public function actionAjaxChild($name)
{
$role = $this->findRole($name);
$namePermission = Yii::$app->request->post('permission');
$permission = $this->auth->getPermission($namePermission);
return $this->auth->addChild($role, $permission) ? 'success' : 'fail';
}
protected function prepareData()
{
$rule = new AuthorRule();
$this->auth->add($rule);
$createPost = $this->auth->createPermission('createPost');
$createPost->description = 'create a post';
$this->auth->add($createPost);
$readPost = $this->auth->createPermission('readPost');
$readPost->description = 'read a post';
$this->auth->add($readPost);
$updatePost = $this->auth->createPermission('updatePost');
$updatePost->description = 'update a post';
$updatePost->ruleName = $rule->name;
$this->auth->add($updatePost);
$updateAnyPost = $this->auth->createPermission('updateAnyPost');
$updateAnyPost->description = 'update any post';
$this->auth->add($updateAnyPost);
$reader = $this->auth->createRole('reader');
$this->auth->add($reader);
$this->auth->addChild($reader, $readPost);
$author = $this->auth->createRole('author');
$this->auth->add($author);
$this->auth->addChild($author, $createPost);
$this->auth->addChild($author, $updatePost);
$this->auth->addChild($author, $reader);
$admin = $this->auth->createRole('admin');
$this->auth->add($admin);
$this->auth->addChild($admin, $author);
$this->auth->addChild($admin, $updateAnyPost);
$this->auth->assign($reader, 'reader A');
$this->auth->assign($author, 'author B');
$this->auth->assign($admin, 'admin C');
}
/**
* @param $data
* @param \yii\rbac\ManagerInterface $authManager
* @param null $parent
*/
function addItem($data, $authManager, $parent = null)
{
foreach ($data as $d) {
$item = $authManager->createPermission($d['action']);
$item->description = $d['name'];
$authManager->add($item);
$authManager->addChild($parent, $item);
if (isset($d['children'])) {
addItem($d['children'], $authManager, $item);
}
}
}
/**
* Add child to Item
*
* @param array $items
*
* @return int
*/
public function addChildren($items)
{
if ($this->_item) {
foreach ($items as $name) {
$child = $this->manager->getPermission($name);
if (empty($child) && $this->type == Item::TYPE_ROLE) {
$child = $this->manager->getRole($name);
}
$this->manager->addChild($this->_item, $child);
}
}
return true;
}
/**
* @param bool $validate
* @return bool
*/
public function save($validate = true)
{
if ($validate && !$this->validate()) {
return false;
}
if ($this->isNewRecord) {
$this->role = $this->auth->createRole($this->name);
$this->role->description = $this->description;
if (!$this->auth->add($this->role)) {
return false;
}
} else {
$this->role->name = $this->name;
$this->role->description = $this->description;
if (!$this->auth->update($this->oldName, $this->role)) {
return false;
}
$this->auth->removeChildren($this->role);
}
foreach ($this->actions as $action) {
$this->auth->addChild($this->role, $this->auth->getPermission($action));
}
return true;
}
/**
* @param string $name
* @param array $permissions
* @param array $roles
* @return bool
*/
public function updateRole($name, array $permissions, array $roles)
{
if ($this->validate()) {
$object = $this->authManager->getRole($name);
$object->description = $this->description;
if ($this->authManager->update($name, $object)) {
$this->authManager->removeChildren($object);
foreach ($permissions as $permission) {
$this->authManager->addChild($object, $this->authManager->getPermission($permission));
}
foreach ($roles as $role) {
$this->authManager->addChild($object, $this->authManager->getRole($role));
}
return true;
}
}
return false;
}
protected function prepareData()
{
User::reset();
$rule = new AuthorRule();
$this->auth->add($rule);
$uniqueTrait = $this->auth->createPermission('Fast Metabolism');
$uniqueTrait->description = 'Your metabolic rate is twice normal. This means that you are much less resistant to radiation and poison, but your body heals faster.';
$this->auth->add($uniqueTrait);
$createPost = $this->auth->createPermission('createPost');
$createPost->description = 'create a post';
$this->auth->add($createPost);
$readPost = $this->auth->createPermission('readPost');
$readPost->description = 'read a post';
$this->auth->add($readPost);
$deletePost = $this->auth->createPermission('deletePost');
$deletePost->description = 'delete a post';
$this->auth->add($deletePost);
$updatePost = $this->auth->createPermission('updatePost');
$updatePost->description = 'update a post';
$updatePost->ruleName = $rule->name;
$this->auth->add($updatePost);
$updateAnyPost = $this->auth->createPermission('updateAnyPost');
$updateAnyPost->description = 'update any post';
$this->auth->add($updateAnyPost);
$reader = $this->auth->createRole('reader');
$this->auth->add($reader);
$this->auth->addChild($reader, $readPost);
$author = $this->auth->createRole('author');
$this->auth->add($author);
$this->auth->addChild($author, $createPost);
$this->auth->addChild($author, $updatePost);
$this->auth->addChild($author, $reader);
$admin = $this->auth->createRole('admin');
$this->auth->add($admin);
$this->auth->addChild($admin, $author);
$this->auth->addChild($admin, $updateAnyPost);
$this->auth->assign($uniqueTrait, 'reader A');
$this->auth->assign($reader, 'reader A');
$this->auth->assign($author, 'author B');
$this->auth->assign($deletePost, 'author B');
$this->auth->assign($admin, 'admin C');
}
/**
* @param ManagerInterface $auth
* @param string $name
* @param array $options
* @param Permission $parent
* @return Permission
*/
private function createPermission($auth, $name, $options = array(), $parent = null)
{
$permission = $auth->createPermission($name);
if (isset($option['description'])) {
$permission->description = $option['description'];
}
if (isset($option['rule'])) {
$permission->ruleName = $option['rule'];
}
$auth->add($permission);
if ($parent) {
$auth->addChild($parent, $permission);
}
if (isset($options['children'])) {
foreach ($options['children'] as $childName => $childOptions) {
$this->createPermission($auth, $childName, $childOptions, $permission);
}
}
return $permission;
}
/**
* Create roles.
*/
protected function createRoles()
{
if (!($roles = ArrayHelper::getValue($this->rbac, 'roles'))) {
return;
}
foreach ($roles as $name => $permissions) {
if (!($role = $this->_auth->getRole($name))) {
$role = $this->_auth->createRole($name);
$this->_auth->add($role);
}
foreach ($permissions as $name) {
if (!($child = ArrayHelper::getValue($this->_permissions, $name))) {
$child = $this->_auth->getRole($name);
}
if ($child) {
$this->_auth->addChild($role, $child);
}
}
}
}
/**
* Add child role by passed role object or it's name
* @param string|Role $role
* @return static
*/
public function addRole($role)
{
$role = $this->findRole($role);
$this->authManager->addChild($this->item, $role);
return $this;
}
