
     $query->andFilterWhere(['created_by' => Yii::$app->user->identity->id]);
    ....
 }

对于您的视图(actionView),您可以检查记录是否是由渲染用户在渲染之前创建的。

这会随着时间变得复杂,所以我建议使用授权 - Yii2 Access Control and Authorization

答案 1 :(得分:0)

您的创建操作正常。 您必须在控制器的索引/视图操作中加入限制 您的索引操作应该是这样的

public function actionIndex()
    {

        $searchModel = new StudentSearch();
        $query = Student::find()->where(['teacher_id'=>$logged_teacher_id_from_session]);

        $dataProvider = new ActiveDataProvider([
            'query' => $query,
            'pagination' => [
                'pageSize' => 20,
            ],
            'sort' => [
                'defaultOrder' => [
                    'student_id' => SORT_ASC,
                ]
            ],
        ]);

        return $this->render('index', [

            'searchModel' => $searchModel,
            'dataProvider' => $dataProvider,
        ]);
    }

在这种情况下,登录的教师只能看到他/学生