/**
* Delete permission from a role.
* @param string $roleName role name.
* @param string $permName permission name.
*/
public function actionDelperm($roleName, $permName)
{
$role = $this->getRole($roleName);
$permissions = $this->_auth->getPermissionsByRole($roleName);
if (!isset($permissions[$permName])) {
$this->stderr("Role '{$roleName}' has not permission '{$permName}'.", Console::FG_RED);
return;
}
if (!($item = $this->_auth->getPermission($permName))) {
$this->stderr("Permission '{$permName}' cannot found by auth manager.", Console::FG_RED);
return;
}
$this->_auth->removeChild($role, $item);
$this->p('Permission "{perm}" removed from role "{role}"', ['perm' => $permName, 'role' => $role->name]);
// Transfer permissions to Administrator role.
if ($roleName != 'Administrator') {
$adminRole = $this->getRole('Administrator');
$permissions = $this->_auth->getPermissionsByRole($adminRole->name);
if (!isset($permissions[$permName])) {
$this->_auth->addChild($adminRole, $item);
$this->p('Permission "{perm}" transfer to Administrator.', ['perm' => $permName]);
}
}
}
/**
* @inheritdoc
*/
public function removeChild($parent, $child)
{
$result = parent::removeChild($parent, $child);
if ($this->_children !== null) {
$query = (new Query())->select('child')->from($this->itemChildTable)->where(['parent' => $parent->name]);
$this->_children[$parent->name] = $query->column($this->db);
}
$this->invalidate(self::PART_CHILDREN);
return $result;
}
