public function assign($role, $userId)
{
if (!Users::findOne([Users::primaryKey()[0] => $userId])) {
throw new Exception("Пользователь не найден");
}
return parent::assign($role, $userId);
}
/**
* Initial RBAC action
* @param integer $id Superadmin ID
*/
public function actionInit($id = null)
{
$auth = new DbManager();
$auth->init();
$auth->removeAll();
//удаляем старые данные
// Rules
$groupRule = new GroupRule();
$auth->add($groupRule);
// Roles
$user = $auth->createRole('user');
$user->description = 'User';
$user->ruleName = $groupRule->name;
$auth->add($user);
$moderator = $auth->createRole(' moderator ');
$moderator->description = 'Moderator ';
$moderator->ruleName = $groupRule->name;
$auth->add($moderator);
$auth->addChild($moderator, $user);
$admin = $auth->createRole('admin');
$admin->description = 'Admin';
$admin->ruleName = $groupRule->name;
$auth->add($admin);
$auth->addChild($admin, $moderator);
$superadmin = $auth->createRole('superadmin');
$superadmin->description = 'Superadmin';
$superadmin->ruleName = $groupRule->name;
$auth->add($superadmin);
$auth->addChild($superadmin, $admin);
// Superadmin assignments
if ($id !== null) {
$auth->assign($superadmin, $id);
}
}
/**
* Initial RBAC action
* @param integer $id Superadmin ID
*/
public function actionInit($id = null)
{
$auth = new DbManager();
$auth->init();
$auth->removeAll();
//удаляем старые данные
// Rules
$groupRule = new GroupRule();
$auth->add($groupRule);
// Roles
$student = $auth->createRole('student');
$student->description = 'Student';
$student->ruleName = $groupRule->name;
$auth->add($student);
$teacher = $auth->createRole('teacher');
$teacher->description = 'Teacher';
$teacher->ruleName = $groupRule->name;
$auth->add($teacher);
$auth->addChild($teacher, $student);
$admin = $auth->createRole('admin');
$admin->description = 'Admin';
$admin->ruleName = $groupRule->name;
$auth->add($admin);
$auth->addChild($admin, $teacher);
$superadmin = $auth->createRole('superadmin');
$superadmin->description = 'Superadmin';
$superadmin->ruleName = $groupRule->name;
$auth->add($superadmin);
$auth->addChild($superadmin, $admin);
// Superadmin assignments
if ($id !== null) {
$auth->assign($superadmin, $id);
}
}
/**
*
* @param type $role
* @param type $user
*/
public function actionAssign($roleName, $userName)
{
$exitCode = 0;
$this->outputItem("Searching for", $roleName, "Role in database");
$role = $this->_authManager->getRole($roleName);
if (isset($role)) {
$this->stdout('OK', Console::FG_GREEN);
} else {
$this->stdout('FAILED', Console::FG_RED, Console::BOLD);
$exitCode = 1;
}
$this->outputItem("\nSearching for", $userName, "User Account in database");
$identityClass = \Yii::$app->user->identityClass;
$user = $identityClass::findByUsername($userName);
if (isset($user)) {
$this->stdout('OK', Console::FG_GREEN);
} else {
$this->stdout('FAILED', Console::FG_RED);
return 2;
}
$this->stdout('Linking: ');
if ($this->_authManager->assign($role, $user->id)) {
$this->stdout('OK', Console::FG_GREEN);
} else {
$this->stdout('FAILED', Console::FG_RED);
}
$this->stdout("\n");
return 0;
}
public function assign($role, $userId)
{
if ($this->cache !== null) {
$this->cache->delete($this->assignmentsCachePrefix . '_' . $userId);
}
return parent::assign($role, $userId);
}
/**
* This is to be called only once at the initialization
* by commenting out the behaviors first.
*/
public function actionAdmin()
{
$r = new DbManager();
$r->init();
$test = $r->createRole('admin');
$r->add($test);
$r->assign($test, Yii::$app->user->id);
}
private function setDefault()
{
$userPermission = $this->createPermission('editUser', 'Изменение пользователей системы');
$rolePermission = $this->createPermission('editRole', 'Изменение ролей пользователей');
$adminRole = $this->createRole(Yii::$app->params['admin.role'], 'Администратор');
$this->authManager->addChild($adminRole, $userPermission);
$this->authManager->addChild($adminRole, $rolePermission);
$admin = User::findOne(['username' => Yii::$app->params['admin.name']]);
if (is_null($admin)) {
$admin = $this->createAdminUser();
}
$this->authManager->assign($adminRole, $admin->getPrimaryKey());
}
/**
* Assign role to a user.
* @param string $nameOrEmail
* @param string $roleName
*/
public function actionAssign($nameOrEmail, $roleName)
{
$user = $this->getUser($nameOrEmail);
$role = $this->getRole($roleName);
// Ensure that role is exist.
foreach ($user->getRoles() as $userRole) {
if ($userRole->name == $role->name) {
$this->err('Already assinged to "{role}" role.', ['role' => $role->name]);
return;
}
}
$this->_auth->assign($role, $user->id);
$this->p('Role "{role}" assigned to user "{name}".', ['role' => $role->name, 'name' => $user->name]);
}
/**
* the register customer will be added 'customer' role
*/
public static function frontendRegister()
{
Event::on(User::className(), User::USER_REGISTER_DONE, function ($event) {
/** @var \yii\base\ModelEvent $event */
$user = $event->sender;
$auth = new DbManager();
$auth->init();
$role = $auth->getRole('Customer');
if (!$role) {
$role = $auth->createRole('Customer');
$auth->add($role);
}
$auth->assign($role, $user->id);
});
}
public function afterSave($insert, $changedAttributes)
{
parent::afterSave($insert, $changedAttributes);
if (!\Yii::$app instanceof ConsoleApplication) {
if ($this->scenario == 'update' || $this->scenario == 'create') {
$auth = new DbManager();
$auth->init();
$name = $this->role ? $this->role : self::ROLE_DEFAULT;
$role = $auth->getRole($name);
if (!$insert) {
$auth->revokeAll($this->id);
}
$auth->assign($role, $this->id);
}
}
}
/**
* @inheritdoc
*/
public function assign($role, $userId)
{
$assignment = parent::assign($role, $userId);
if (isset($this->_assignments[$userId]) && !in_array($role->name, $this->_assignments[$userId])) {
$this->_assignments[$userId][] = $role->name;
}
return $assignment;
}
/**
* @inheritdoc
*/
public function assign($role, $userId)
{
$assignment = parent::assign($role, $userId);
if (isset($this->_assignments[$userId])) {
$this->_assignments[$userId][$role->name] = $assignment;
}
return $assignment;
}
/**
* Remove admin role for user
* after that set member role for user
* @param $id: user id from user table
* @return redirect to admin/index page
*/
public function actionRemoverole($id)
{
$r = new DbManager();
$r->init();
if ($id > 0) {
// remove admin role for this user
$admin = $r->getRole('admin');
$r->revoke($admin, $id);
// get member role to add to this user
$member = $r->getRole('member');
$r->assign($member, $id);
// update user table
$this->updateUser($id, BUser::getAuthName('ROLE_MEMBER'));
Yii::$app->getSession()->setFlash('user.success', Yii::t('user', 'User has been updated'));
} else {
Yii::$app->getSession()->setFlash('user.success', Yii::t('error', 'Sorry there is something wrong!'));
}
return $this->redirect(['index']);
}
/**
* Phân quyền quản trị
*/
public function actionAssigndata()
{
$params = \Yii::$app->request->post();
if (!empty($params)) {
self::removeAssignmentByUserId($params['id']);
if (!empty($params['data'])) {
$dbManager = new DbManager();
$dbManager->init();
foreach ($params['data'] as $role) {
$assignment = $dbManager->getAssignment($role, $params['id']);
if ($assignment == null) {
$dbManager->assign($dbManager->getPermission($role), $params['id']);
}
}
}
return $this->response(new Response(true, "Cấp quyền cho tài khoản thành công", []));
}
}