public function safeDown()
 {
     $permission = Permission::findOne(['name' => Yii::$app->getModule('user-management')->commonPermissionName]);
     if ($permission) {
         $permission->delete();
     }
 }
示例#2
0
 /**
  * Assign route to role via permission and create permission or route if it don't exists
  * Helper mainly for migrations
  *
  * @param string      $roleName
  * @param string      $permissionName
  * @param array       $routes
  * @param null|string $permissionDescription
  * @param null|string $groupCode
  *
  * @throws \InvalidArgumentException
  * @return true|static|string
  */
 public static function assignRoutesViaPermission($roleName, $permissionName, $routes, $permissionDescription = null, $groupCode = null)
 {
     $role = static::findOne(['name' => $roleName]);
     if (!$role) {
         throw new \InvalidArgumentException("Role with name = {$roleName} not found");
     }
     $permission = Permission::findOne(['name' => $permissionName]);
     if (!$permission) {
         $permission = Permission::create($permissionName, $permissionDescription, $groupCode);
         if ($permission->hasErrors()) {
             return $permission;
         }
     }
     try {
         Yii::$app->db->createCommand()->insert(Yii::$app->getModule('user-management')->auth_item_child_table, ['parent' => $role->name, 'child' => $permission->name])->execute();
     } catch (Exception $e) {
         // Don't throw Exception because we may have this permission for this role,
         // but need to add new routes to it
     }
     $routes = (array) $routes;
     foreach ($routes as $route) {
         Route::create($route);
         try {
             Yii::$app->db->createCommand()->insert(Yii::$app->getModule('user-management')->auth_item_child_table, ['parent' => $permission->name, 'child' => $route])->execute();
         } catch (Exception $e) {
             // Don't throw Exception because this permission may already have this route,
             // so just go to the next route
         }
     }
     AuthHelper::invalidatePermissions();
     return true;
 }
 public function safeDown()
 {
     Permission::deleteAll(['name' => ['viewUsers', 'createUsers', 'editUsers', 'deleteUsers', 'changeUserPassword', 'assignRolesToUsers', 'viewVisitLog', 'viewUserRoles', 'viewRegistrationIp', 'viewUserEmail', 'editUserEmail', 'bindUserToIp']]);
     Permission::deleteAll(['name' => ['changeOwnPassword']]);
     Role::deleteIfExists(['name' => 'Admin']);
     AuthItemGroup::deleteAll(['code' => ['userManagement', 'userCommonPermissions']]);
 }
 public function safeDown()
 {
     $permission = Permission::findOne(['name' => Yii::$app->getModule(\Yii::$app->user->moduleAliasName)->commonPermissionName]);
     if ($permission) {
         $permission->delete();
     }
 }
示例#5
0
 /**
  * Get all routes available for this user
  *
  * @param int  $userId
  * @param bool $withSubRoutes
  *
  * @return array
  */
 public static function getUserRoutes($userId, $withSubRoutes = true)
 {
     $permissions = array_keys(Permission::getUserPermissions($userId));
     if (!$permissions) {
         return [];
     }
     $auth_item = Yii::$app->getModule('user-management')->auth_item_table;
     $auth_item_child = Yii::$app->getModule('user-management')->auth_item_child_table;
     $routes = (new Query())->select(['name'])->from($auth_item)->innerJoin($auth_item_child, '(' . $auth_item_child . '.child = ' . $auth_item . '.name AND ' . $auth_item . '.type = :type)')->params([':type' => self::TYPE_ROUTE])->where([$auth_item_child . '.parent' => $permissions])->column();
     return $withSubRoutes ? static::withSubRoutes($routes, ArrayHelper::map(Route::find()->asArray()->all(), 'name', 'name')) : $routes;
 }
 public function search($params)
 {
     $query = static::ITEM_TYPE == static::TYPE_ROLE ? Role::find() : Permission::find();
     $query->joinWith(['group']);
     $dataProvider = new ActiveDataProvider(['query' => $query, 'pagination' => ['pageSize' => \Yii::$app->request->cookies->getValue('_grid_page_size', 20)], 'sort' => ['defaultOrder' => ['created_at' => SORT_DESC]]]);
     if (!($this->load($params) && $this->validate())) {
         return $dataProvider;
     }
     $query->andFilterWhere(['like', Yii::$app->getModule(\Yii::$app->user->moduleAliasName)->auth_item_table . '.name', $this->name])->andFilterWhere(['like', Yii::$app->getModule(\Yii::$app->user->moduleAliasName)->auth_item_table . '.description', $this->description])->andFilterWhere([Yii::$app->getModule(\Yii::$app->user->moduleAliasName)->auth_item_table . '.group_code' => $this->group_code]);
     return $dataProvider;
 }
 /**
  * @param int $id User ID
  *
  * @throws \yii\web\NotFoundHttpException
  * @return string
  */
 public function actionSet($id)
 {
     $user = User::findOne($id);
     if (!$user) {
         throw new NotFoundHttpException('User not found');
     }
     $permissionsByGroup = [];
     $permissions = Permission::find()->andWhere([Yii::$app->getModule('user-management')->auth_item_table . '.name' => array_keys(Permission::getUserPermissions($user->id))])->joinWith('group')->all();
     foreach ($permissions as $permission) {
         $permissionsByGroup[@$permission->group->name][] = $permission;
     }
     return $this->renderIsAjax('set', compact('user', 'permissionsByGroup'));
 }
示例#8
0
 /**
  * Gather all user permissions and roles and store them in the session
  *
  * @param UserIdentity $identity
  */
 public static function updatePermissions($identity)
 {
     $session = Yii::$app->session;
     // Clear data first in case we want to refresh permissions
     $session->remove(self::SESSION_PREFIX_ROLES);
     $session->remove(self::SESSION_PREFIX_PERMISSIONS);
     $session->remove(self::SESSION_PREFIX_ROUTES);
     // Set permissions last mod time
     $session->set(self::SESSION_PREFIX_LAST_UPDATE, filemtime(self::getPermissionsLastModFile()));
     // Save roles, permissions and routes in session
     $session->set(self::SESSION_PREFIX_ROLES, array_keys(Role::getUserRoles($identity->id)));
     $session->set(self::SESSION_PREFIX_PERMISSIONS, array_keys(Permission::getUserPermissions($identity->id)));
     $session->set(self::SESSION_PREFIX_ROUTES, Route::getUserRoutes($identity->id));
 }
 /**
  * @param string $id
  *
  * @return string
  */
 public function actionView($id)
 {
     $role = $this->findModel($id);
     $authManager = Yii::$app->authManager instanceof DbManager ? Yii::$app->authManager : new DbManager();
     $allRoles = Role::find()->asArray()->andWhere('name != :current_name', [':current_name' => $id])->all();
     $permissions = Permission::find()->andWhere(Yii::$app->getModule('user-management')->auth_item_table . '.name != :commonPermissionName', [':commonPermissionName' => Yii::$app->getModule('user-management')->commonPermissionName])->joinWith('group')->all();
     $permissionsByGroup = [];
     foreach ($permissions as $permission) {
         $permissionsByGroup[@$permission->group->name][] = $permission;
     }
     $childRoles = $authManager->getChildren($role->name);
     $currentRoutesAndPermissions = AuthHelper::separateRoutesAndPermissions($authManager->getPermissionsByRole($role->name));
     $currentPermissions = $currentRoutesAndPermissions->permissions;
     return $this->renderIsAjax('view', compact('role', 'allRoles', 'childRoles', 'currentPermissions', 'permissionsByGroup'));
 }
 /**
  * Creates a new model.
  * If creation is successful, the browser will be redirected to the 'view' page.
  * @return mixed
  */
 public function actionCreate()
 {
     $model = new Permission();
     $model->scenario = 'webInput';
     if ($model->load(Yii::$app->request->post()) && $model->save()) {
         return $this->redirect(['view', 'id' => $model->name]);
     }
     return $this->renderIsAjax('create', compact('model'));
 }
 public function safeDown()
 {
     AuthItemGroup::deleteAll(['code' => 'settings']);
     Permission::deleteAll(['name' => ['fullAccessToSettings', 'accessToSeoSettings']]);
     AuthHelper::invalidatePermissions();
 }