/**
* Returns name of the operation based on controller's class and it's action name
* @param Controller|string $controller
* @param string $action
* @return string
* @deprecated Use [[\yz\admin\helpers\Rbac::getOperationName]]
*/
public static function getOperationName($controller, $action)
{
return Rbac::operationName($controller, $action);
}
protected function accessControlBehavior()
{
return ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'matchCallback' => function ($rule, $action) {
return \Yii::$app->user->can(Rbac::operationName($this, $action->id));
}], ['allow' => false]]];
}
/**
* Returns the list of the backend operations that are allowed to be permitted to the user.
* By default list is auto-discovered as all actions of controllers that are children of BackendController.
* List has the following form:
* ~~~
* [
* 'authItemName' => ['Description', type, ['children1', 'children2, ...]],
* ]
* ~~~
* @returns array
*/
public function getAuthItems()
{
$list = [];
if (is_dir($this->controllerPath) == false) {
return $list;
}
$moduleAuthItemName = Rbac::authItemName($this->className());
$moduleDescription = \Yii::t('yz', 'Access to the module "{module}"', ['module' => $this->getName()]);
$moduleAuthItem = [$moduleAuthItemName => [$moduleDescription, Item::TYPE_PERMISSION, []]];
foreach (FileHelper::findFiles($this->controllerPath, ['only' => ['*Controller.php']]) as $file) {
$relativePath = ltrim(substr($file, strlen($this->controllerPath)), '\\/');
$controllerBaseClassName = substr($relativePath, 0, -4);
// Removing .php
$controllerName = substr($controllerBaseClassName, 0, -10);
// Removing Controller
$controllerClassName = ltrim($this->controllerNamespace . '\\' . str_replace('/', '\\', $controllerBaseClassName));
$ref = new \ReflectionClass($controllerClassName);
if ($ref->isSubclassOf(Controller::class) || $ref->implementsInterface(AccessControlInterface::class)) {
$controllerId = implode('/', array_map([Inflector::class, 'camel2id'], explode('/', $controllerName)));
$controllerAuthItemName = Rbac::authItemName($controllerClassName);
$controllerDescription = \Yii::t('yz', 'Access to the section "{module}/{controller}"', ['controller' => $controllerName, 'module' => $this->getName()]);
$controllerAuthItem = [$controllerAuthItemName => [$controllerDescription, Item::TYPE_PERMISSION, []]];
$moduleAuthItem[$moduleAuthItemName][2][] = $controllerAuthItemName;
$controllerInstance = $this->createControllerByID($controllerId);
$actions = array_keys($controllerInstance->actions());
$methods = $ref->getMethods(\ReflectionMethod::IS_PUBLIC);
$actionsAuthItems = [];
foreach (array_merge($actions, $methods) as $method) {
if (is_string($method)) {
$action = ucfirst($method);
} else {
/** @var \ReflectionMethod $method */
if (!preg_match('/^action([A-Z].*)$/', $method->getName(), $m)) {
continue;
}
$action = $m[1];
}
$actionAuthItemName = Rbac::operationName($controllerClassName, $action);
$actionDescription = \Yii::t('yz', 'Access to the action "{module}/{controller}/{action}"', ['action' => $action, 'controller' => $controllerName, 'module' => $this->getName()]);
$actionsAuthItems[$actionAuthItemName] = [$actionDescription, Item::TYPE_PERMISSION, []];
$controllerAuthItem[$controllerAuthItemName][2][] = $actionAuthItemName;
}
$list = array_merge($list, $controllerAuthItem, $actionsAuthItems);
}
}
$list = array_merge($moduleAuthItem, $list);
return $list;
}
/**
* @return array
*/
protected function getAuthItemsFromApp()
{
$list = [];
if (!is_dir($this->app->controllerPath)) {
return $list;
}
$moduleAuthItemName = $this->className();
foreach (FileHelper::findFiles($this->app->controllerPath, ['only' => ['*Controller.php']]) as $file) {
$relativePath = basename($file);
$controllerBaseClassName = substr($relativePath, 0, -4);
// Removing .php
$controllerName = substr($controllerBaseClassName, 0, -10);
// Removing Controller
$controllerClassName = ltrim($this->app->controllerNamespace . '\\' . $controllerBaseClassName);
$ref = new \ReflectionClass($controllerClassName);
if ($ref->isSubclassOf(Controller::class) || $ref->implementsInterface(AccessControlInterface::class)) {
/** @var string $controllerClassName */
$controllerAuthItemName = $controllerClassName;
$controllerDescription = \Yii::t('admin/t', 'Access to the section "Application/{controller}"', ['controller' => $controllerName]);
$controllerAuthItem = [$controllerAuthItemName => [$controllerDescription, Item::TYPE_PERMISSION, []]];
$moduleAuthItem[$moduleAuthItemName][2][] = $controllerAuthItemName;
$controllerInstance = $this->app->createControllerByID(Inflector::camel2id($controllerName));
$actions = array_keys($controllerInstance->actions());
$methods = $ref->getMethods(\ReflectionMethod::IS_PUBLIC);
$actionsAuthItems = [];
foreach (array_merge($actions, $methods) as $method) {
if (is_string($method)) {
$action = ucfirst($method);
} else {
/** @var \ReflectionMethod $method */
if (!preg_match('/^action([A-Z].*)$/', $method->getName(), $m)) {
continue;
}
$action = $m[1];
}
$actionAuthItemName = Rbac::operationName($controllerClassName, $action);
$actionDescription = \Yii::t('admin/t', 'Access to the action "Application/{controller}/{action}"', ['action' => $action, 'controller' => $controllerName]);
$actionsAuthItems[$actionAuthItemName] = [$actionDescription, Item::TYPE_PERMISSION, []];
$controllerAuthItem[$controllerAuthItemName][2][] = $actionAuthItemName;
}
$list = array_merge($list, $controllerAuthItem, $actionsAuthItems);
}
}
return $list;
}