/** * Fill permissions from config */ protected function fillPermissions() { foreach ($this->getConfig('permissions') as $permissionConfig) { $existingPermission = $this->authManager->getPermission($permissionConfig['name']); if ($existingPermission && $permissionConfig['name'] == $existingPermission->name) { $permission = $existingPermission; $permission->description = $permissionConfig['description']; $this->authManager->update($permissionConfig['name'], $permission); } else { $permission = $this->authManager->createPermission($permissionConfig['name']); $permission->description = $permissionConfig['description']; $this->authManager->add($permission); } if (isset($permissionConfig['rule'])) { /* @var $rule \yii\rbac\Rule */ $rule = new $permissionConfig['rule'](); $existingRule = $this->authManager->getRule($rule->name); if (!$permission->ruleName && !$existingRule) { $this->authManager->add($rule); } $permission->ruleName = $rule->name; $this->authManager->update($permissionConfig['name'], $permission); } } }
/** * Update permissions method */ protected function updatePermission() { foreach ($this->permissions() as $Permission) { $this->authManager->add($Permission); echo sprintf(' > permission `%s` added.', $Permission->name) . PHP_EOL; } }
/** * Adding or deleting items if needed */ protected function manageItems() { foreach ($this->_items as $item) { if ($item instanceof Rule) { $item_exist = $this->_auth->getRule($item->name); } elseif ($item instanceof Role) { $item_exist = $this->_auth->getRole($item->name); } elseif ($item instanceof Permission) { $item_exist = $this->_auth->getPermission($item->name); } else { throw new InvalidParamException('Adding unsupported object type.'); } if ($item_exist) { if ($item_exist instanceof __PHP_Incomplete_Class) { $need_update = true; } else { if ($item_exist instanceof Rule) { $item->updatedAt = $item_exist->updatedAt; $need_update = serialize($item_exist) != serialize($item); } else { $need_update = $item_exist->description != $item->description || $item_exist->ruleName != $item->ruleName || $item_exist->data != $item->data; } } if ($need_update) { Console::stdout("Updating {$item->name} item data.\n"); $this->_auth->update($item->name, $item); } } else { Console::stdout("New item added: {$item->name}\n"); $this->_auth->add($item); } } /** @var Role|Permission|Rule $items */ $items = ArrayHelper::merge($this->_auth->getRules(), $this->_auth->getRules(), $this->_auth->getPermissions()); foreach ($items as $existing_item) { if (!isset($this->_items[$existing_item->name])) { Console::stdout(Console::ansiFormat('Item removed: ' . $existing_item->name . "\n", [Console::FG_RED])); $this->_auth->remove($existing_item); } } }