コード例 #1
  * @param string $id
  * @return string
 public function actionView($id)
     $role = $this->findModel($id);
     $authManager = new DbManager();
     $allRoles = Role::find()->asArray()->andWhere('name != :current_name', [':current_name' => $id])->all();
     $permissions = Permission::find()->andWhere(Yii::$app->getModule('user')->auth_item_table . '.name != :commonPermissionName', [':commonPermissionName' => Yii::$app->getModule('user')->commonPermissionName])->joinWith('group')->all();
     $permissionsByGroup = [];
     foreach ($permissions as $permission) {
         $permissionsByGroup[@$permission->group->name][] = $permission;
     $childRoles = $authManager->getChildren($role->name);
     $currentRoutesAndPermissions = AuthHelper::separateRoutesAndPermissions($authManager->getPermissionsByRole($role->name));
     $currentPermissions = $currentRoutesAndPermissions->permissions;
     return $this->renderIsAjax('view', compact('role', 'allRoles', 'childRoles', 'currentPermissions', 'permissionsByGroup'));
コード例 #2
  * Add or remove routes for this permission
  * @param string $id
  * @return \yii\web\Response
 public function actionSetChildRoutes($id)
     $item = $this->findModel($id);
     $newRoutes = Yii::$app->request->post('child_routes', []);
     $oldRoutes = array_keys(AuthHelper::getChildrenByType($item->name, AbstractItem::TYPE_ROUTE));
     $toAdd = array_diff($newRoutes, $oldRoutes);
     $toRemove = array_diff($oldRoutes, $newRoutes);
     Permission::addChildren($id, $toAdd);
     Permission::removeChildren($id, $toRemove);
     if (($toAdd or $toRemove) and $id == Yii::$app->getModule('user')->commonPermissionName) {
     Yii::$app->session->setFlash('success', 'Saved');
     return $this->redirect(['view', 'id' => $id]);
コード例 #3
ファイル: Permission.php プロジェクト: kuzmiand/yii2-users
  * Assign route to permission and create them if they don't exists
  * Helper mainly for migrations
  * @param string       $permissionName
  * @param array|string $routes
  * @param null|string  $permissionDescription
  * @param null|string  $groupCode
  * @throws \InvalidArgumentException
  * @return true|static|string
 public static function assignRoutes($permissionName, $routes, $permissionDescription = null, $groupCode = null)
     $permission = static::findOne(['name' => $permissionName]);
     $routes = (array) $routes;
     if (!$permission) {
         $permission = static::create($permissionName, $permissionDescription, $groupCode);
         if ($permission->hasErrors()) {
             return $permission;
     foreach ($routes as $route) {
         $route = '/' . ltrim($route, '/');
         try {
             Yii::$app->db->createCommand()->insert(Yii::$app->getModule('user')->auth_item_child_table, ['parent' => $permission->name, 'child' => $route])->execute();
         } catch (Exception $e) {
             // Don't throw Exception because this permission may already have this route,
             // so just go to the next route
     return true;
コード例 #4
ファイル: Role.php プロジェクト: kuzmiand/yii2-users
  * Assign route to role via permission and create permission or route if it don't exists
  * Helper mainly for migrations
  * @param string      $roleName
  * @param string      $permissionName
  * @param array       $routes
  * @param null|string $permissionDescription
  * @param null|string $groupCode
  * @throws \InvalidArgumentException
  * @return true|static|string
 public static function assignRoutesViaPermission($roleName, $permissionName, $routes, $permissionDescription = null, $groupCode = null)
     $role = static::findOne(['name' => $roleName]);
     if (!$role) {
         throw new \InvalidArgumentException("Role with name = {$roleName} not found");
     $permission = Permission::findOne(['name' => $permissionName]);
     if (!$permission) {
         $permission = Permission::create($permissionName, $permissionDescription, $groupCode);
         if ($permission->hasErrors()) {
             return $permission;
     try {
         Yii::$app->db->createCommand()->insert(Yii::$app->getModule('user')->auth_item_child_table, ['parent' => $role->name, 'child' => $permission->name])->execute();
     } catch (Exception $e) {
         // Don't throw Exception because we may have this permission for this role,
         // but need to add new routes to it
     $routes = (array) $routes;
     foreach ($routes as $route) {
         $route = '/' . ltrim($route, '/');
         try {
             Yii::$app->db->createCommand()->insert(Yii::$app->getModule('user')->auth_item_child_table, ['parent' => $permission->name, 'child' => $route])->execute();
         } catch (Exception $e) {
             // Don't throw Exception because this permission may already have this route,
             // so just go to the next route
     return true;
コード例 #5
ファイル: Route.php プロジェクト: kuzmiand/yii2-users
  * Check if controller has $freeAccess = true or $action in $freeAccessActions
  * Or it's login, logout, error page
  * @param string $route
  * @param Action|null $action
  * @return bool
 public static function isFreeAccess($route, $action = null)
     if ($action) {
         $controller = $action->controller;
         if ($controller->hasProperty('freeAccess') and $controller->freeAccess === true) {
             return true;
         if ($controller->hasProperty('freeAccessActions') and in_array($action->id, $controller->freeAccessActions)) {
             return true;
     $systemPages = ['/user/auth/logout', AuthHelper::unifyRoute(Yii::$app->errorHandler->errorAction), AuthHelper::unifyRoute(Yii::$app->user->loginUrl)];
     if (in_array($route, $systemPages)) {
         return true;
     // Registration can be enabled either by this option or by adding '/user/auth/registration' route to guest permissions
     if ($route == '/user/auth/registration' && Yii::$app->getModule('user')->enableRegistration === true) {
         return true;
     if (static::isInCommonPermission($route)) {
         return true;
     return false;
コード例 #6
ファイル: User.php プロジェクト: kuzmiand/yii2-users
 public static function canRoute($route, $superAdminAllowed = true)
     if ($superAdminAllowed and @Yii::$app->user->identity->isSuperadmin) {
         return true;
     $baseRoute = AuthHelper::unifyRoute($route);
     if (Route::isFreeAccess($baseRoute)) {
         return true;
     return Route::isRouteAllowed($baseRoute, Yii::$app->session->get(AuthHelper::SESSION_PREFIX_ROUTES, []));
コード例 #7
ファイル: AbstractItem.php プロジェクト: kuzmiand/yii2-users
  * Invalidate permissions if some item is deleted
 public function afterDelete()