Note that the newly created permission is not added to the RBAC system yet.
You must fill in the needed data and call ManagerInterface::add to add it to the system.
public createPermission ( string $name ) : |
||
$name | string | the permission name |
Результат | the new Permission object |
/** * Remove items * * @param array $routes * * @return bool */ public function remove($routes) { foreach ($routes as $route) { $item = $this->manager->createPermission('/' . trim($route, '/')); $this->manager->remove($item); } $this->invalidate(); return true; }
/** * @return bool */ public function createPermission() { if ($this->validate()) { $permission = $this->authManager->createPermission($this->name); $permission->description = $this->description; return $this->authManager->add($permission); } return false; }
protected function prepareData() { $rule = new AuthorRule(); $this->auth->add($rule); $createPost = $this->auth->createPermission('createPost'); $createPost->description = 'create a post'; $this->auth->add($createPost); $readPost = $this->auth->createPermission('readPost'); $readPost->description = 'read a post'; $this->auth->add($readPost); $updatePost = $this->auth->createPermission('updatePost'); $updatePost->description = 'update a post'; $updatePost->ruleName = $rule->name; $this->auth->add($updatePost); $updateAnyPost = $this->auth->createPermission('updateAnyPost'); $updateAnyPost->description = 'update any post'; $this->auth->add($updateAnyPost); $reader = $this->auth->createRole('reader'); $this->auth->add($reader); $this->auth->addChild($reader, $readPost); $author = $this->auth->createRole('author'); $this->auth->add($author); $this->auth->addChild($author, $createPost); $this->auth->addChild($author, $updatePost); $this->auth->addChild($author, $reader); $admin = $this->auth->createRole('admin'); $this->auth->add($admin); $this->auth->addChild($admin, $author); $this->auth->addChild($admin, $updateAnyPost); $this->auth->assign($reader, 'reader A'); $this->auth->assign($author, 'author B'); $this->auth->assign($admin, 'admin C'); }
/** * Save role to [[\yii\rbac\authManager]] * * @return bool */ public function save() { if ($this->validate()) { if ($this->_item === null) { if ($this->type == Item::TYPE_ROLE) { $this->_item = $this->manager->createRole($this->name); } else { $this->_item = $this->manager->createPermission($this->name); } $isNew = true; $oldName = false; } else { $isNew = false; $oldName = $this->_item->name; } $this->_item->name = $this->name; $this->_item->description = $this->description; $this->_item->ruleName = $this->ruleName; $this->_item->data = Json::decode($this->data); if ($isNew) { $this->manager->add($this->_item); } else { $this->manager->update($oldName, $this->_item); } return true; } return false; }
/** * Create permissions. */ protected function createPermissions() { $permissions = ArrayHelper::getValue($this->rbac, 'permissions'); if (!$permissions) { return; } $this->_permissions = []; $children = []; foreach ($permissions as $name => $data) { $permission = $this->_auth->createPermission($name); if (is_string($data)) { $permission->description = $data; } else { $permission->description = ArrayHelper::getValue($data, 'description', ''); if ($ruleClass = ArrayHelper::getValue($data, 'rule')) { $rule = Yii::createObject($ruleClass); if (!$this->_auth->getRule($rule->name)) { $this->_auth->add($rule); } $permission->ruleName = $rule->name; } $children[$name] = ArrayHelper::getValue($data, 'child'); } $this->_auth->add($permission); $this->_permissions[$name] = $permission; } foreach ($children as $permName => $childName) { $this->_auth->addChild($this->_permissions[$permName], $this->_permissions[$childName]); } }
/** * @param $data * @param \yii\rbac\ManagerInterface $authManager * @param null $parent */ function addItem($data, $authManager, $parent = null) { foreach ($data as $d) { $item = $authManager->createPermission($d['action']); $item->description = $d['name']; $authManager->add($item); $authManager->addChild($parent, $item); if (isset($d['children'])) { addItem($d['children'], $authManager, $item); } } }
protected function prepareData() { User::reset(); $rule = new AuthorRule(); $this->auth->add($rule); $uniqueTrait = $this->auth->createPermission('Fast Metabolism'); $uniqueTrait->description = 'Your metabolic rate is twice normal. This means that you are much less resistant to radiation and poison, but your body heals faster.'; $this->auth->add($uniqueTrait); $createPost = $this->auth->createPermission('createPost'); $createPost->description = 'create a post'; $this->auth->add($createPost); $readPost = $this->auth->createPermission('readPost'); $readPost->description = 'read a post'; $this->auth->add($readPost); $deletePost = $this->auth->createPermission('deletePost'); $deletePost->description = 'delete a post'; $this->auth->add($deletePost); $updatePost = $this->auth->createPermission('updatePost'); $updatePost->description = 'update a post'; $updatePost->ruleName = $rule->name; $this->auth->add($updatePost); $updateAnyPost = $this->auth->createPermission('updateAnyPost'); $updateAnyPost->description = 'update any post'; $this->auth->add($updateAnyPost); $reader = $this->auth->createRole('reader'); $this->auth->add($reader); $this->auth->addChild($reader, $readPost); $author = $this->auth->createRole('author'); $this->auth->add($author); $this->auth->addChild($author, $createPost); $this->auth->addChild($author, $updatePost); $this->auth->addChild($author, $reader); $admin = $this->auth->createRole('admin'); $this->auth->add($admin); $this->auth->addChild($admin, $author); $this->auth->addChild($admin, $updateAnyPost); $this->auth->assign($uniqueTrait, 'reader A'); $this->auth->assign($reader, 'reader A'); $this->auth->assign($author, 'author B'); $this->auth->assign($deletePost, 'author B'); $this->auth->assign($admin, 'admin C'); }
/** * @param ManagerInterface $auth * @param string $name * @param array $options * @param Permission $parent * @return Permission */ private function createPermission($auth, $name, $options = array(), $parent = null) { $permission = $auth->createPermission($name); if (isset($option['description'])) { $permission->description = $option['description']; } if (isset($option['rule'])) { $permission->ruleName = $option['rule']; } $auth->add($permission); if ($parent) { $auth->addChild($parent, $permission); } if (isset($options['children'])) { foreach ($options['children'] as $childName => $childOptions) { $this->createPermission($auth, $childName, $childOptions, $permission); } } return $permission; }