/**
* Assign items
*
* @param array $routes
*
* @return bool
*/
public function addNew($routes)
{
foreach ($routes as $route) {
$this->manager->add($this->manager->createPermission('/' . trim($route, ' /')));
}
$this->invalidate();
return true;
}
/**
* @return bool
*/
public function createPermission()
{
if ($this->validate()) {
$permission = $this->authManager->createPermission($this->name);
$permission->description = $this->description;
return $this->authManager->add($permission);
}
return false;
}
public function actionCreate()
{
$role = new Role();
if (Yii::$app->request->isPost) {
$role->name = Yii::$app->request->post('name');
$rule = Yii::$app->request->post('rule');
$role->ruleName = $rule ? $rule : null;
$role->description = Yii::$app->request->post('desc');
$role->data = Yii::$app->request->post('data');
$this->auth->add($role);
return $this->redirect(['view', 'name' => $role->name]);
}
return $this->render('create', ['model' => $role]);
}
protected function prepareData()
{
$rule = new AuthorRule();
$this->auth->add($rule);
$createPost = $this->auth->createPermission('createPost');
$createPost->description = 'create a post';
$this->auth->add($createPost);
$readPost = $this->auth->createPermission('readPost');
$readPost->description = 'read a post';
$this->auth->add($readPost);
$updatePost = $this->auth->createPermission('updatePost');
$updatePost->description = 'update a post';
$updatePost->ruleName = $rule->name;
$this->auth->add($updatePost);
$updateAnyPost = $this->auth->createPermission('updateAnyPost');
$updateAnyPost->description = 'update any post';
$this->auth->add($updateAnyPost);
$reader = $this->auth->createRole('reader');
$this->auth->add($reader);
$this->auth->addChild($reader, $readPost);
$author = $this->auth->createRole('author');
$this->auth->add($author);
$this->auth->addChild($author, $createPost);
$this->auth->addChild($author, $updatePost);
$this->auth->addChild($author, $reader);
$admin = $this->auth->createRole('admin');
$this->auth->add($admin);
$this->auth->addChild($admin, $author);
$this->auth->addChild($admin, $updateAnyPost);
$this->auth->assign($reader, 'reader A');
$this->auth->assign($author, 'author B');
$this->auth->assign($admin, 'admin C');
}
/**
* Save role to [[\yii\rbac\authManager]]
*
* @return bool
*/
public function save()
{
if ($this->validate()) {
if ($this->_item === null) {
if ($this->type == Item::TYPE_ROLE) {
$this->_item = $this->manager->createRole($this->name);
} else {
$this->_item = $this->manager->createPermission($this->name);
}
$isNew = true;
$oldName = false;
} else {
$isNew = false;
$oldName = $this->_item->name;
}
$this->_item->name = $this->name;
$this->_item->description = $this->description;
$this->_item->ruleName = $this->ruleName;
$this->_item->data = Json::decode($this->data);
if ($isNew) {
$this->manager->add($this->_item);
} else {
$this->manager->update($oldName, $this->_item);
}
return true;
}
return false;
}
/**
* @param array $permissions
* @param array $roles
* @return bool
*/
public function createRole(array $permissions, array $roles)
{
if ($this->validate()) {
$object = $this->authManager->createRole($this->name);
$object->description = $this->description;
if ($this->authManager->add($object)) {
foreach ($permissions as $permission) {
$this->authManager->addChild($object, $this->authManager->getPermission($permission));
}
foreach ($roles as $role) {
$this->authManager->addChild($object, $this->authManager->getRole($role));
}
return true;
}
}
return false;
}
/**
* @param $data
* @param \yii\rbac\ManagerInterface $authManager
* @param null $parent
*/
function addItem($data, $authManager, $parent = null)
{
foreach ($data as $d) {
$item = $authManager->createPermission($d['action']);
$item->description = $d['name'];
$authManager->add($item);
$authManager->addChild($parent, $item);
if (isset($d['children'])) {
addItem($d['children'], $authManager, $item);
}
}
}
/**
* @param bool $validate
* @return bool
*/
public function save($validate = true)
{
if ($validate && !$this->validate()) {
return false;
}
if ($this->isNewRecord) {
$this->role = $this->auth->createRole($this->name);
$this->role->description = $this->description;
if (!$this->auth->add($this->role)) {
return false;
}
} else {
$this->role->name = $this->name;
$this->role->description = $this->description;
if (!$this->auth->update($this->oldName, $this->role)) {
return false;
}
$this->auth->removeChildren($this->role);
}
foreach ($this->actions as $action) {
$this->auth->addChild($this->role, $this->auth->getPermission($action));
}
return true;
}
protected function prepareData()
{
User::reset();
$rule = new AuthorRule();
$this->auth->add($rule);
$uniqueTrait = $this->auth->createPermission('Fast Metabolism');
$uniqueTrait->description = 'Your metabolic rate is twice normal. This means that you are much less resistant to radiation and poison, but your body heals faster.';
$this->auth->add($uniqueTrait);
$createPost = $this->auth->createPermission('createPost');
$createPost->description = 'create a post';
$this->auth->add($createPost);
$readPost = $this->auth->createPermission('readPost');
$readPost->description = 'read a post';
$this->auth->add($readPost);
$deletePost = $this->auth->createPermission('deletePost');
$deletePost->description = 'delete a post';
$this->auth->add($deletePost);
$updatePost = $this->auth->createPermission('updatePost');
$updatePost->description = 'update a post';
$updatePost->ruleName = $rule->name;
$this->auth->add($updatePost);
$updateAnyPost = $this->auth->createPermission('updateAnyPost');
$updateAnyPost->description = 'update any post';
$this->auth->add($updateAnyPost);
$reader = $this->auth->createRole('reader');
$this->auth->add($reader);
$this->auth->addChild($reader, $readPost);
$author = $this->auth->createRole('author');
$this->auth->add($author);
$this->auth->addChild($author, $createPost);
$this->auth->addChild($author, $updatePost);
$this->auth->addChild($author, $reader);
$admin = $this->auth->createRole('admin');
$this->auth->add($admin);
$this->auth->addChild($admin, $author);
$this->auth->addChild($admin, $updateAnyPost);
$this->auth->assign($uniqueTrait, 'reader A');
$this->auth->assign($reader, 'reader A');
$this->auth->assign($author, 'author B');
$this->auth->assign($deletePost, 'author B');
$this->auth->assign($admin, 'admin C');
}
/**
* @param ManagerInterface $auth
* @param string $name
* @param array $options
* @param Permission $parent
* @return Permission
*/
private function createPermission($auth, $name, $options = array(), $parent = null)
{
$permission = $auth->createPermission($name);
if (isset($option['description'])) {
$permission->description = $option['description'];
}
if (isset($option['rule'])) {
$permission->ruleName = $option['rule'];
}
$auth->add($permission);
if ($parent) {
$auth->addChild($parent, $permission);
}
if (isset($options['children'])) {
foreach ($options['children'] as $childName => $childOptions) {
$this->createPermission($auth, $childName, $childOptions, $permission);
}
}
return $permission;
}
/**
* Create roles.
*/
protected function createRoles()
{
if (!($roles = ArrayHelper::getValue($this->rbac, 'roles'))) {
return;
}
foreach ($roles as $name => $permissions) {
if (!($role = $this->_auth->getRole($name))) {
$role = $this->_auth->createRole($name);
$this->_auth->add($role);
}
foreach ($permissions as $name) {
if (!($child = ArrayHelper::getValue($this->_permissions, $name))) {
$child = $this->_auth->getRole($name);
}
if ($child) {
$this->_auth->addChild($role, $child);
}
}
}
}
/**
* Save rule
*
* @return bool
*/
public function save()
{
if ($this->validate()) {
$class = $this->className;
if ($this->_item === null) {
$this->_item = new $class();
$isNew = true;
$oldName = false;
} else {
$isNew = false;
$oldName = $this->_item->name;
}
$this->_item->name = $this->name;
if ($isNew) {
$this->manager->add($this->_item);
} else {
$this->manager->update($oldName, $this->_item);
}
return true;
}
return false;
}
