/**
* Initial RBAC action
* @param integer $id Superadmin ID
*/
public function actionInit($id = null)
{
$auth = new DbManager();
$auth->init();
$auth->removeAll();
//удаляем старые данные
// Rules
$groupRule = new GroupRule();
$auth->add($groupRule);
// Roles
$user = $auth->createRole('user');
$user->description = 'User';
$user->ruleName = $groupRule->name;
$auth->add($user);
$moderator = $auth->createRole(' moderator ');
$moderator->description = 'Moderator ';
$moderator->ruleName = $groupRule->name;
$auth->add($moderator);
$auth->addChild($moderator, $user);
$admin = $auth->createRole('admin');
$admin->description = 'Admin';
$admin->ruleName = $groupRule->name;
$auth->add($admin);
$auth->addChild($admin, $moderator);
$superadmin = $auth->createRole('superadmin');
$superadmin->description = 'Superadmin';
$superadmin->ruleName = $groupRule->name;
$auth->add($superadmin);
$auth->addChild($superadmin, $admin);
// Superadmin assignments
if ($id !== null) {
$auth->assign($superadmin, $id);
}
}
public function actionInit()
{
if (!$this->confirm("Are you sure? It will re-create permissions tree.")) {
return self::EXIT_CODE_NORMAL;
}
//$auth = Yii::$app->authManager;
// Підключення через Базу даних
$auth = new DbManager();
$auth->init();
$auth->removeAll();
// Роль студент
$student = $auth->createRole('student');
$student->description = 'Student';
$auth->add($student);
// Роль працедавець
$employer = $auth->createRole('employer');
$employer->description = 'Employer';
$auth->add($employer);
// Роль модератор
$moderator = $auth->createRole('moderator');
$moderator->description = 'Moderator';
$auth->add($moderator);
$auth->addChild($moderator, $student);
$auth->addChild($moderator, $employer);
// Роль адміністратор
$admin = $auth->createRole('admin');
$admin->description = 'Administrator';
$auth->add($admin);
$auth->addChild($admin, $moderator);
}
/**
* Initializes rbac rules.
* @param boolean $forceYes put 'yes' to confirmation, use this with caution!
*/
public function actionInit($forceYes = false)
{
if (!$forceYes) {
$confirm = $this->confirm("Do you want to initialize RBAC rules ?\nPlease aware, previous rules WILL BE OVERWRITTEN", false);
if (!$confirm) {
return;
}
}
$this->stdout('Auth rules are deleting...' . PHP_EOL, Console::BOLD);
$db = Yii::$app->db;
$db->createCommand()->delete($this->_auth->itemTable)->execute();
$db->createCommand()->delete($this->_auth->itemChildTable)->execute();
$db->createCommand()->delete($this->_auth->assignmentTable)->execute();
$db->createCommand()->delete($this->_auth->ruleTable)->execute();
$this->stdout('Creating permissions...' . PHP_EOL, Console::BOLD);
// Users
$this->addPermission('createUser', 'Create a user');
$this->addPermission('viewAnyUser', 'View an any user');
$this->addPermission('updateAnyUser', 'Update an any user');
$this->addPermission('deleteAnyUser', 'Delete an any user');
//Settings
$this->addPermission('updateSettings', 'Update site settings');
$this->stdout('Attach permissions to roles...' . PHP_EOL, Console::BOLD);
$registered = $this->_auth->createRole('Registered');
$this->_auth->add($registered);
$admin = $this->_auth->createRole('Administrator');
$this->_auth->add($admin);
$this->_auth->addChild($admin, $registered);
$this->_auth->addChild($admin, $this->_perms['createUser']);
$this->_auth->addChild($admin, $this->_perms['viewAnyUser']);
$this->_auth->addChild($admin, $this->_perms['updateAnyUser']);
$this->_auth->addChild($admin, $this->_perms['deleteAnyUser']);
$this->_auth->addChild($admin, $this->_perms['updateSettings']);
}
public function actionInit()
{
// $auth = Yii::$app->authManager;
$auth = new DbManager();
$auth->removeAll();
//удаляем старые данные
//Создадим права для доступа к админке
$dashboard = $auth->createPermission('dashboard');
$dashboard->description = 'Админ панель';
$auth->add($dashboard);
//Включаем наш обработчик
$rule = new UserRoleRule();
$auth->add($rule);
//Добавляем роли
$user = $auth->createRole('user');
$user->description = 'Пользователь';
$user->ruleName = $rule->name;
$auth->add($user);
$moder = $auth->createRole('moder');
$moder->description = 'Модератор';
$moder->ruleName = $rule->name;
$auth->add($moder);
//Добавляем потомков
$auth->addChild($moder, $user);
$auth->addChild($moder, $dashboard);
$admin = $auth->createRole('admin');
$admin->description = 'Администратор';
$admin->ruleName = $rule->name;
$auth->add($admin);
$auth->addChild($admin, $moder);
}
/**
* Initial RBAC action
* @param integer $id Superadmin ID
*/
public function actionInit($id = null)
{
$auth = new DbManager();
$auth->init();
$auth->removeAll();
//удаляем старые данные
// Rules
$groupRule = new GroupRule();
$auth->add($groupRule);
// Roles
$student = $auth->createRole('student');
$student->description = 'Student';
$student->ruleName = $groupRule->name;
$auth->add($student);
$teacher = $auth->createRole('teacher');
$teacher->description = 'Teacher';
$teacher->ruleName = $groupRule->name;
$auth->add($teacher);
$auth->addChild($teacher, $student);
$admin = $auth->createRole('admin');
$admin->description = 'Admin';
$admin->ruleName = $groupRule->name;
$auth->add($admin);
$auth->addChild($admin, $teacher);
$superadmin = $auth->createRole('superadmin');
$superadmin->description = 'Superadmin';
$superadmin->ruleName = $groupRule->name;
$auth->add($superadmin);
$auth->addChild($superadmin, $admin);
// Superadmin assignments
if ($id !== null) {
$auth->assign($superadmin, $id);
}
}
/**
* Create new role
*
* @return mixed
*/
public function actionCreate()
{
$this->layout = '@app/views/layouts/one-column';
$model = new RoleForm();
$model->setScenario('create');
/* @var $systemAlert Alert */
$systemAlert = Yii::$app->systemAlert;
if (Yii::$app->request->isAjax && $model->load($_POST)) {
Yii::$app->response->format = Response::FORMAT_JSON;
return ActiveForm::validate($model);
}
if ($model->load($_POST) && $model->validate()) {
$transaction = Yii::$app->db->beginTransaction();
try {
// create new role
$role = $this->authManager->createRole($model->getName());
$role->description = $model->description;
if (!$this->authManager->add($role)) {
throw new Exception();
}
// add role permissions
foreach ($model->getPermissionModels() as $permission) {
$this->authManager->addChild($role, $permission);
}
$transaction->commit();
$systemAlert->setMessage(Alert::SUCCESS, Yii::t('user', 'Role created successfully'));
return $this->redirect(['index']);
} catch (Exception $ex) {
$transaction->rollback();
$systemAlert->setMessage(Alert::DANGER, Yii::t('app', 'System error: {message}', ['message' => $ex->getMessage()]));
}
}
return $this->render('create', ['model' => $model]);
}
/**
* This is to be called only once at the initialization
* by commenting out the behaviors first.
*/
public function actionAdmin()
{
$r = new DbManager();
$r->init();
$test = $r->createRole('admin');
$r->add($test);
$r->assign($test, Yii::$app->user->id);
}
public function afterDelete()
{
$rbac = new DbManager();
$rbac->init();
$role = $rbac->createRole($this->name);
$role->description = $this->title;
$rbac->remove($role);
$rbac->removeChildren($role);
return parent::afterDelete();
}
public function actionInit()
{
$auth = new DbManager();
$auth->init();
$auth->removeAll();
$groupRule = new GroupRule();
$auth->add($groupRule);
$user = $auth->createRole('user');
$user->description = 'User';
$user->ruleName = $groupRule->name;
$auth->add($user);
$auth->add($auth->createPermission('admin'));
}
/**
* the register customer will be added 'customer' role
*/
public static function frontendRegister()
{
Event::on(User::className(), User::USER_REGISTER_DONE, function ($event) {
/** @var \yii\base\ModelEvent $event */
$user = $event->sender;
$auth = new DbManager();
$auth->init();
$role = $auth->getRole('Customer');
if (!$role) {
$role = $auth->createRole('Customer');
$auth->add($role);
}
$auth->assign($role, $user->id);
});
}
/**
*
* @param string $name
* @return int The exit-code, 0 for success, 601 (DB) or 602 (Exception) for link errors
*/
public function actionCreateRole($name)
{
$role = $this->_authManager->createRole($name);
return $this->link("add", ['role' => $role], ['roleName' => $name]);
}
public function actionCreateRole($name)
{
$role = $this->_authManager->createRole($name);
$this->outputItem("Creating", $name, "Role");
return $this->addItem($role);
}
/**
* Adds RBAC rules.
*/
public function add(DbManager $authManager)
{
$viewThread = $authManager->getPermission(self::PERM_VIEW_THREAD);
if (!$viewThread instanceof Permission) {
$viewThread = $authManager->createPermission(self::PERM_VIEW_THREAD);
$viewThread->description = 'View Podium thread';
$authManager->add($viewThread);
}
$viewForum = $authManager->getPermission(self::PERM_VIEW_FORUM);
if (!$viewForum instanceof Permission) {
$viewForum = $authManager->createPermission(self::PERM_VIEW_FORUM);
$viewForum->description = 'View Podium forum';
$authManager->add($viewForum);
}
$createThread = $authManager->getPermission(self::PERM_CREATE_THREAD);
if (!$createThread instanceof Permission) {
$createThread = $authManager->createPermission(self::PERM_CREATE_THREAD);
$createThread->description = 'Create Podium thread';
$authManager->add($createThread);
}
$createPost = $authManager->getPermission(self::PERM_CREATE_POST);
if (!$createPost instanceof Permission) {
$createPost = $authManager->createPermission(self::PERM_CREATE_POST);
$createPost->description = 'Create Podium post';
$authManager->add($createPost);
}
$moderatorRule = $authManager->getRule('isPodiumModerator');
if (!$moderatorRule instanceof ModeratorRule) {
$moderatorRule = new ModeratorRule();
$authManager->add($moderatorRule);
}
$updatePost = $authManager->getPermission(self::PERM_UPDATE_POST);
if (!$updatePost instanceof Permission) {
$updatePost = $authManager->createPermission(self::PERM_UPDATE_POST);
$updatePost->description = 'Update Podium post';
$updatePost->ruleName = $moderatorRule->name;
$authManager->add($updatePost);
}
$authorRule = $authManager->getRule('isPodiumAuthor');
if (!$authorRule instanceof AuthorRule) {
$authorRule = new AuthorRule();
$authManager->add($authorRule);
}
$updateOwnPost = $authManager->getPermission(self::PERM_UPDATE_OWN_POST);
if (!$updateOwnPost instanceof Permission) {
$updateOwnPost = $authManager->createPermission(self::PERM_UPDATE_OWN_POST);
$updateOwnPost->description = 'Update own Podium post';
$updateOwnPost->ruleName = $authorRule->name;
$authManager->add($updateOwnPost);
$authManager->addChild($updateOwnPost, $updatePost);
}
$deletePost = $authManager->getPermission(self::PERM_DELETE_POST);
if (!$deletePost instanceof Permission) {
$deletePost = $authManager->createPermission(self::PERM_DELETE_POST);
$deletePost->description = 'Delete Podium post';
$deletePost->ruleName = $moderatorRule->name;
$authManager->add($deletePost);
}
$deleteOwnPost = $authManager->getPermission(self::PERM_DELETE_OWN_POST);
if (!$deleteOwnPost instanceof Permission) {
$deleteOwnPost = $authManager->createPermission(self::PERM_DELETE_OWN_POST);
$deleteOwnPost->description = 'Delete own Podium post';
$deleteOwnPost->ruleName = $authorRule->name;
$authManager->add($deleteOwnPost);
$authManager->addChild($deleteOwnPost, $deletePost);
}
$user = $authManager->getRole(self::ROLE_USER);
if (!$user instanceof Role) {
$user = $authManager->createRole(self::ROLE_USER);
$authManager->add($user);
$authManager->addChild($user, $viewThread);
$authManager->addChild($user, $viewForum);
$authManager->addChild($user, $createThread);
$authManager->addChild($user, $createPost);
$authManager->addChild($user, $updateOwnPost);
$authManager->addChild($user, $deleteOwnPost);
}
$updateThread = $authManager->getPermission(self::PERM_UPDATE_THREAD);
if (!$updateThread instanceof Permission) {
$updateThread = $authManager->createPermission(self::PERM_UPDATE_THREAD);
$updateThread->description = 'Update Podium thread';
$updateThread->ruleName = $moderatorRule->name;
$authManager->add($updateThread);
}
$deleteThread = $authManager->getPermission(self::PERM_DELETE_THREAD);
if (!$deleteThread instanceof Permission) {
$deleteThread = $authManager->createPermission(self::PERM_DELETE_THREAD);
$deleteThread->description = 'Delete Podium thread';
$deleteThread->ruleName = $moderatorRule->name;
$authManager->add($deleteThread);
}
$pinThread = $authManager->getPermission(self::PERM_PIN_THREAD);
if (!$pinThread instanceof Permission) {
$pinThread = $authManager->createPermission(self::PERM_PIN_THREAD);
$pinThread->description = 'Pin Podium thread';
$pinThread->ruleName = $moderatorRule->name;
$authManager->add($pinThread);
}
$lockThread = $authManager->getPermission(self::PERM_LOCK_THREAD);
if (!$lockThread instanceof Permission) {
$lockThread = $authManager->createPermission(self::PERM_LOCK_THREAD);
$lockThread->description = 'Lock Podium thread';
$lockThread->ruleName = $moderatorRule->name;
$authManager->add($lockThread);
}
$moveThread = $authManager->getPermission(self::PERM_MOVE_THREAD);
if (!$moveThread instanceof Permission) {
$moveThread = $authManager->createPermission(self::PERM_MOVE_THREAD);
$moveThread->description = 'Move Podium thread';
$moveThread->ruleName = $moderatorRule->name;
$authManager->add($moveThread);
}
$movePost = $authManager->getPermission(self::PERM_MOVE_POST);
if (!$movePost instanceof Permission) {
$movePost = $authManager->createPermission(self::PERM_MOVE_POST);
$movePost->description = 'Move Podium post';
$movePost->ruleName = $moderatorRule->name;
$authManager->add($movePost);
}
$banUser = $authManager->getPermission(self::PERM_BAN_USER);
if (!$banUser instanceof Permission) {
$banUser = $authManager->createPermission(self::PERM_BAN_USER);
$banUser->description = 'Ban Podium user';
$authManager->add($banUser);
}
$moderator = $authManager->getRole(self::ROLE_MODERATOR);
if (!$moderator instanceof Role) {
$moderator = $authManager->createRole(self::ROLE_MODERATOR);
$authManager->add($moderator);
$authManager->addChild($moderator, $updatePost);
$authManager->addChild($moderator, $updateThread);
$authManager->addChild($moderator, $deletePost);
$authManager->addChild($moderator, $deleteThread);
$authManager->addChild($moderator, $pinThread);
$authManager->addChild($moderator, $lockThread);
$authManager->addChild($moderator, $moveThread);
$authManager->addChild($moderator, $movePost);
$authManager->addChild($moderator, $banUser);
$authManager->addChild($moderator, $user);
}
$deleteUser = $authManager->getPermission(self::PERM_DELETE_USER);
if (!$deleteUser instanceof Permission) {
$deleteUser = $authManager->createPermission(self::PERM_DELETE_USER);
$deleteUser->description = 'Delete Podium user';
$authManager->add($deleteUser);
}
$promoteUser = $authManager->getPermission(self::PERM_PROMOTE_USER);
if (!$promoteUser instanceof Permission) {
$promoteUser = $authManager->createPermission(self::PERM_PROMOTE_USER);
$promoteUser->description = 'Promote Podium user';
$authManager->add($promoteUser);
}
$createForum = $authManager->getPermission(self::PERM_CREATE_FORUM);
if (!$createForum instanceof Permission) {
$createForum = $authManager->createPermission(self::PERM_CREATE_FORUM);
$createForum->description = 'Create Podium forum';
$authManager->add($createForum);
}
$updateForum = $authManager->getPermission(self::PERM_UPDATE_FORUM);
if (!$updateForum instanceof Permission) {
$updateForum = $authManager->createPermission(self::PERM_UPDATE_FORUM);
$updateForum->description = 'Update Podium forum';
$authManager->add($updateForum);
}
$deleteForum = $authManager->getPermission(self::PERM_DELETE_FORUM);
if (!$deleteForum instanceof Permission) {
$deleteForum = $authManager->createPermission(self::PERM_DELETE_FORUM);
$deleteForum->description = 'Delete Podium forum';
$authManager->add($deleteForum);
}
$createCategory = $authManager->getPermission(self::PERM_CREATE_CATEGORY);
if (!$createCategory instanceof Permission) {
$createCategory = $authManager->createPermission(self::PERM_CREATE_CATEGORY);
$createCategory->description = 'Create Podium category';
$authManager->add($createCategory);
}
$updateCategory = $authManager->getPermission(self::PERM_UPDATE_CATEGORY);
if (!$updateCategory instanceof Permission) {
$updateCategory = $authManager->createPermission(self::PERM_UPDATE_CATEGORY);
$updateCategory->description = 'Update Podium category';
$authManager->add($updateCategory);
}
$deleteCategory = $authManager->getPermission(self::PERM_DELETE_CATEGORY);
if (!$deleteCategory instanceof Permission) {
$deleteCategory = $authManager->createPermission(self::PERM_DELETE_CATEGORY);
$deleteCategory->description = 'Delete Podium category';
$authManager->add($deleteCategory);
}
$settings = $authManager->getPermission(self::PERM_CHANGE_SETTINGS);
if (!$settings instanceof Permission) {
$settings = $authManager->createPermission(self::PERM_CHANGE_SETTINGS);
$settings->description = 'Change Podium settings';
$authManager->add($settings);
}
$admin = $authManager->getRole(self::ROLE_ADMIN);
if (!$admin instanceof Role) {
$admin = $authManager->createRole(self::ROLE_ADMIN);
$authManager->add($admin);
$authManager->addChild($admin, $deleteUser);
$authManager->addChild($admin, $promoteUser);
$authManager->addChild($admin, $createForum);
$authManager->addChild($admin, $updateForum);
$authManager->addChild($admin, $deleteForum);
$authManager->addChild($admin, $createCategory);
$authManager->addChild($admin, $updateCategory);
$authManager->addChild($admin, $deleteCategory);
$authManager->addChild($admin, $settings);
$authManager->addChild($admin, $moderator);
}
}
