public function actionUpdatechild() { $item = Yii::$app->request->get('item'); if (empty($item)) { return $this->redirect(['backend/rbac/item']); } if (Yii::$app->request->post()) { // Delete all child of $item LetAuthItemChild::deleteChild($item); $auth = Yii::$app->authManager; $itemObject = $auth->getRole($item); $roles = Yii::$app->request->post('role'); $permissions = Yii::$app->request->post('permission'); if (!empty($roles)) { foreach ($roles as $role) { $roleObject = $auth->getRole($role); $auth->addChild($itemObject, $roleObject); } } if (!empty($permissions)) { foreach ($permissions as $permission) { $permissionObject = $auth->getPermission($permission); $auth->addChild($itemObject, $permissionObject); } } } // Get items enable and child list $assign['itemsRole'] = ArrayHelper::map(LetAuthItem::assignEnable($item, LetAuthItem::TYPE_ROLE), 'name', 'name'); $assign['itemsPermission'] = ArrayHelper::map(LetAuthItem::assignEnable($item, LetAuthItem::TYPE_PERMISSION), 'name', 'name'); $assign['child'] = LetAuthItemChild::getChild($item); return $this->render('updatechild', $assign); }
public function actionSetuprbac() { $permissions = [$this->module->id . ':view', $this->module->id . ':create', $this->module->id . ':update', $this->module->id . ':updateOwn', $this->module->id . ':delete', $this->module->id . ':deleteOwn']; \app\modules\member\models\LetAuthItem::deleteAll(['in', 'name', $permissions]); \app\modules\member\models\LetAuthItemChild::deleteAll(['in', 'child', $permissions]); $auth = Yii::$app->authManager; // Rule $rule = $auth->getRule('isAuthor'); if (empty($rule)) { $rule = new \app\rbac\AuthorRule(); $auth->add($rule); } // Permission $admin = $auth->getRole('admin'); $member = $auth->getRole('member'); foreach ($permissions as $permission) { $create = $auth->createPermission($permission); if ($permission == $this->module->id . ':create') { $auth->add($create); $auth->addChild($member, $create); } elseif ($permission == $this->module->id . ':updateOwn' or $permission == $this->module->id . ':deleteOwn') { $create->ruleName = $rule->name; $auth->add($create); $auth->addChild($member, $create); } else { $auth->add($create); } $auth->addChild($admin, $create); unset($create); } $updateOwn = $auth->getPermission($this->module->id . ':updateOwn'); $update = $auth->getPermission($this->module->id . ':update'); $auth->addChild($updateOwn, $update); }
public static function assignEnable($item, $type = NULL) { $ignoreItems = LetAuthItemChild::getAncestors([$item]); $ignoreItems[] = $item; $listItems = self::find()->select(['name', 'type'])->where(['not in', 'name', $ignoreItems]); if (!empty($type)) { $listItems = $listItems->andWhere('type = :type', [':type' => $type]); } $listItems = $listItems->orderBy('type ASC')->asArray()->all(); return $listItems; }