Laclic
/
Souke
關註 5
收藏 0
複製 1
程式碼 問題管理 1 合併請求 0 版本發佈 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commit
6 分支
目錄樹: 4eb4cb327e
分支列表 標籤列表
${ item.name }
Create branch ${ searchTerm }
from '4eb4cb327e'
${ noResults }
Souke/vendor/yiisoft/yii2/rbac/BaseManager.php

BaseManager.php 6.5KB
原始文件 Normal View 文件歷史

Ajouter au dépot le dossier "vendor"
8 年之前
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213 
  1. <?php

  2. /**

  3.  * @link http://www.yiiframework.com/

  4.  * @copyright Copyright (c) 2008 Yii Software LLC

  5.  * @license http://www.yiiframework.com/license/

  6.  */

  7. 

  8. namespace yii\rbac;

  9. 

  10. use yii\base\Component;

  11. use yii\base\InvalidConfigException;

  12. use yii\base\InvalidParamException;

  13. 

  14. /**

  15.  * BaseManager is a base class implementing [[ManagerInterface]] for RBAC management.

  16.  *

  17.  * @author Qiang Xue <qiang.xue@gmail.com>

  18.  * @since 2.0

  19.  */

  20. abstract class BaseManager extends Component implements ManagerInterface

  21. {

  22.     /**

  23.      * @var array a list of role names that are assigned to every user automatically without calling [[assign()]].

  24.      */

  25.     public $defaultRoles = [];

  26. 

  27. 

  28.     /**

  29.      * Returns the named auth item.

  30.      * @param string $name the auth item name.

  31.      * @return Item the auth item corresponding to the specified name. Null is returned if no such item.

  32.      */

  33.     abstract protected function getItem($name);

  34. 

  35.     /**

  36.      * Returns the items of the specified type.

  37.      * @param integer $type the auth item type (either [[Item::TYPE_ROLE]] or [[Item::TYPE_PERMISSION]]

  38.      * @return Item[] the auth items of the specified type.

  39.      */

  40.     abstract protected function getItems($type);

  41. 

  42.     /**

  43.      * Adds an auth item to the RBAC system.

  44.      * @param Item $item

  45.      * @return boolean whether the auth item is successfully added to the system

  46.      * @throws \Exception if data validation or saving fails (such as the name of the role or permission is not unique)

  47.      */

  48.     abstract protected function addItem($item);

  49. 

  50.     /**

  51.      * Adds a rule to the RBAC system.

  52.      * @param Rule $rule

  53.      * @return boolean whether the rule is successfully added to the system

  54.      * @throws \Exception if data validation or saving fails (such as the name of the rule is not unique)

  55.      */

  56.     abstract protected function addRule($rule);

  57. 

  58.     /**

  59.      * Removes an auth item from the RBAC system.

  60.      * @param Item $item

  61.      * @return boolean whether the role or permission is successfully removed

  62.      * @throws \Exception if data validation or saving fails (such as the name of the role or permission is not unique)

  63.      */

  64.     abstract protected function removeItem($item);

  65. 

  66.     /**

  67.      * Removes a rule from the RBAC system.

  68.      * @param Rule $rule

  69.      * @return boolean whether the rule is successfully removed

  70.      * @throws \Exception if data validation or saving fails (such as the name of the rule is not unique)

  71.      */

  72.     abstract protected function removeRule($rule);

  73. 

  74.     /**

  75.      * Updates an auth item in the RBAC system.

  76.      * @param string $name the old name of the auth item

  77.      * @param Item $item

  78.      * @return boolean whether the auth item is successfully updated

  79.      * @throws \Exception if data validation or saving fails (such as the name of the role or permission is not unique)

  80.      */

  81.     abstract protected function updateItem($name, $item);

  82. 

  83.     /**

  84.      * Updates a rule to the RBAC system.

  85.      * @param string $name the old name of the rule

  86.      * @param Rule $rule

  87.      * @return boolean whether the rule is successfully updated

  88.      * @throws \Exception if data validation or saving fails (such as the name of the rule is not unique)

  89.      */

  90.     abstract protected function updateRule($name, $rule);

  91. 

  92.     /**

  93.      * @inheritdoc

  94.      */

  95.     public function createRole($name)

  96.     {

  97.         $role = new Role;

  98.         $role->name = $name;

  99.         return $role;

  100.     }

  101. 

  102.     /**

  103.      * @inheritdoc

  104.      */

  105.     public function createPermission($name)

  106.     {

  107.         $permission = new Permission();

  108.         $permission->name = $name;

  109.         return $permission;

  110.     }

  111. 

  112.     /**

  113.      * @inheritdoc

  114.      */

  115.     public function add($object)

  116.     {

  117.         if ($object instanceof Item) {

  118.             return $this->addItem($object);

  119.         } elseif ($object instanceof Rule) {

  120.             return $this->addRule($object);

  121.         } else {

  122.             throw new InvalidParamException("Adding unsupported object type.");

  123.         }

  124.     }

  125. 

  126.     /**

  127.      * @inheritdoc

  128.      */

  129.     public function remove($object)

  130.     {

  131.         if ($object instanceof Item) {

  132.             return $this->removeItem($object);

  133.         } elseif ($object instanceof Rule) {

  134.             return $this->removeRule($object);

  135.         } else {

  136.             throw new InvalidParamException("Removing unsupported object type.");

  137.         }

  138.     }

  139. 

  140.     /**

  141.      * @inheritdoc

  142.      */

  143.     public function update($name, $object)

  144.     {

  145.         if ($object instanceof Item) {

  146.             return $this->updateItem($name, $object);

  147.         } elseif ($object instanceof Rule) {

  148.             return $this->updateRule($name, $object);

  149.         } else {

  150.             throw new InvalidParamException("Updating unsupported object type.");

  151.         }

  152.     }

  153. 

  154.     /**

  155.      * @inheritdoc

  156.      */

  157.     public function getRole($name)

  158.     {

  159.         $item = $this->getItem($name);

  160.         return $item instanceof Item && $item->type == Item::TYPE_ROLE ? $item : null;

  161.     }

  162. 

  163.     /**

  164.      * @inheritdoc

  165.      */

  166.     public function getPermission($name)

  167.     {

  168.         $item = $this->getItem($name);

  169.         return $item instanceof Item && $item->type == Item::TYPE_PERMISSION ? $item : null;

  170.     }

  171. 

  172.     /**

  173.      * @inheritdoc

  174.      */

  175.     public function getRoles()

  176.     {

  177.         return $this->getItems(Item::TYPE_ROLE);

  178.     }

  179. 

  180.     /**

  181.      * @inheritdoc

  182.      */

  183.     public function getPermissions()

  184.     {

  185.         return $this->getItems(Item::TYPE_PERMISSION);

  186.     }

  187. 

  188.     /**

  189.      * Executes the rule associated with the specified auth item.

  190.      *

  191.      * If the item does not specify a rule, this method will return true. Otherwise, it will

  192.      * return the value of [[Rule::execute()]].

  193.      *

  194.      * @param string|integer $user the user ID. This should be either an integer or a string representing

  195.      * the unique identifier of a user. See [[\yii\web\User::id]].

  196.      * @param Item $item the auth item that needs to execute its rule

  197.      * @param array $params parameters passed to [[ManagerInterface::checkAccess()]] and will be passed to the rule

  198.      * @return boolean the return value of [[Rule::execute()]]. If the auth item does not specify a rule, true will be returned.

  199.      * @throws InvalidConfigException if the auth item has an invalid rule.

  200.      */

  201.     protected function executeRule($user, $item, $params)

  202.     {

  203.         if ($item->ruleName === null) {

  204.             return true;

  205.         }

  206.         $rule = $this->getRule($item->ruleName);

  207.         if ($rule instanceof Rule) {

  208.             return $rule->execute($user, $item, $params);

  209.         } else {

  210.             throw new InvalidConfigException("Rule not found: {$item->ruleName}");

  211.         }

  212.     }

  213. }