/**
* Revokes a roles and permissions from the user.
*
* @param array $items
*
* @return int number of successful revoke
*/
public function revoke($items)
{
foreach ($items as $name) {
$item = $this->manager->getRole($name);
$item = $item ?: $this->manager->getPermission($name);
$this->manager->revoke($item, $this->userId);
}
return true;
}
/**
* @param string|Role $role role item object or it's name
* @return Role
*/
protected function findRole($role)
{
if ($role instanceof Role) {
return $role;
}
return $this->authManager->getRole($role);
}
protected function findRole($name)
{
$role = $this->auth->getRole($name);
if ($role) {
return $role;
}
throw new HttpException(404);
}
public function testGetAssignmentsByRole()
{
$this->prepareData();
$reader = $this->auth->getRole('reader');
$this->auth->assign($reader, 123);
$this->auth = $this->createManager();
$this->assertEquals([], $this->auth->getUserIdsByRole('nonexisting'));
$this->assertEquals(['reader A', '123'], $this->auth->getUserIdsByRole('reader'));
$this->assertEquals(['author B'], $this->auth->getUserIdsByRole('author'));
$this->assertEquals(['admin C'], $this->auth->getUserIdsByRole('admin'));
}
/**
* Remove child from an item
*
* @param array $items
*
* @return int
*/
public function removeChildren($items)
{
if ($this->_item !== null) {
foreach ($items as $name) {
$child = $this->manager->getPermission($name);
if (empty($child) && $this->type == Item::TYPE_ROLE) {
$child = $this->manager->getRole($name);
}
$this->manager->removeChild($this->_item, $child);
}
}
return true;
}
public function testAssignmentsToIntegerId()
{
$this->prepareData();
$reader = $this->auth->getRole('reader');
$author = $this->auth->getRole('author');
$this->auth->assign($reader, 42);
$this->auth->assign($author, 1337);
$this->auth->assign($reader, 1337);
$this->auth = $this->createManager();
$this->assertEquals(0, count($this->auth->getAssignments(0)));
$this->assertEquals(1, count($this->auth->getAssignments(42)));
$this->assertEquals(2, count($this->auth->getAssignments(1337)));
}
/**
* @param string $name
* @param array $permissions
* @param array $roles
* @return bool
*/
public function updateRole($name, array $permissions, array $roles)
{
if ($this->validate()) {
$object = $this->authManager->getRole($name);
$object->description = $this->description;
if ($this->authManager->update($name, $object)) {
$this->authManager->removeChildren($object);
foreach ($permissions as $permission) {
$this->authManager->addChild($object, $this->authManager->getPermission($permission));
}
foreach ($roles as $role) {
$this->authManager->addChild($object, $this->authManager->getRole($role));
}
return true;
}
}
return false;
}
/**
* Remove roles.
*/
protected function removeRoles()
{
if (!($roles = ArrayHelper::getValue($this->rbac, 'roles'))) {
return;
}
foreach ($roles as $name => $children) {
if (!($role = $this->_auth->getRole($name))) {
continue;
}
foreach ($children as $childName) {
if ($permission = ArrayHelper::getValue($this->_permissions, $childName)) {
$this->_auth->removeChild($role, $permission);
} elseif ($childRole = $this->_auth->getRole($childName)) {
$this->_auth->removeChild($role, $childRole);
}
}
$this->_auth->remove($role);
$userIds = $this->_auth->getUserIdsByRole($name);
foreach ($userIds as $userId) {
$this->_auth->revoke($role, $userId);
}
}
}
