|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace modules\rbac\controllers; |
|
4
|
|
|
|
|
5
|
|
|
use Yii; |
|
6
|
|
|
use yii\data\ArrayDataProvider; |
|
7
|
|
|
use yii\web\Controller; |
|
8
|
|
|
use yii\filters\AccessControl; |
|
9
|
|
|
use yii\filters\VerbFilter; |
|
10
|
|
|
use yii\web\BadRequestHttpException; |
|
11
|
|
|
use yii\widgets\ActiveForm; |
|
12
|
|
|
use yii\web\Response; |
|
13
|
|
|
use modules\rbac\models\Role; |
|
14
|
|
|
use modules\rbac\Module; |
|
15
|
|
|
|
|
16
|
|
|
/** |
|
17
|
|
|
* Class RolesController |
|
18
|
|
|
* @package modules\rbac\controllers |
|
19
|
|
|
*/ |
|
20
|
|
|
class RolesController extends Controller |
|
21
|
|
|
{ |
|
22
|
|
|
/** |
|
23
|
|
|
* @inheritdoc |
|
24
|
|
|
* @return array |
|
25
|
|
|
*/ |
|
26
|
|
|
public function behaviors() |
|
27
|
|
|
{ |
|
28
|
|
|
return [ |
|
29
|
|
|
'access' => [ |
|
30
|
|
|
'class' => AccessControl::className(), |
|
|
|
|
|
|
31
|
|
|
'rules' => [ |
|
32
|
|
|
[ |
|
33
|
|
|
'allow' => true, |
|
34
|
|
|
'roles' => ['managerRbac'], |
|
35
|
|
|
], |
|
36
|
|
|
], |
|
37
|
|
|
], |
|
38
|
|
|
'verbs' => [ |
|
39
|
|
|
'class' => VerbFilter::className(), |
|
|
|
|
|
|
40
|
|
|
'actions' => [ |
|
41
|
|
|
'delete' => ['POST'] |
|
42
|
|
|
], |
|
43
|
|
|
], |
|
44
|
|
|
]; |
|
45
|
|
|
} |
|
46
|
|
|
|
|
47
|
|
|
/** |
|
48
|
|
|
* Lists all Role models. |
|
49
|
|
|
* @return mixed |
|
50
|
|
|
*/ |
|
51
|
|
|
public function actionIndex() |
|
52
|
|
|
{ |
|
53
|
|
|
$auth = Yii::$app->authManager; |
|
54
|
|
|
$dataProvider = new ArrayDataProvider([ |
|
55
|
|
|
'allModels' => $auth->getRoles(), |
|
56
|
|
|
'sort' => [ |
|
57
|
|
|
'attributes' => ['name', 'description', 'ruleName'], |
|
58
|
|
|
], |
|
59
|
|
|
'pagination' => [ |
|
60
|
|
|
'pageSize' => 15, |
|
61
|
|
|
], |
|
62
|
|
|
]); |
|
63
|
|
|
return $this->render('index', [ |
|
64
|
|
|
'dataProvider' => $dataProvider, |
|
65
|
|
|
]); |
|
66
|
|
|
} |
|
67
|
|
|
|
|
68
|
|
|
/** |
|
69
|
|
|
* Displays a single Role model. |
|
70
|
|
|
* @param string|int $id |
|
71
|
|
|
* @return mixed |
|
72
|
|
|
*/ |
|
73
|
|
|
public function actionView($id) |
|
74
|
|
|
{ |
|
75
|
|
|
$auth = Yii::$app->authManager; |
|
76
|
|
|
$role = $auth->getRole($id); |
|
77
|
|
|
|
|
78
|
|
|
$model = new Role(['name' => $role->name]); |
|
79
|
|
|
return $this->render('view', [ |
|
80
|
|
|
'role' => $role, |
|
81
|
|
|
'model' => $model |
|
82
|
|
|
]); |
|
83
|
|
|
} |
|
84
|
|
|
|
|
85
|
|
|
/** |
|
86
|
|
|
* Creates Role a new Role model. |
|
87
|
|
|
* If creation is successful, the browser will be redirected to the 'view' page. |
|
88
|
|
|
* @return array|string|\yii\web\Response |
|
89
|
|
|
* @throws \Exception |
|
90
|
|
|
*/ |
|
91
|
|
|
public function actionCreate() |
|
92
|
|
|
{ |
|
93
|
|
|
$model = new Role(['scenario' => Role::SCENARIO_CREATE]); |
|
94
|
|
|
$model->isNewRecord = true; |
|
95
|
|
|
|
|
96
|
|
|
if ($model->load(Yii::$app->request->post())) { |
|
97
|
|
|
if ($model->validate()) { |
|
98
|
|
|
$auth = Yii::$app->authManager; |
|
99
|
|
|
$role = $auth->createRole($model->name); |
|
100
|
|
|
$role->description = $model->description; |
|
101
|
|
|
if ($auth->add($role)) { |
|
102
|
|
|
return $this->redirect(['view', 'id' => $model->name]); |
|
103
|
|
|
} |
|
104
|
|
|
} |
|
105
|
|
|
} |
|
106
|
|
|
return $this->render('create', [ |
|
107
|
|
|
'model' => $model, |
|
108
|
|
|
]); |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
/** |
|
112
|
|
|
* @return array|bool |
|
113
|
|
|
*/ |
|
114
|
|
|
public function actionAjaxValidateForm() |
|
115
|
|
|
{ |
|
116
|
|
|
$model = new Role(['scenario' => Role::SCENARIO_CREATE]); |
|
117
|
|
|
if (Yii::$app->request->isAjax && $model->load(Yii::$app->request->post())) { |
|
118
|
|
|
Yii::$app->response->format = Response::FORMAT_JSON; |
|
119
|
|
|
return ActiveForm::validate($model); |
|
120
|
|
|
} |
|
121
|
|
|
return false; |
|
122
|
|
|
} |
|
123
|
|
|
|
|
124
|
|
|
/** |
|
125
|
|
|
* Updates an existing Role model. |
|
126
|
|
|
* If update is successful, the browser will be redirected to the 'view' page. |
|
127
|
|
|
* @param string|int $id |
|
128
|
|
|
* @return string|\yii\web\Response |
|
129
|
|
|
* @throws \Exception |
|
130
|
|
|
*/ |
|
131
|
|
|
public function actionUpdate($id) |
|
132
|
|
|
{ |
|
133
|
|
|
$auth = Yii::$app->authManager; |
|
134
|
|
|
$role = $auth->getRole($id); |
|
135
|
|
|
|
|
136
|
|
|
$model = new Role([ |
|
137
|
|
|
'scenario' => Role::SCENARIO_UPDATE, |
|
138
|
|
|
'name' => $role->name, |
|
139
|
|
|
'description' => $role->description, |
|
140
|
|
|
]); |
|
141
|
|
|
if ($model->load(Yii::$app->request->post())) { |
|
142
|
|
|
$role->description = $model->description; |
|
143
|
|
|
if ($auth->update($id, $role)) { |
|
144
|
|
|
return $this->redirect(['view', 'id' => $id]); |
|
145
|
|
|
} |
|
146
|
|
|
} |
|
147
|
|
|
return $this->render('update', [ |
|
148
|
|
|
'model' => $model, |
|
149
|
|
|
]); |
|
150
|
|
|
} |
|
151
|
|
|
|
|
152
|
|
|
/** |
|
153
|
|
|
* Привязываем роль |
|
154
|
|
|
* @return \yii\web\Response |
|
155
|
|
|
* @throws BadRequestHttpException |
|
156
|
|
|
* @throws \Exception |
|
157
|
|
|
*/ |
|
158
|
|
|
public function actionAddRoles() |
|
159
|
|
|
{ |
|
160
|
|
|
$model = new Role([ |
|
161
|
|
|
'scenario' => Role::SCENARIO_UPDATE, |
|
162
|
|
|
]); |
|
163
|
|
|
if ($model->load(Yii::$app->request->post())) { |
|
164
|
|
|
$auth = Yii::$app->authManager; |
|
165
|
|
|
$role = $auth->getRole($model->name); |
|
166
|
|
|
foreach ($model->itemsRoles as $value) { |
|
167
|
|
|
$add = $auth->getRole($value); |
|
168
|
|
|
// Проверяем, не является добовляемая роль родителем? |
|
169
|
|
|
$result = $this->detectLoop($role, $add); |
|
170
|
|
|
if (!$result) { |
|
171
|
|
|
$auth->addChild($role, $add); |
|
172
|
|
|
} else { |
|
173
|
|
|
Yii::$app->session->setFlash('error', Module::t('module', 'The role of the "{:parent}" is the parent of the "{:role}"!', [':parent' => $add->name, ':role' => $role->name])); |
|
174
|
|
|
} |
|
175
|
|
|
} |
|
176
|
|
|
return $this->redirect(['update', 'id' => $model->name, '#' => 'assign-container-roles']); |
|
177
|
|
|
} |
|
178
|
|
|
throw new BadRequestHttpException(Module::t('module', 'Not a valid request to the method!')); |
|
179
|
|
|
} |
|
180
|
|
|
|
|
181
|
|
|
/** |
|
182
|
|
|
* Отзываем роль |
|
183
|
|
|
* @return array|\yii\web\Response |
|
184
|
|
|
* @throws BadRequestHttpException |
|
185
|
|
|
*/ |
|
186
|
|
|
public function actionRemoveRoles() |
|
187
|
|
|
{ |
|
188
|
|
|
$model = new Role([ |
|
189
|
|
|
'scenario' => Role::SCENARIO_UPDATE, |
|
190
|
|
|
]); |
|
191
|
|
|
if ($model->load(Yii::$app->request->post())) { |
|
192
|
|
|
$auth = Yii::$app->authManager; |
|
193
|
|
|
$role = $auth->getRole($model->name); |
|
194
|
|
|
foreach ($model->rolesByRole as $value) { |
|
195
|
|
|
$remove = $auth->getRole($value); |
|
196
|
|
|
$auth->removeChild($role, $remove); |
|
197
|
|
|
} |
|
198
|
|
|
return $this->redirect(['update', 'id' => $model->name, '#' => 'assign-container-roles']); |
|
199
|
|
|
} |
|
200
|
|
|
throw new BadRequestHttpException(Module::t('module', 'Not a valid request to the method!')); |
|
201
|
|
|
} |
|
202
|
|
|
|
|
203
|
|
|
/** |
|
204
|
|
|
* Привязываем разрешение |
|
205
|
|
|
* @return array|\yii\web\Response |
|
206
|
|
|
* @throws BadRequestHttpException |
|
207
|
|
|
* @throws \Exception |
|
208
|
|
|
*/ |
|
209
|
|
|
public function actionAddPermissions() |
|
210
|
|
|
{ |
|
211
|
|
|
$model = new Role([ |
|
212
|
|
|
'scenario' => Role::SCENARIO_UPDATE, |
|
213
|
|
|
]); |
|
214
|
|
|
if ($model->load(Yii::$app->request->post())) { |
|
215
|
|
|
$auth = Yii::$app->authManager; |
|
216
|
|
|
$role = $auth->getRole($model->name); |
|
217
|
|
|
foreach ($model->itemsPermissions as $value) { |
|
218
|
|
|
$add = $auth->getPermission($value); |
|
219
|
|
|
// Проверяем, не является добовляемое разрешение родителем? |
|
220
|
|
|
$result = $this->detectLoop($role, $add); |
|
221
|
|
|
if (!$result) { |
|
222
|
|
|
$auth->addChild($role, $add); |
|
223
|
|
|
} else { |
|
224
|
|
|
Yii::$app->session->setFlash('error', Module::t('module', 'The permission of the "{:parent}" is the parent of the "{:permission}"!', [':parent' => $add->name, ':permission' => $role->name])); |
|
225
|
|
|
} |
|
226
|
|
|
} |
|
227
|
|
|
return $this->redirect(['update', 'id' => $model->name, '#' => 'assign-container-permissions']); |
|
228
|
|
|
} |
|
229
|
|
|
throw new BadRequestHttpException(Module::t('module', 'Not a valid request to the method!')); |
|
230
|
|
|
} |
|
231
|
|
|
|
|
232
|
|
|
/** |
|
233
|
|
|
* Отзываем разрешение |
|
234
|
|
|
* @return array|\yii\web\Response |
|
235
|
|
|
* @throws BadRequestHttpException |
|
236
|
|
|
*/ |
|
237
|
|
|
public function actionRemovePermissions() |
|
238
|
|
|
{ |
|
239
|
|
|
$model = new Role([ |
|
240
|
|
|
'scenario' => Role::SCENARIO_UPDATE, |
|
241
|
|
|
]); |
|
242
|
|
|
if ($model->load(Yii::$app->request->post())) { |
|
243
|
|
|
$auth = Yii::$app->authManager; |
|
244
|
|
|
$role = $auth->getRole($model->name); |
|
245
|
|
|
foreach ($model->permissionsByRole as $value) { |
|
246
|
|
|
$remove = $auth->getPermission($value); |
|
247
|
|
|
$auth->removeChild($role, $remove); |
|
248
|
|
|
} |
|
249
|
|
|
return $this->redirect(['update', 'id' => $model->name, '#' => 'assign-container-permissions']); |
|
250
|
|
|
} |
|
251
|
|
|
throw new BadRequestHttpException(Module::t('module', 'Not a valid request to the method!')); |
|
252
|
|
|
} |
|
253
|
|
|
|
|
254
|
|
|
/** |
|
255
|
|
|
* Deletes an existing Role model. |
|
256
|
|
|
* If deletion is successful, the browser will be redirected to the 'index' page. |
|
257
|
|
|
* @param string|int $id |
|
258
|
|
|
* @return \yii\web\Response |
|
259
|
|
|
*/ |
|
260
|
|
|
public function actionDelete($id) |
|
261
|
|
|
{ |
|
262
|
|
|
$auth = Yii::$app->authManager; |
|
263
|
|
|
$role = $auth->getRole($id); |
|
264
|
|
|
if ($auth->remove($role)) { |
|
265
|
|
|
Yii::$app->session->setFlash('success', Module::t('module', 'The role "{:name}" have been successfully deleted.', [':name' => $role->name])); |
|
266
|
|
|
} else { |
|
267
|
|
|
Yii::$app->session->setFlash('error', Module::t('module', 'Error!')); |
|
268
|
|
|
} |
|
269
|
|
|
return $this->redirect(['index']); |
|
270
|
|
|
} |
|
271
|
|
|
|
|
272
|
|
|
/** |
|
273
|
|
|
* @param object $parent |
|
274
|
|
|
* @param object $child |
|
275
|
|
|
* @return bool |
|
276
|
|
|
*/ |
|
277
|
|
|
protected function detectLoop($parent, $child) |
|
278
|
|
|
{ |
|
279
|
|
|
$auth = Yii::$app->authManager; |
|
280
|
|
|
if ($child->name === $parent->name) { |
|
281
|
|
|
return true; |
|
282
|
|
|
} |
|
283
|
|
|
foreach ($auth->getChildren($child->name) as $grandchild) { |
|
284
|
|
|
if ($this->detectLoop($parent, $grandchild)) { |
|
285
|
|
|
return true; |
|
286
|
|
|
} |
|
287
|
|
|
} |
|
288
|
|
|
return false; |
|
289
|
|
|
} |
|
290
|
|
|
} |
|
291
|
|
|
|
Dominus77 /
yii2-advanced-start
Loading history...
This function has been deprecated. The supplier of the function has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.