|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace yii2mod\rbac\migrations; |
|
4
|
|
|
|
|
5
|
|
|
use yii\base\Component; |
|
6
|
|
|
use yii\base\InvalidParamException; |
|
7
|
|
|
use yii\db\MigrationInterface; |
|
8
|
|
|
use yii\di\Instance; |
|
9
|
|
|
use yii\rbac\DbManager; |
|
10
|
|
|
use yii\rbac\Item; |
|
11
|
|
|
use yii\rbac\Permission; |
|
12
|
|
|
use yii\rbac\Role; |
|
13
|
|
|
use yii\rbac\Rule; |
|
14
|
|
|
|
|
15
|
|
|
/** |
|
16
|
|
|
* Class Migration |
|
17
|
|
|
* |
|
18
|
|
|
* @package yii2mod\rbac\migrations |
|
19
|
|
|
*/ |
|
20
|
|
|
class Migration extends Component implements MigrationInterface |
|
21
|
|
|
{ |
|
22
|
|
|
/** |
|
23
|
|
|
* @var string|DbManager The auth manager component ID that this migration should work with |
|
24
|
|
|
*/ |
|
25
|
|
|
public $authManager = 'authManager'; |
|
26
|
|
|
|
|
27
|
|
|
/** |
|
28
|
|
|
* Initializes the migration. |
|
29
|
|
|
* This method will set [[authManager]] to be the 'authManager' application component, if it is `null`. |
|
30
|
|
|
*/ |
|
31
|
|
|
public function init() |
|
32
|
|
|
{ |
|
33
|
|
|
$this->authManager = Instance::ensure($this->authManager, DbManager::class); |
|
34
|
|
|
|
|
35
|
|
|
parent::init(); |
|
36
|
|
|
} |
|
37
|
|
|
|
|
38
|
|
|
/** |
|
39
|
|
|
* @inheritdoc |
|
40
|
|
|
*/ |
|
41
|
|
View Code Duplication |
public function up() |
|
|
|
|
|
|
42
|
|
|
{ |
|
43
|
|
|
$transaction = $this->authManager->db->beginTransaction(); |
|
44
|
|
|
try { |
|
45
|
|
|
if ($this->safeUp() === false) { |
|
46
|
|
|
$transaction->rollBack(); |
|
47
|
|
|
|
|
48
|
|
|
return false; |
|
49
|
|
|
} |
|
50
|
|
|
$transaction->commit(); |
|
51
|
|
|
$this->authManager->invalidateCache(); |
|
52
|
|
|
|
|
53
|
|
|
return true; |
|
54
|
|
|
} catch (\Exception $e) { |
|
55
|
|
|
echo "Rolling transaction back\n"; |
|
56
|
|
|
echo 'Exception: ' . $e->getMessage() . ' (' . $e->getFile() . ':' . $e->getLine() . ")\n"; |
|
57
|
|
|
echo $e->getTraceAsString() . "\n"; |
|
58
|
|
|
$transaction->rollBack(); |
|
59
|
|
|
|
|
60
|
|
|
return false; |
|
61
|
|
|
} |
|
62
|
|
|
} |
|
63
|
|
|
|
|
64
|
|
|
/** |
|
65
|
|
|
* @inheritdoc |
|
66
|
|
|
*/ |
|
67
|
|
View Code Duplication |
public function down() |
|
|
|
|
|
|
68
|
|
|
{ |
|
69
|
|
|
$transaction = $this->authManager->db->beginTransaction(); |
|
70
|
|
|
try { |
|
71
|
|
|
if ($this->safeDown() === false) { |
|
72
|
|
|
$transaction->rollBack(); |
|
73
|
|
|
|
|
74
|
|
|
return false; |
|
75
|
|
|
} |
|
76
|
|
|
$transaction->commit(); |
|
77
|
|
|
$this->authManager->invalidateCache(); |
|
78
|
|
|
|
|
79
|
|
|
return true; |
|
80
|
|
|
} catch (\Exception $e) { |
|
81
|
|
|
echo "Rolling transaction back\n"; |
|
82
|
|
|
echo 'Exception: ' . $e->getMessage() . ' (' . $e->getFile() . ':' . $e->getLine() . ")\n"; |
|
83
|
|
|
echo $e->getTraceAsString() . "\n"; |
|
84
|
|
|
$transaction->rollBack(); |
|
85
|
|
|
|
|
86
|
|
|
return false; |
|
87
|
|
|
} |
|
88
|
|
|
} |
|
89
|
|
|
|
|
90
|
|
|
/** |
|
91
|
|
|
* This method contains the logic to be executed when applying this migration. |
|
92
|
|
|
* |
|
93
|
|
|
* @return bool return a false value to indicate the migration fails |
|
94
|
|
|
* and should not proceed further. All other return values mean the migration succeeds |
|
95
|
|
|
*/ |
|
96
|
|
|
public function safeUp() |
|
97
|
|
|
{ |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
|
|
/** |
|
101
|
|
|
* This method contains the logic to be executed when removing this migration. |
|
102
|
|
|
* |
|
103
|
|
|
* @return bool return a false value to indicate the migration fails |
|
104
|
|
|
* and should not proceed further. All other return values mean the migration succeeds |
|
105
|
|
|
*/ |
|
106
|
|
|
public function safeDown() |
|
107
|
|
|
{ |
|
108
|
|
|
} |
|
109
|
|
|
|
|
110
|
|
|
/** |
|
111
|
|
|
* Creates new permission. |
|
112
|
|
|
* |
|
113
|
|
|
* @param string $name The name of the permission |
|
114
|
|
|
* @param string $description The description of the permission |
|
115
|
|
|
* @param string|null $ruleName The rule associated with the permission |
|
116
|
|
|
* @param mixed|null $data The additional data associated with the permission |
|
117
|
|
|
* |
|
118
|
|
|
* @return Permission |
|
119
|
|
|
*/ |
|
120
|
|
View Code Duplication |
protected function createPermission($name, $description = '', $ruleName = null, $data = null) |
|
|
|
|
|
|
121
|
|
|
{ |
|
122
|
|
|
echo " > create permission $name ..."; |
|
123
|
|
|
$time = microtime(true); |
|
124
|
|
|
$permission = $this->authManager->createPermission($name); |
|
125
|
|
|
$permission->description = $description; |
|
126
|
|
|
$permission->ruleName = $ruleName; |
|
127
|
|
|
$permission->data = $data; |
|
128
|
|
|
$this->authManager->add($permission); |
|
129
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
130
|
|
|
|
|
131
|
|
|
return $permission; |
|
132
|
|
|
} |
|
133
|
|
|
|
|
134
|
|
|
/** |
|
135
|
|
|
* Creates new role. |
|
136
|
|
|
* |
|
137
|
|
|
* @param string $name The name of the role |
|
138
|
|
|
* @param string $description The description of the role |
|
139
|
|
|
* @param string|null $ruleName The rule associated with the role |
|
140
|
|
|
* @param mixed|null $data The additional data associated with the role |
|
141
|
|
|
* |
|
142
|
|
|
* @return Role |
|
143
|
|
|
*/ |
|
144
|
|
View Code Duplication |
protected function createRole($name, $description = '', $ruleName = null, $data = null) |
|
|
|
|
|
|
145
|
|
|
{ |
|
146
|
|
|
echo " > create role $name ..."; |
|
147
|
|
|
$time = microtime(true); |
|
148
|
|
|
$role = $this->authManager->createRole($name); |
|
149
|
|
|
$role->description = $description; |
|
150
|
|
|
$role->ruleName = $ruleName; |
|
151
|
|
|
$role->data = $data; |
|
152
|
|
|
$this->authManager->add($role); |
|
153
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
154
|
|
|
|
|
155
|
|
|
return $role; |
|
156
|
|
|
} |
|
157
|
|
|
|
|
158
|
|
|
/** |
|
159
|
|
|
* Creates new rule. |
|
160
|
|
|
* |
|
161
|
|
|
* @param string $ruleName The name of the rule |
|
162
|
|
|
* @param string|array $definition The class of the rule |
|
163
|
|
|
* |
|
164
|
|
|
* @return Rule |
|
165
|
|
|
*/ |
|
166
|
|
|
protected function createRule($ruleName, $definition) |
|
167
|
|
|
{ |
|
168
|
|
|
echo " > create rule $ruleName ..."; |
|
169
|
|
|
$time = microtime(true); |
|
170
|
|
|
if (is_array($definition)) { |
|
171
|
|
|
$definition['name'] = $ruleName; |
|
172
|
|
|
} else { |
|
173
|
|
|
$definition = [ |
|
174
|
|
|
'class' => $definition, |
|
175
|
|
|
'name' => $ruleName, |
|
176
|
|
|
]; |
|
177
|
|
|
} |
|
178
|
|
|
/** @var Rule $rule */ |
|
179
|
|
|
$rule = \Yii::createObject($definition); |
|
180
|
|
|
$this->authManager->add($rule); |
|
181
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
182
|
|
|
|
|
183
|
|
|
return $rule; |
|
184
|
|
|
} |
|
185
|
|
|
|
|
186
|
|
|
/** |
|
187
|
|
|
* Finds either role or permission or throws an exception if it is not found. |
|
188
|
|
|
* |
|
189
|
|
|
* @param string $name |
|
190
|
|
|
* |
|
191
|
|
|
* @return Permission|Role|null |
|
192
|
|
|
*/ |
|
193
|
|
|
protected function findItem($name) |
|
194
|
|
|
{ |
|
195
|
|
|
$item = $this->authManager->getRole($name); |
|
196
|
|
|
if ($item instanceof Role) { |
|
197
|
|
|
return $item; |
|
198
|
|
|
} |
|
199
|
|
|
$item = $this->authManager->getPermission($name); |
|
200
|
|
|
if ($item instanceof Permission) { |
|
201
|
|
|
return $item; |
|
202
|
|
|
} |
|
203
|
|
|
|
|
204
|
|
|
return null; |
|
205
|
|
|
} |
|
206
|
|
|
|
|
207
|
|
|
/** |
|
208
|
|
|
* Finds the role or throws an exception if it is not found. |
|
209
|
|
|
* |
|
210
|
|
|
* @param string $name |
|
211
|
|
|
* |
|
212
|
|
|
* @return Role|null |
|
213
|
|
|
*/ |
|
214
|
|
|
protected function findRole($name) |
|
215
|
|
|
{ |
|
216
|
|
|
$role = $this->authManager->getRole($name); |
|
217
|
|
|
if ($role instanceof Role) { |
|
218
|
|
|
return $role; |
|
219
|
|
|
} |
|
220
|
|
|
|
|
221
|
|
|
return null; |
|
222
|
|
|
} |
|
223
|
|
|
|
|
224
|
|
|
/** |
|
225
|
|
|
* Finds the permission or throws an exception if it is not found. |
|
226
|
|
|
* |
|
227
|
|
|
* @param string $name |
|
228
|
|
|
* |
|
229
|
|
|
* @return Permission|null |
|
230
|
|
|
*/ |
|
231
|
|
|
protected function findPermission($name) |
|
232
|
|
|
{ |
|
233
|
|
|
$permission = $this->authManager->getPermission($name); |
|
234
|
|
|
if ($permission instanceof Permission) { |
|
235
|
|
|
return $permission; |
|
236
|
|
|
} |
|
237
|
|
|
|
|
238
|
|
|
return null; |
|
239
|
|
|
} |
|
240
|
|
|
|
|
241
|
|
|
/** |
|
242
|
|
|
* Adds child. |
|
243
|
|
|
* |
|
244
|
|
|
* @param Item|string $parent Either name or Item instance which is parent |
|
245
|
|
|
* @param Item|string $child Either name or Item instance which is child |
|
246
|
|
|
*/ |
|
247
|
|
View Code Duplication |
protected function addChild($parent, $child) |
|
|
|
|
|
|
248
|
|
|
{ |
|
249
|
|
|
if (is_string($parent)) { |
|
250
|
|
|
$parent = $this->findItem($parent); |
|
251
|
|
|
} |
|
252
|
|
|
if (is_string($child)) { |
|
253
|
|
|
$child = $this->findItem($child); |
|
254
|
|
|
} |
|
255
|
|
|
echo " > adding $child->name as child to $parent->name ..."; |
|
256
|
|
|
$time = microtime(true); |
|
257
|
|
|
$this->authManager->addChild($parent, $child); |
|
258
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
259
|
|
|
} |
|
260
|
|
|
|
|
261
|
|
|
/** |
|
262
|
|
|
* Removes child. |
|
263
|
|
|
* |
|
264
|
|
|
* @param Item|string $parent Either name or Item instance which is parent |
|
265
|
|
|
* @param Item|string $child Either name or Item instance which is child |
|
266
|
|
|
*/ |
|
267
|
|
View Code Duplication |
protected function removeChild($parent, $child) |
|
|
|
|
|
|
268
|
|
|
{ |
|
269
|
|
|
if (is_string($parent)) { |
|
270
|
|
|
$parent = $this->findItem($parent); |
|
271
|
|
|
} |
|
272
|
|
|
if (is_string($child)) { |
|
273
|
|
|
$child = $this->findItem($child); |
|
274
|
|
|
} |
|
275
|
|
|
echo " > removing $child->name from $parent->name ..."; |
|
276
|
|
|
$time = microtime(true); |
|
277
|
|
|
$this->authManager->removeChild($parent, $child); |
|
278
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
279
|
|
|
} |
|
280
|
|
|
|
|
281
|
|
|
/** |
|
282
|
|
|
* Assigns a role to a user. |
|
283
|
|
|
* |
|
284
|
|
|
* @param string|Role $role |
|
285
|
|
|
* @param string|int $userId |
|
286
|
|
|
*/ |
|
287
|
|
View Code Duplication |
protected function assign($role, $userId) |
|
|
|
|
|
|
288
|
|
|
{ |
|
289
|
|
|
if (is_string($role)) { |
|
290
|
|
|
$role = $this->findRole($role); |
|
291
|
|
|
} |
|
292
|
|
|
echo " > assigning $role->name to user $userId ..."; |
|
293
|
|
|
$time = microtime(true); |
|
294
|
|
|
$this->authManager->assign($role, $userId); |
|
295
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
296
|
|
|
} |
|
297
|
|
|
|
|
298
|
|
|
/** |
|
299
|
|
|
* Updates role. |
|
300
|
|
|
* |
|
301
|
|
|
* @param string|Role $role |
|
302
|
|
|
* @param string $description |
|
303
|
|
|
* @param string $ruleName |
|
304
|
|
|
* @param mixed $data |
|
305
|
|
|
* |
|
306
|
|
|
* @return Role |
|
307
|
|
|
*/ |
|
308
|
|
View Code Duplication |
protected function updateRole($role, $description = '', $ruleName = null, $data = null) |
|
|
|
|
|
|
309
|
|
|
{ |
|
310
|
|
|
if (is_string($role)) { |
|
311
|
|
|
$role = $this->findRole($role); |
|
312
|
|
|
} |
|
313
|
|
|
echo " > update role $role->name ..."; |
|
314
|
|
|
$time = microtime(true); |
|
315
|
|
|
$role->description = $description; |
|
316
|
|
|
$role->ruleName = $ruleName; |
|
317
|
|
|
$role->data = $data; |
|
318
|
|
|
$this->authManager->update($role->name, $role); |
|
319
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
320
|
|
|
|
|
321
|
|
|
return $role; |
|
322
|
|
|
} |
|
323
|
|
|
|
|
324
|
|
|
/** |
|
325
|
|
|
* Remove role. |
|
326
|
|
|
* |
|
327
|
|
|
* @param string $name |
|
328
|
|
|
*/ |
|
329
|
|
View Code Duplication |
protected function removeRole($name) |
|
|
|
|
|
|
330
|
|
|
{ |
|
331
|
|
|
$role = $this->authManager->getRole($name); |
|
332
|
|
|
if (empty($role)) { |
|
333
|
|
|
throw new InvalidParamException("Role '{$role}' does not exists"); |
|
|
|
|
|
|
334
|
|
|
} |
|
335
|
|
|
echo " > removing role $role->name ..."; |
|
336
|
|
|
$time = microtime(true); |
|
337
|
|
|
$this->authManager->remove($role); |
|
338
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
339
|
|
|
} |
|
340
|
|
|
|
|
341
|
|
|
/** |
|
342
|
|
|
* Updates permission. |
|
343
|
|
|
* |
|
344
|
|
|
* @param string|Permission $permission |
|
345
|
|
|
* @param string $description |
|
346
|
|
|
* @param string $ruleName |
|
347
|
|
|
* @param mixed $data |
|
348
|
|
|
* |
|
349
|
|
|
* @return Permission |
|
350
|
|
|
*/ |
|
351
|
|
View Code Duplication |
protected function updatePermission($permission, $description = '', $ruleName = null, $data = null) |
|
|
|
|
|
|
352
|
|
|
{ |
|
353
|
|
|
if (is_string($permission)) { |
|
354
|
|
|
$permission = $this->findPermission($permission); |
|
355
|
|
|
} |
|
356
|
|
|
echo " > update permission $permission->name ..."; |
|
357
|
|
|
$time = microtime(true); |
|
358
|
|
|
$permission->description = $description; |
|
359
|
|
|
$permission->ruleName = $ruleName; |
|
360
|
|
|
$permission->data = $data; |
|
361
|
|
|
$this->authManager->update($permission->name, $permission); |
|
362
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
363
|
|
|
|
|
364
|
|
|
return $permission; |
|
365
|
|
|
} |
|
366
|
|
|
|
|
367
|
|
|
/** |
|
368
|
|
|
* Remove permission. |
|
369
|
|
|
* |
|
370
|
|
|
* @param string $name |
|
371
|
|
|
*/ |
|
372
|
|
View Code Duplication |
protected function removePermission($name) |
|
|
|
|
|
|
373
|
|
|
{ |
|
374
|
|
|
$permission = $this->authManager->getPermission($name); |
|
375
|
|
|
if (empty($permission)) { |
|
376
|
|
|
throw new InvalidParamException("Permission '{$permission}' does not exists"); |
|
|
|
|
|
|
377
|
|
|
} |
|
378
|
|
|
echo " > removing permission $permission->name ..."; |
|
379
|
|
|
$time = microtime(true); |
|
380
|
|
|
$this->authManager->remove($permission); |
|
381
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
382
|
|
|
} |
|
383
|
|
|
|
|
384
|
|
|
/** |
|
385
|
|
|
* Updates rule. |
|
386
|
|
|
* |
|
387
|
|
|
* @param string $ruleName |
|
388
|
|
|
* @param string $className |
|
389
|
|
|
* |
|
390
|
|
|
* @return Rule |
|
391
|
|
|
*/ |
|
392
|
|
|
protected function updateRule($ruleName, $className) |
|
393
|
|
|
{ |
|
394
|
|
|
echo " > update rule $ruleName ..."; |
|
395
|
|
|
$time = microtime(true); |
|
396
|
|
|
/** @var Rule $rule */ |
|
397
|
|
|
$rule = \Yii::createObject([ |
|
398
|
|
|
'class' => $className, |
|
399
|
|
|
'name' => $ruleName, |
|
400
|
|
|
]); |
|
401
|
|
|
$this->authManager->update($ruleName, $rule); |
|
402
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
403
|
|
|
|
|
404
|
|
|
return $rule; |
|
405
|
|
|
} |
|
406
|
|
|
|
|
407
|
|
|
/** |
|
408
|
|
|
* Remove rule. |
|
409
|
|
|
* |
|
410
|
|
|
* @param string $ruleName |
|
411
|
|
|
*/ |
|
412
|
|
View Code Duplication |
protected function removeRule($ruleName) |
|
|
|
|
|
|
413
|
|
|
{ |
|
414
|
|
|
$rule = $this->authManager->getRule($ruleName); |
|
415
|
|
|
if (empty($rule)) { |
|
416
|
|
|
throw new InvalidParamException("Rule '{$ruleName}' does not exists"); |
|
|
|
|
|
|
417
|
|
|
} |
|
418
|
|
|
echo " > removing rule $rule->name ..."; |
|
419
|
|
|
$time = microtime(true); |
|
420
|
|
|
$this->authManager->remove($rule); |
|
421
|
|
|
echo ' done (time: ' . sprintf('%.3f', microtime(true) - $time) . "s)\n"; |
|
422
|
|
|
} |
|
423
|
|
|
} |
|
424
|
|
|
|
yii2mod /
yii2-rbac
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.