/** * Attaches or detaches user role/permission. * @param string $id permission/role name. * @param integer $user_id user id. * @param integer $add 1/0 whether to add or to remove user permission. * @throws \yii\web\HttpException only_root_remove_denied */ public function actionChange($id, $user_id, $add) { $authItem = AuthItem::findOne($id); if ($add) { Yii::$app->authManager->assign($authItem, $user_id); } else { $rootCount = AuthAssignment::find()->where(['item_name' => $id])->count(); if ($id == 'root' && !$rootCount < 2) { throw new HttpException(403, Yii::t('access', 'only_root_remove_denied')); } Yii::$app->authManager->revoke($authItem, $user_id); } }
/** * @param bool $id * @throws NotFoundHttpException * @return AuthItem */ protected function findModel($id = false) { if (!$id) { return new AuthItem(); } if (($model = AuthItem::findOne(['name' => $id])) !== null) { return $model; } else { throw new NotFoundHttpException('Model not found.'); } }
public static function userDefaultRoleAssignment($event) { return ($default = AuthItem::findOne(AuthItem::ROLE_DEFAULT)) ? Yii::$app->authManager->assign($default, $event->sender->primaryKey) : false; }
/** * @param bool $id * @throws NotFoundHttpException * @return AuthItem */ protected function findParentModel($id = false) { if (!$id) { $model = new AuthItem(); } else { if (!($model = AuthItem::findOne($id))) { throw new NotFoundHttpException('Model not found.'); } } $model->type = \yii\rbac\Item::TYPE_ROLE; return $model; }