/** * Checks link access with rbac AuthItem. * @param string $href url. * @return boolean whether link is accessable. */ public static function checkHrefAccess($href) { if (!($rule = UrlHelper::rule($href))) { return true; } return AuthItem::checkAccess($rule); }
public function safeDown() { AuthItemChild::deleteAll(['parent' => $this->getRoles()]); AuthItemChild::deleteAll(['child' => $this->getRoles()]); AuthItem::deleteAll(['name' => $this->getRoles()]); return true; }
public function down() { foreach ($this->getPermissions() as $role => $permissions) { AuthItemChild::deleteAll(['parent' => $role, 'child' => $permissions]); AuthItem::deleteAll(['name' => $permissions]); } return true; }
/** * Callback for $this->menuWidget() method. * @param array $data data to process. * @return array processed data. */ public function menuCallback($data) { $contextMenu = ARTreeMenuWidget::this()->commonOptions()['contextmenu']; $contextMenu['items'] = ['create' => $contextMenu['items']['create'], 'delete' => $contextMenu['items']['delete']]; $data['options'] = ['types' => $this->types, 'contextmenu' => $contextMenu]; $items = AuthItem::find()->where(['type' => \yii\rbac\Item::TYPE_ROLE])->indexBy('name')->all(); $relations = AuthItemChild::find()->all(); $data['items'] = $this->generateTree($items, $relations); return $data; }
/** * Поиск ролей в базе данных. * Поиск идет только для записей с type => 1, что означает "роль", а не "право доступа". * * @param array $params * @return ActiveDataProvider */ public function search($params) { $query = AuthItem::find(); $query->where(['type' => Role::TYPE_ROLE]); $dataProvider = new ActiveDataProvider(['query' => $query]); if (!($this->load($params) && $this->validate())) { return $dataProvider; } $query->andFilterWhere(['type' => $this->type, 'created_at' => $this->created_at, 'updated_at' => $this->updated_at]); $query->andFilterWhere(['like', 'name', $this->name])->andFilterWhere(['like', 'description', $this->description])->andFilterWhere(['like', 'rule_name', $this->rule_name])->andFilterWhere(['like', 'data', $this->data]); return $dataProvider; }
/** * Attaches or detaches user role/permission. * @param string $id permission/role name. * @param integer $user_id user id. * @param integer $add 1/0 whether to add or to remove user permission. * @throws \yii\web\HttpException only_root_remove_denied */ public function actionChange($id, $user_id, $add) { $authItem = AuthItem::findOne($id); if ($add) { Yii::$app->authManager->assign($authItem, $user_id); } else { $rootCount = AuthAssignment::find()->where(['item_name' => $id])->count(); if ($id == 'root' && !$rootCount < 2) { throw new HttpException(403, Yii::t('access', 'only_root_remove_denied')); } Yii::$app->authManager->revoke($authItem, $user_id); } }
/** * @return \yii\db\ActiveQuery */ public function getPermission() { return $this->hasOne(AuthItem::className(), ['name' => 'child']); }
/** * @return \yii\db\ActiveQuery */ public function getAuthItems() { return $this->hasMany(AuthItem::className(), ['rule_name' => 'name']); }
public static function userDefaultRoleAssignment($event) { return ($default = AuthItem::findOne(AuthItem::ROLE_DEFAULT)) ? Yii::$app->authManager->assign($default, $event->sender->primaryKey) : false; }
/** * Attaches child related to this model by AuthItemChild. * @param AuthItem $item child. * @return integer whether child is attached. */ public function addChild(AuthItem $item) { if ($item->isNewRecord && !$item->save()) { return false; } return Yii::$app->authManager->addChild($this, $item); }
/** * @param bool $id * @throws NotFoundHttpException * @return AuthItem */ protected function findModel($id = false) { if (!$id) { return new AuthItem(); } if (($model = AuthItem::findOne(['name' => $id])) !== null) { return $model; } else { throw new NotFoundHttpException('Model not found.'); } }
/** * Searches all user assignments. * @param object $user user instance * @return \yii\web\Query search object */ public static function userAssignments($user) { $names = self::find()->where(['user_id' => $user->id])->select('item_name')->column(); return AuthItem::find()->where(['in', 'name', $names]); }
/** * @param bool $id * @throws NotFoundHttpException * @return AuthItem */ protected function findParentModel($id = false) { if (!$id) { $model = new AuthItem(); } else { if (!($model = AuthItem::findOne($id))) { throw new NotFoundHttpException('Model not found.'); } } $model->type = \yii\rbac\Item::TYPE_ROLE; return $model; }