updated/fixed access checks

composer.json

@@ -6,7 +6,7 @@
     "yii2",
     "extension"
   ],
-  "license": "BSD-3-Clause",
+  "license": "proprietary",
   "authors": [
     {
       "name": "Tobias Munk",
@@ -14,9 +14,9 @@
     }
   ],
   "require": {
-    "yiisoft/yii2": "*",
+    "yiisoft/yii2": "2.*",
     "yiisoft/yii2-twig": "^2.0.4",
-    "dmstr/yii2-web": "*",
+    "dmstr/yii2-web": ">=0.3.1",
     "beowulfenator/yii2-json-editor": "^1.1"
   },
   "autoload": {

src/Module.php

@@ -2,17 +2,14 @@
 
 namespace hrzg\widget;
 
+use dmstr\web\traits\AccessBehaviorTrait;
+
 class Module extends \yii\base\Module
 {
+    use AccessBehaviorTrait;
+    
     public $controllerNamespace = 'hrzg\widget\controllers';
 
-    public function init()
-    {
-        parent::init();
-
-        // custom initialization code goes here
-    }
-
     public function beforeAction($action)
     {
         parent::beforeAction($action);

src/controllers/crud/base/WidgetController.php

@@ -27,33 +27,6 @@ class WidgetController extends Controller
      */
     public $enableCsrfValidation = false;
 
-    /**
-     * {@inheritdoc}
-     *
-     * @return unknown
-     */
-    public function behaviors()
-    {
-        return [
-            'access' => [
-                'class' => AccessControl::className(),
-                'rules' => [
-                    [
-                        'allow' => true,
-
-                        /*
-                         *
-                         */
-                        'matchCallback' => function ($rule, $action) {
-                            return \Yii::$app->user->can($this->module->id.'_'.$this->id.'_'.$action->id,
-                                ['route' => true]);
-                        },
-                    ],
-                ],
-            ],
-        ];
-    }
-
     /**
      * Lists all Widget models.
      *

src/controllers/crud/base/WidgetTemplateController.php

@@ -27,33 +27,6 @@ class WidgetTemplateController extends Controller
      */
     public $enableCsrfValidation = false;
 
-    /**
-     * {@inheritdoc}
-     *
-     * @return unknown
-     */
-    public function behaviors()
-    {
-        return [
-            'access' => [
-                'class' => AccessControl::className(),
-                'rules' => [
-                    [
-                        'allow' => true,
-
-                        /*
-                         *
-                         */
-                        'matchCallback' => function ($rule, $action) {
-                            return \Yii::$app->user->can($this->module->id.'_'.$this->id.'_'.$action->id,
-                                ['route' => true]);
-                        },
-                    ],
-                ],
-            ],
-        ];
-    }
-
     /**
      * Lists all WidgetTemplate models.
      *

src/widgets/Cell.php

@@ -28,7 +28,7 @@ class Cell extends Widget
     public function init()
     {
         \Yii::$app->trigger('registerMenuItems', new Event(['sender' => $this]));
-        if (\Yii::$app->user->can('widgets')) {
+        if (\Yii::$app->user->can('widgets_crud_widget')) {
             WidgetAsset::register(\Yii::$app->view);
         }
     }
@@ -106,7 +106,7 @@ class Cell extends Widget
                 'class' => self::CSS_PREFIX.'-'.$this->id.' '.self::CSS_PREFIX.'-widget-container']
         );
 
-        if (\Yii::$app->user->can('widgets')) {
+        if (\Yii::$app->user->can('widgets_crud_widget')) {
             $html .= $this->generateContainerControls();
         }
 
@@ -119,7 +119,7 @@ class Cell extends Widget
                 $class->setProperties($properties);
             }
             $html .= Html::beginTag('div', ['id'=>'widget-'.($widget->name_id?:$widget->id), 'class' => 'hrzg-widget-widget']);
-            if (\Yii::$app->user->can('widgets')) {
+            if (\Yii::$app->user->can('widgets_crud_widget')) {
                 $html .= $this->generateWidgetControls($widget);
             }
             $html .= $class->run();