Ejemplo n.º 1
0
 public function actionInit()
 {
     if (!$this->confirm("Are you sure? It will re-create permissions tree.")) {
         return self::EXIT_CODE_NORMAL;
     }
     //$auth = Yii::$app->authManager;
     // Підключення через Базу даних
     $auth = new DbManager();
     $auth->init();
     $auth->removeAll();
     // Роль студент
     $student = $auth->createRole('student');
     $student->description = 'Student';
     $auth->add($student);
     // Роль працедавець
     $employer = $auth->createRole('employer');
     $employer->description = 'Employer';
     $auth->add($employer);
     // Роль модератор
     $moderator = $auth->createRole('moderator');
     $moderator->description = 'Moderator';
     $auth->add($moderator);
     $auth->addChild($moderator, $student);
     $auth->addChild($moderator, $employer);
     // Роль адміністратор
     $admin = $auth->createRole('admin');
     $admin->description = 'Administrator';
     $auth->add($admin);
     $auth->addChild($admin, $moderator);
 }
Ejemplo n.º 2
0
 public function actionInit()
 {
     //        $auth = Yii::$app->authManager;
     $auth = new DbManager();
     $auth->removeAll();
     //удаляем старые данные
     //Создадим права для доступа к админке
     $dashboard = $auth->createPermission('dashboard');
     $dashboard->description = 'Админ панель';
     $auth->add($dashboard);
     //Включаем наш обработчик
     $rule = new UserRoleRule();
     $auth->add($rule);
     //Добавляем роли
     $user = $auth->createRole('user');
     $user->description = 'Пользователь';
     $user->ruleName = $rule->name;
     $auth->add($user);
     $moder = $auth->createRole('moder');
     $moder->description = 'Модератор';
     $moder->ruleName = $rule->name;
     $auth->add($moder);
     //Добавляем потомков
     $auth->addChild($moder, $user);
     $auth->addChild($moder, $dashboard);
     $admin = $auth->createRole('admin');
     $admin->description = 'Администратор';
     $admin->ruleName = $rule->name;
     $auth->add($admin);
     $auth->addChild($admin, $moder);
 }
Ejemplo n.º 3
0
 /**
  * Initial RBAC action
  * @param integer $id Superadmin ID
  */
 public function actionInit($id = null)
 {
     $auth = new DbManager();
     $auth->init();
     $auth->removeAll();
     //удаляем старые данные
     // Rules
     $groupRule = new GroupRule();
     $auth->add($groupRule);
     // Roles
     $user = $auth->createRole('user');
     $user->description = 'User';
     $user->ruleName = $groupRule->name;
     $auth->add($user);
     $moderator = $auth->createRole(' moderator ');
     $moderator->description = 'Moderator ';
     $moderator->ruleName = $groupRule->name;
     $auth->add($moderator);
     $auth->addChild($moderator, $user);
     $admin = $auth->createRole('admin');
     $admin->description = 'Admin';
     $admin->ruleName = $groupRule->name;
     $auth->add($admin);
     $auth->addChild($admin, $moderator);
     $superadmin = $auth->createRole('superadmin');
     $superadmin->description = 'Superadmin';
     $superadmin->ruleName = $groupRule->name;
     $auth->add($superadmin);
     $auth->addChild($superadmin, $admin);
     // Superadmin assignments
     if ($id !== null) {
         $auth->assign($superadmin, $id);
     }
 }
Ejemplo n.º 4
0
 /**
  * Create new role
  *
  * @return mixed
  */
 public function actionCreate()
 {
     $this->layout = '@app/views/layouts/one-column';
     $model = new RoleForm();
     $model->setScenario('create');
     /* @var $systemAlert Alert */
     $systemAlert = Yii::$app->systemAlert;
     if (Yii::$app->request->isAjax && $model->load($_POST)) {
         Yii::$app->response->format = Response::FORMAT_JSON;
         return ActiveForm::validate($model);
     }
     if ($model->load($_POST) && $model->validate()) {
         $transaction = Yii::$app->db->beginTransaction();
         try {
             // create new role
             $role = $this->authManager->createRole($model->getName());
             $role->description = $model->description;
             if (!$this->authManager->add($role)) {
                 throw new Exception();
             }
             // add role permissions
             foreach ($model->getPermissionModels() as $permission) {
                 $this->authManager->addChild($role, $permission);
             }
             $transaction->commit();
             $systemAlert->setMessage(Alert::SUCCESS, Yii::t('user', 'Role created successfully'));
             return $this->redirect(['index']);
         } catch (Exception $ex) {
             $transaction->rollback();
             $systemAlert->setMessage(Alert::DANGER, Yii::t('app', 'System error: {message}', ['message' => $ex->getMessage()]));
         }
     }
     return $this->render('create', ['model' => $model]);
 }
Ejemplo n.º 5
0
 /**
  * Initial RBAC action
  * @param integer $id Superadmin ID
  */
 public function actionInit($id = null)
 {
     $auth = new DbManager();
     $auth->init();
     $auth->removeAll();
     //удаляем старые данные
     // Rules
     $groupRule = new GroupRule();
     $auth->add($groupRule);
     // Roles
     $student = $auth->createRole('student');
     $student->description = 'Student';
     $student->ruleName = $groupRule->name;
     $auth->add($student);
     $teacher = $auth->createRole('teacher');
     $teacher->description = 'Teacher';
     $teacher->ruleName = $groupRule->name;
     $auth->add($teacher);
     $auth->addChild($teacher, $student);
     $admin = $auth->createRole('admin');
     $admin->description = 'Admin';
     $admin->ruleName = $groupRule->name;
     $auth->add($admin);
     $auth->addChild($admin, $teacher);
     $superadmin = $auth->createRole('superadmin');
     $superadmin->description = 'Superadmin';
     $superadmin->ruleName = $groupRule->name;
     $auth->add($superadmin);
     $auth->addChild($superadmin, $admin);
     // Superadmin assignments
     if ($id !== null) {
         $auth->assign($superadmin, $id);
     }
 }
Ejemplo n.º 6
0
 /**
  * Saves item.
  *
  * @return bool
  */
 public function save()
 {
     if ($this->validate() == false) {
         return false;
     }
     if ($isNewItem = $this->item === null) {
         $this->item = $this->createItem($this->name);
     } else {
         $oldName = $this->item->name;
     }
     $this->item->name = $this->name;
     $this->item->description = $this->description;
     if (!empty($this->rule)) {
         $rule = \Yii::createObject($this->rule);
         if (null === $this->manager->getRule($rule->name)) {
             $this->manager->add($rule);
         }
         $this->item->ruleName = $rule->name;
     } else {
         $this->item->ruleName = null;
     }
     $createdFlashMessage = '';
     $updatedFlashMessage = '';
     if ($this->item->type = Item::TYPE_PERMISSION) {
         $createdFlashMessage = Yii::t('rbac', 'Permission has been created');
         $updatedFlashMessage = Yii::t('rbac', 'Permission has been updated');
     } else {
         if ($this->item->type = Item::TYPE_ROLE) {
             $createdFlashMessage = Yii::t('rbac', 'Role has been updated');
             $updatedFlashMessage = Yii::t('rbac', 'Role has been updated');
         }
     }
     if ($isNewItem) {
         \Yii::$app->session->setFlash('success', $createdFlashMessage);
         $this->manager->add($this->item);
     } else {
         \Yii::$app->session->setFlash('success', $updatedFlashMessage);
         $this->manager->update($oldName, $this->item);
     }
     $this->manager->removeChildren($this->item);
     if (is_array($this->children)) {
         foreach ($this->children as $name) {
             if ($this->item->type = Item::TYPE_PERMISSION) {
                 $child = $this->manager->getPermission($name);
             } else {
                 if ($this->item->type = Item::TYPE_ROLE) {
                     $child = $this->manager->getRole($name);
                 }
             }
             if ($this->manager->hasChild($this->item, $child) == false) {
                 $this->manager->addChild($this->item, $child);
             }
         }
     }
     return true;
 }
Ejemplo n.º 7
0
 public function actionInit()
 {
     $auth = new DbManager();
     $auth->init();
     $auth->removeAll();
     $groupRule = new GroupRule();
     $auth->add($groupRule);
     $user = $auth->createRole('user');
     $user->description = 'User';
     $user->ruleName = $groupRule->name;
     $auth->add($user);
     $auth->add($auth->createPermission('admin'));
 }
Ejemplo n.º 8
0
 public function add($object)
 {
     if ($this->getRole($object->name) || $this->getPermission($object->name)) {
         return;
     }
     return parent::add($object);
     // TODO: Change the autogenerated stub
 }
Ejemplo n.º 9
0
 /**
  * This is to be called only once at the initialization
  * by commenting out the behaviors first.
  */
 public function actionAdmin()
 {
     $r = new DbManager();
     $r->init();
     $test = $r->createRole('admin');
     $r->add($test);
     $r->assign($test, Yii::$app->user->id);
 }
Ejemplo n.º 10
0
 public function afterSave($insert, $changedAttributes)
 {
     $rbac = new DbManager();
     $rbac->init();
     $role = $rbac->createRole($this->name);
     $role->description = $this->title;
     if ($insert) {
         if ($rbac->add($role)) {
             if ($this->rights) {
                 $this->rights = unserialize($this->rights);
                 if (is_array($this->rights) && count($this->rights)) {
                     foreach ($this->rights as $key => $child) {
                         if (intval($child)) {
                             $child = $rbac->createPermission($key);
                             if (!$rbac->getPermission($key)) {
                                 $rbac->add($child);
                             }
                             $rbac->addChild($role, $child);
                         }
                     }
                 }
             }
         }
     } else {
         if ($rbac->update($this->name, $role)) {
             $rbac->removeChildren($role);
             if ($this->rights) {
                 $this->rights = unserialize($this->rights);
                 if (is_array($this->rights) && count($this->rights)) {
                     foreach ($this->rights as $key => $child) {
                         if (intval($child)) {
                             $child = $rbac->createPermission($key);
                             if (!$rbac->getPermission($key)) {
                                 $rbac->add($child);
                             }
                             $rbac->addChild($role, $child);
                         }
                     }
                 }
             }
         }
     }
     return parent::afterSave($insert, $changedAttributes);
 }
Ejemplo n.º 11
0
 /**
  * Add permission.
  * @param string $name
  * @param string $description
  * @param Rule $rule
  * @return Item
  */
 protected function addPermission($name, $description, $rule = null)
 {
     $perm = $this->_auth->createPermission($name);
     $perm->description = $description;
     if ($rule instanceof Rule) {
         $perm->ruleName = $rule->name;
     }
     $this->_perms[$name] = $perm;
     $this->_auth->add($perm);
     return $perm;
 }
Ejemplo n.º 12
0
 /**
  * the register customer will be added  'customer' role
  */
 public static function frontendRegister()
 {
     Event::on(User::className(), User::USER_REGISTER_DONE, function ($event) {
         /** @var \yii\base\ModelEvent $event */
         $user = $event->sender;
         $auth = new DbManager();
         $auth->init();
         $role = $auth->getRole('Customer');
         if (!$role) {
             $role = $auth->createRole('Customer');
             $auth->add($role);
         }
         $auth->assign($role, $user->id);
     });
 }
Ejemplo n.º 13
0
 private function addItem($item)
 {
     $exitCode = 0;
     //Save the model
     try {
         $this->_authManager->add($item);
         $this->stdout("OK", Console::FG_GREEN);
     } catch (\Exception $e) {
         $this->stdout("FAILED", Console::FG_RED);
         $this->stderr("\nGenerated Message: ");
         //Todo: Optional full error message display
         $this->stderr(strtok($e->getMessage(), "\n"), Console::BG_BLUE);
         $exitCode = 1;
     }
     $this->stdout("\n");
     return $exitCode;
 }
Ejemplo n.º 14
0
 public function savePermissions()
 {
     $auth = new DbManager();
     $auth->init();
     $actions = $this->getActions();
     if (strpos($this->controllerClass, '\\') === false) {
         \Yii::$app->session->addFlash('error', \Yii::t('auth', 'wrong data '));
     } else {
         foreach ($actions as $action) {
             if (!$auth->getPermission($this->controllerClass . '_' . $action)) {
                 $permission = $auth->createPermission($this->controllerClass . '_' . $action);
                 if (!$auth->add($permission)) {
                     \Yii::$app->session->addFlash('error', \Yii::t('auth', $action . ' action add failed'));
                 } else {
                     \Yii::$app->session->addFlash('success', \Yii::t('auth', 'add ' . $action . ' action success!'));
                 }
             } else {
                 \Yii::$app->session->addFlash('error', \Yii::t('auth', $action . ' action has already exist'));
             }
         }
     }
 }
Ejemplo n.º 15
0
 /**
  * Adds RBAC rules.
  */
 public function add(DbManager $authManager)
 {
     $viewThread = $authManager->getPermission(self::PERM_VIEW_THREAD);
     if (!$viewThread instanceof Permission) {
         $viewThread = $authManager->createPermission(self::PERM_VIEW_THREAD);
         $viewThread->description = 'View Podium thread';
         $authManager->add($viewThread);
     }
     $viewForum = $authManager->getPermission(self::PERM_VIEW_FORUM);
     if (!$viewForum instanceof Permission) {
         $viewForum = $authManager->createPermission(self::PERM_VIEW_FORUM);
         $viewForum->description = 'View Podium forum';
         $authManager->add($viewForum);
     }
     $createThread = $authManager->getPermission(self::PERM_CREATE_THREAD);
     if (!$createThread instanceof Permission) {
         $createThread = $authManager->createPermission(self::PERM_CREATE_THREAD);
         $createThread->description = 'Create Podium thread';
         $authManager->add($createThread);
     }
     $createPost = $authManager->getPermission(self::PERM_CREATE_POST);
     if (!$createPost instanceof Permission) {
         $createPost = $authManager->createPermission(self::PERM_CREATE_POST);
         $createPost->description = 'Create Podium post';
         $authManager->add($createPost);
     }
     $moderatorRule = $authManager->getRule('isPodiumModerator');
     if (!$moderatorRule instanceof ModeratorRule) {
         $moderatorRule = new ModeratorRule();
         $authManager->add($moderatorRule);
     }
     $updatePost = $authManager->getPermission(self::PERM_UPDATE_POST);
     if (!$updatePost instanceof Permission) {
         $updatePost = $authManager->createPermission(self::PERM_UPDATE_POST);
         $updatePost->description = 'Update Podium post';
         $updatePost->ruleName = $moderatorRule->name;
         $authManager->add($updatePost);
     }
     $authorRule = $authManager->getRule('isPodiumAuthor');
     if (!$authorRule instanceof AuthorRule) {
         $authorRule = new AuthorRule();
         $authManager->add($authorRule);
     }
     $updateOwnPost = $authManager->getPermission(self::PERM_UPDATE_OWN_POST);
     if (!$updateOwnPost instanceof Permission) {
         $updateOwnPost = $authManager->createPermission(self::PERM_UPDATE_OWN_POST);
         $updateOwnPost->description = 'Update own Podium post';
         $updateOwnPost->ruleName = $authorRule->name;
         $authManager->add($updateOwnPost);
         $authManager->addChild($updateOwnPost, $updatePost);
     }
     $deletePost = $authManager->getPermission(self::PERM_DELETE_POST);
     if (!$deletePost instanceof Permission) {
         $deletePost = $authManager->createPermission(self::PERM_DELETE_POST);
         $deletePost->description = 'Delete Podium post';
         $deletePost->ruleName = $moderatorRule->name;
         $authManager->add($deletePost);
     }
     $deleteOwnPost = $authManager->getPermission(self::PERM_DELETE_OWN_POST);
     if (!$deleteOwnPost instanceof Permission) {
         $deleteOwnPost = $authManager->createPermission(self::PERM_DELETE_OWN_POST);
         $deleteOwnPost->description = 'Delete own Podium post';
         $deleteOwnPost->ruleName = $authorRule->name;
         $authManager->add($deleteOwnPost);
         $authManager->addChild($deleteOwnPost, $deletePost);
     }
     $user = $authManager->getRole(self::ROLE_USER);
     if (!$user instanceof Role) {
         $user = $authManager->createRole(self::ROLE_USER);
         $authManager->add($user);
         $authManager->addChild($user, $viewThread);
         $authManager->addChild($user, $viewForum);
         $authManager->addChild($user, $createThread);
         $authManager->addChild($user, $createPost);
         $authManager->addChild($user, $updateOwnPost);
         $authManager->addChild($user, $deleteOwnPost);
     }
     $updateThread = $authManager->getPermission(self::PERM_UPDATE_THREAD);
     if (!$updateThread instanceof Permission) {
         $updateThread = $authManager->createPermission(self::PERM_UPDATE_THREAD);
         $updateThread->description = 'Update Podium thread';
         $updateThread->ruleName = $moderatorRule->name;
         $authManager->add($updateThread);
     }
     $deleteThread = $authManager->getPermission(self::PERM_DELETE_THREAD);
     if (!$deleteThread instanceof Permission) {
         $deleteThread = $authManager->createPermission(self::PERM_DELETE_THREAD);
         $deleteThread->description = 'Delete Podium thread';
         $deleteThread->ruleName = $moderatorRule->name;
         $authManager->add($deleteThread);
     }
     $pinThread = $authManager->getPermission(self::PERM_PIN_THREAD);
     if (!$pinThread instanceof Permission) {
         $pinThread = $authManager->createPermission(self::PERM_PIN_THREAD);
         $pinThread->description = 'Pin Podium thread';
         $pinThread->ruleName = $moderatorRule->name;
         $authManager->add($pinThread);
     }
     $lockThread = $authManager->getPermission(self::PERM_LOCK_THREAD);
     if (!$lockThread instanceof Permission) {
         $lockThread = $authManager->createPermission(self::PERM_LOCK_THREAD);
         $lockThread->description = 'Lock Podium thread';
         $lockThread->ruleName = $moderatorRule->name;
         $authManager->add($lockThread);
     }
     $moveThread = $authManager->getPermission(self::PERM_MOVE_THREAD);
     if (!$moveThread instanceof Permission) {
         $moveThread = $authManager->createPermission(self::PERM_MOVE_THREAD);
         $moveThread->description = 'Move Podium thread';
         $moveThread->ruleName = $moderatorRule->name;
         $authManager->add($moveThread);
     }
     $movePost = $authManager->getPermission(self::PERM_MOVE_POST);
     if (!$movePost instanceof Permission) {
         $movePost = $authManager->createPermission(self::PERM_MOVE_POST);
         $movePost->description = 'Move Podium post';
         $movePost->ruleName = $moderatorRule->name;
         $authManager->add($movePost);
     }
     $banUser = $authManager->getPermission(self::PERM_BAN_USER);
     if (!$banUser instanceof Permission) {
         $banUser = $authManager->createPermission(self::PERM_BAN_USER);
         $banUser->description = 'Ban Podium user';
         $authManager->add($banUser);
     }
     $moderator = $authManager->getRole(self::ROLE_MODERATOR);
     if (!$moderator instanceof Role) {
         $moderator = $authManager->createRole(self::ROLE_MODERATOR);
         $authManager->add($moderator);
         $authManager->addChild($moderator, $updatePost);
         $authManager->addChild($moderator, $updateThread);
         $authManager->addChild($moderator, $deletePost);
         $authManager->addChild($moderator, $deleteThread);
         $authManager->addChild($moderator, $pinThread);
         $authManager->addChild($moderator, $lockThread);
         $authManager->addChild($moderator, $moveThread);
         $authManager->addChild($moderator, $movePost);
         $authManager->addChild($moderator, $banUser);
         $authManager->addChild($moderator, $user);
     }
     $deleteUser = $authManager->getPermission(self::PERM_DELETE_USER);
     if (!$deleteUser instanceof Permission) {
         $deleteUser = $authManager->createPermission(self::PERM_DELETE_USER);
         $deleteUser->description = 'Delete Podium user';
         $authManager->add($deleteUser);
     }
     $promoteUser = $authManager->getPermission(self::PERM_PROMOTE_USER);
     if (!$promoteUser instanceof Permission) {
         $promoteUser = $authManager->createPermission(self::PERM_PROMOTE_USER);
         $promoteUser->description = 'Promote Podium user';
         $authManager->add($promoteUser);
     }
     $createForum = $authManager->getPermission(self::PERM_CREATE_FORUM);
     if (!$createForum instanceof Permission) {
         $createForum = $authManager->createPermission(self::PERM_CREATE_FORUM);
         $createForum->description = 'Create Podium forum';
         $authManager->add($createForum);
     }
     $updateForum = $authManager->getPermission(self::PERM_UPDATE_FORUM);
     if (!$updateForum instanceof Permission) {
         $updateForum = $authManager->createPermission(self::PERM_UPDATE_FORUM);
         $updateForum->description = 'Update Podium forum';
         $authManager->add($updateForum);
     }
     $deleteForum = $authManager->getPermission(self::PERM_DELETE_FORUM);
     if (!$deleteForum instanceof Permission) {
         $deleteForum = $authManager->createPermission(self::PERM_DELETE_FORUM);
         $deleteForum->description = 'Delete Podium forum';
         $authManager->add($deleteForum);
     }
     $createCategory = $authManager->getPermission(self::PERM_CREATE_CATEGORY);
     if (!$createCategory instanceof Permission) {
         $createCategory = $authManager->createPermission(self::PERM_CREATE_CATEGORY);
         $createCategory->description = 'Create Podium category';
         $authManager->add($createCategory);
     }
     $updateCategory = $authManager->getPermission(self::PERM_UPDATE_CATEGORY);
     if (!$updateCategory instanceof Permission) {
         $updateCategory = $authManager->createPermission(self::PERM_UPDATE_CATEGORY);
         $updateCategory->description = 'Update Podium category';
         $authManager->add($updateCategory);
     }
     $deleteCategory = $authManager->getPermission(self::PERM_DELETE_CATEGORY);
     if (!$deleteCategory instanceof Permission) {
         $deleteCategory = $authManager->createPermission(self::PERM_DELETE_CATEGORY);
         $deleteCategory->description = 'Delete Podium category';
         $authManager->add($deleteCategory);
     }
     $settings = $authManager->getPermission(self::PERM_CHANGE_SETTINGS);
     if (!$settings instanceof Permission) {
         $settings = $authManager->createPermission(self::PERM_CHANGE_SETTINGS);
         $settings->description = 'Change Podium settings';
         $authManager->add($settings);
     }
     $admin = $authManager->getRole(self::ROLE_ADMIN);
     if (!$admin instanceof Role) {
         $admin = $authManager->createRole(self::ROLE_ADMIN);
         $authManager->add($admin);
         $authManager->addChild($admin, $deleteUser);
         $authManager->addChild($admin, $promoteUser);
         $authManager->addChild($admin, $createForum);
         $authManager->addChild($admin, $updateForum);
         $authManager->addChild($admin, $deleteForum);
         $authManager->addChild($admin, $createCategory);
         $authManager->addChild($admin, $updateCategory);
         $authManager->addChild($admin, $deleteCategory);
         $authManager->addChild($admin, $settings);
         $authManager->addChild($admin, $moderator);
     }
 }
Ejemplo n.º 16
0
 /**
  * @param $className
  * @return Rule
  */
 private function createRule($className)
 {
     $rule = new $className();
     $this->authManager->add($rule);
     return $rule;
 }