public function actionInit()
{
// $auth = Yii::$app->authManager;
$auth = new DbManager();
$auth->removeAll();
//удаляем старые данные
//Создадим права для доступа к админке
$dashboard = $auth->createPermission('dashboard');
$dashboard->description = 'Админ панель';
$auth->add($dashboard);
//Включаем наш обработчик
$rule = new UserRoleRule();
$auth->add($rule);
//Добавляем роли
$user = $auth->createRole('user');
$user->description = 'Пользователь';
$user->ruleName = $rule->name;
$auth->add($user);
$moder = $auth->createRole('moder');
$moder->description = 'Модератор';
$moder->ruleName = $rule->name;
$auth->add($moder);
//Добавляем потомков
$auth->addChild($moder, $user);
$auth->addChild($moder, $dashboard);
$admin = $auth->createRole('admin');
$admin->description = 'Администратор';
$admin->ruleName = $rule->name;
$auth->add($admin);
$auth->addChild($admin, $moder);
}
public function afterSave($insert, $changedAttributes)
{
$rbac = new DbManager();
$rbac->init();
$role = $rbac->createRole($this->name);
$role->description = $this->title;
if ($insert) {
if ($rbac->add($role)) {
if ($this->rights) {
$this->rights = unserialize($this->rights);
if (is_array($this->rights) && count($this->rights)) {
foreach ($this->rights as $key => $child) {
if (intval($child)) {
$child = $rbac->createPermission($key);
if (!$rbac->getPermission($key)) {
$rbac->add($child);
}
$rbac->addChild($role, $child);
}
}
}
}
}
} else {
if ($rbac->update($this->name, $role)) {
$rbac->removeChildren($role);
if ($this->rights) {
$this->rights = unserialize($this->rights);
if (is_array($this->rights) && count($this->rights)) {
foreach ($this->rights as $key => $child) {
if (intval($child)) {
$child = $rbac->createPermission($key);
if (!$rbac->getPermission($key)) {
$rbac->add($child);
}
$rbac->addChild($role, $child);
}
}
}
}
}
}
return parent::afterSave($insert, $changedAttributes);
}
/**
* Add permission.
* @param string $name
* @param string $description
* @param Rule $rule
* @return Item
*/
protected function addPermission($name, $description, $rule = null)
{
$perm = $this->_auth->createPermission($name);
$perm->description = $description;
if ($rule instanceof Rule) {
$perm->ruleName = $rule->name;
}
$this->_perms[$name] = $perm;
$this->_auth->add($perm);
return $perm;
}
public function actionInit()
{
$auth = new DbManager();
$auth->init();
$auth->removeAll();
$groupRule = new GroupRule();
$auth->add($groupRule);
$user = $auth->createRole('user');
$user->description = 'User';
$user->ruleName = $groupRule->name;
$auth->add($user);
$auth->add($auth->createPermission('admin'));
}
public function savePermissions()
{
$auth = new DbManager();
$auth->init();
$actions = $this->getActions();
if (strpos($this->controllerClass, '\\') === false) {
\Yii::$app->session->addFlash('error', \Yii::t('auth', 'wrong data '));
} else {
foreach ($actions as $action) {
if (!$auth->getPermission($this->controllerClass . '_' . $action)) {
$permission = $auth->createPermission($this->controllerClass . '_' . $action);
if (!$auth->add($permission)) {
\Yii::$app->session->addFlash('error', \Yii::t('auth', $action . ' action add failed'));
} else {
\Yii::$app->session->addFlash('success', \Yii::t('auth', 'add ' . $action . ' action success!'));
}
} else {
\Yii::$app->session->addFlash('error', \Yii::t('auth', $action . ' action has already exist'));
}
}
}
}
/**
*
* @param string $name
* @return int The exit-code, 0 for success, 601 (DB) or 602 (Exception) for link errors
*/
public function actionCreatePermission($name)
{
$permission = $this->_authManager->createPermission($name);
return $this->link("addItem", ['permission' => $permission], ['permissionName' => $name]);
}
public function actionCreatePermission($name)
{
$role = $this->_authManager->createPermission($name);
$this->outputItem("Creating", $name, "Permission");
return $this->addItem($role);
}
/**
* Adds RBAC rules.
*/
public function add(DbManager $authManager)
{
$viewThread = $authManager->getPermission(self::PERM_VIEW_THREAD);
if (!$viewThread instanceof Permission) {
$viewThread = $authManager->createPermission(self::PERM_VIEW_THREAD);
$viewThread->description = 'View Podium thread';
$authManager->add($viewThread);
}
$viewForum = $authManager->getPermission(self::PERM_VIEW_FORUM);
if (!$viewForum instanceof Permission) {
$viewForum = $authManager->createPermission(self::PERM_VIEW_FORUM);
$viewForum->description = 'View Podium forum';
$authManager->add($viewForum);
}
$createThread = $authManager->getPermission(self::PERM_CREATE_THREAD);
if (!$createThread instanceof Permission) {
$createThread = $authManager->createPermission(self::PERM_CREATE_THREAD);
$createThread->description = 'Create Podium thread';
$authManager->add($createThread);
}
$createPost = $authManager->getPermission(self::PERM_CREATE_POST);
if (!$createPost instanceof Permission) {
$createPost = $authManager->createPermission(self::PERM_CREATE_POST);
$createPost->description = 'Create Podium post';
$authManager->add($createPost);
}
$moderatorRule = $authManager->getRule('isPodiumModerator');
if (!$moderatorRule instanceof ModeratorRule) {
$moderatorRule = new ModeratorRule();
$authManager->add($moderatorRule);
}
$updatePost = $authManager->getPermission(self::PERM_UPDATE_POST);
if (!$updatePost instanceof Permission) {
$updatePost = $authManager->createPermission(self::PERM_UPDATE_POST);
$updatePost->description = 'Update Podium post';
$updatePost->ruleName = $moderatorRule->name;
$authManager->add($updatePost);
}
$authorRule = $authManager->getRule('isPodiumAuthor');
if (!$authorRule instanceof AuthorRule) {
$authorRule = new AuthorRule();
$authManager->add($authorRule);
}
$updateOwnPost = $authManager->getPermission(self::PERM_UPDATE_OWN_POST);
if (!$updateOwnPost instanceof Permission) {
$updateOwnPost = $authManager->createPermission(self::PERM_UPDATE_OWN_POST);
$updateOwnPost->description = 'Update own Podium post';
$updateOwnPost->ruleName = $authorRule->name;
$authManager->add($updateOwnPost);
$authManager->addChild($updateOwnPost, $updatePost);
}
$deletePost = $authManager->getPermission(self::PERM_DELETE_POST);
if (!$deletePost instanceof Permission) {
$deletePost = $authManager->createPermission(self::PERM_DELETE_POST);
$deletePost->description = 'Delete Podium post';
$deletePost->ruleName = $moderatorRule->name;
$authManager->add($deletePost);
}
$deleteOwnPost = $authManager->getPermission(self::PERM_DELETE_OWN_POST);
if (!$deleteOwnPost instanceof Permission) {
$deleteOwnPost = $authManager->createPermission(self::PERM_DELETE_OWN_POST);
$deleteOwnPost->description = 'Delete own Podium post';
$deleteOwnPost->ruleName = $authorRule->name;
$authManager->add($deleteOwnPost);
$authManager->addChild($deleteOwnPost, $deletePost);
}
$user = $authManager->getRole(self::ROLE_USER);
if (!$user instanceof Role) {
$user = $authManager->createRole(self::ROLE_USER);
$authManager->add($user);
$authManager->addChild($user, $viewThread);
$authManager->addChild($user, $viewForum);
$authManager->addChild($user, $createThread);
$authManager->addChild($user, $createPost);
$authManager->addChild($user, $updateOwnPost);
$authManager->addChild($user, $deleteOwnPost);
}
$updateThread = $authManager->getPermission(self::PERM_UPDATE_THREAD);
if (!$updateThread instanceof Permission) {
$updateThread = $authManager->createPermission(self::PERM_UPDATE_THREAD);
$updateThread->description = 'Update Podium thread';
$updateThread->ruleName = $moderatorRule->name;
$authManager->add($updateThread);
}
$deleteThread = $authManager->getPermission(self::PERM_DELETE_THREAD);
if (!$deleteThread instanceof Permission) {
$deleteThread = $authManager->createPermission(self::PERM_DELETE_THREAD);
$deleteThread->description = 'Delete Podium thread';
$deleteThread->ruleName = $moderatorRule->name;
$authManager->add($deleteThread);
}
$pinThread = $authManager->getPermission(self::PERM_PIN_THREAD);
if (!$pinThread instanceof Permission) {
$pinThread = $authManager->createPermission(self::PERM_PIN_THREAD);
$pinThread->description = 'Pin Podium thread';
$pinThread->ruleName = $moderatorRule->name;
$authManager->add($pinThread);
}
$lockThread = $authManager->getPermission(self::PERM_LOCK_THREAD);
if (!$lockThread instanceof Permission) {
$lockThread = $authManager->createPermission(self::PERM_LOCK_THREAD);
$lockThread->description = 'Lock Podium thread';
$lockThread->ruleName = $moderatorRule->name;
$authManager->add($lockThread);
}
$moveThread = $authManager->getPermission(self::PERM_MOVE_THREAD);
if (!$moveThread instanceof Permission) {
$moveThread = $authManager->createPermission(self::PERM_MOVE_THREAD);
$moveThread->description = 'Move Podium thread';
$moveThread->ruleName = $moderatorRule->name;
$authManager->add($moveThread);
}
$movePost = $authManager->getPermission(self::PERM_MOVE_POST);
if (!$movePost instanceof Permission) {
$movePost = $authManager->createPermission(self::PERM_MOVE_POST);
$movePost->description = 'Move Podium post';
$movePost->ruleName = $moderatorRule->name;
$authManager->add($movePost);
}
$banUser = $authManager->getPermission(self::PERM_BAN_USER);
if (!$banUser instanceof Permission) {
$banUser = $authManager->createPermission(self::PERM_BAN_USER);
$banUser->description = 'Ban Podium user';
$authManager->add($banUser);
}
$moderator = $authManager->getRole(self::ROLE_MODERATOR);
if (!$moderator instanceof Role) {
$moderator = $authManager->createRole(self::ROLE_MODERATOR);
$authManager->add($moderator);
$authManager->addChild($moderator, $updatePost);
$authManager->addChild($moderator, $updateThread);
$authManager->addChild($moderator, $deletePost);
$authManager->addChild($moderator, $deleteThread);
$authManager->addChild($moderator, $pinThread);
$authManager->addChild($moderator, $lockThread);
$authManager->addChild($moderator, $moveThread);
$authManager->addChild($moderator, $movePost);
$authManager->addChild($moderator, $banUser);
$authManager->addChild($moderator, $user);
}
$deleteUser = $authManager->getPermission(self::PERM_DELETE_USER);
if (!$deleteUser instanceof Permission) {
$deleteUser = $authManager->createPermission(self::PERM_DELETE_USER);
$deleteUser->description = 'Delete Podium user';
$authManager->add($deleteUser);
}
$promoteUser = $authManager->getPermission(self::PERM_PROMOTE_USER);
if (!$promoteUser instanceof Permission) {
$promoteUser = $authManager->createPermission(self::PERM_PROMOTE_USER);
$promoteUser->description = 'Promote Podium user';
$authManager->add($promoteUser);
}
$createForum = $authManager->getPermission(self::PERM_CREATE_FORUM);
if (!$createForum instanceof Permission) {
$createForum = $authManager->createPermission(self::PERM_CREATE_FORUM);
$createForum->description = 'Create Podium forum';
$authManager->add($createForum);
}
$updateForum = $authManager->getPermission(self::PERM_UPDATE_FORUM);
if (!$updateForum instanceof Permission) {
$updateForum = $authManager->createPermission(self::PERM_UPDATE_FORUM);
$updateForum->description = 'Update Podium forum';
$authManager->add($updateForum);
}
$deleteForum = $authManager->getPermission(self::PERM_DELETE_FORUM);
if (!$deleteForum instanceof Permission) {
$deleteForum = $authManager->createPermission(self::PERM_DELETE_FORUM);
$deleteForum->description = 'Delete Podium forum';
$authManager->add($deleteForum);
}
$createCategory = $authManager->getPermission(self::PERM_CREATE_CATEGORY);
if (!$createCategory instanceof Permission) {
$createCategory = $authManager->createPermission(self::PERM_CREATE_CATEGORY);
$createCategory->description = 'Create Podium category';
$authManager->add($createCategory);
}
$updateCategory = $authManager->getPermission(self::PERM_UPDATE_CATEGORY);
if (!$updateCategory instanceof Permission) {
$updateCategory = $authManager->createPermission(self::PERM_UPDATE_CATEGORY);
$updateCategory->description = 'Update Podium category';
$authManager->add($updateCategory);
}
$deleteCategory = $authManager->getPermission(self::PERM_DELETE_CATEGORY);
if (!$deleteCategory instanceof Permission) {
$deleteCategory = $authManager->createPermission(self::PERM_DELETE_CATEGORY);
$deleteCategory->description = 'Delete Podium category';
$authManager->add($deleteCategory);
}
$settings = $authManager->getPermission(self::PERM_CHANGE_SETTINGS);
if (!$settings instanceof Permission) {
$settings = $authManager->createPermission(self::PERM_CHANGE_SETTINGS);
$settings->description = 'Change Podium settings';
$authManager->add($settings);
}
$admin = $authManager->getRole(self::ROLE_ADMIN);
if (!$admin instanceof Role) {
$admin = $authManager->createRole(self::ROLE_ADMIN);
$authManager->add($admin);
$authManager->addChild($admin, $deleteUser);
$authManager->addChild($admin, $promoteUser);
$authManager->addChild($admin, $createForum);
$authManager->addChild($admin, $updateForum);
$authManager->addChild($admin, $deleteForum);
$authManager->addChild($admin, $createCategory);
$authManager->addChild($admin, $updateCategory);
$authManager->addChild($admin, $deleteCategory);
$authManager->addChild($admin, $settings);
$authManager->addChild($admin, $moderator);
}
}
