Laclic
/
Souke
보기 5
좋아요 0
포크 1
코드 이슈 1 풀 리퀘스트 0 릴리즈 0 위키 Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
290 커밋
6 브랜치
트리: 2c61078dfd
브랜치 태그
${ item.name }
Create branch ${ searchTerm }
from '2c61078dfd'
${ noResults }
Souke/vendor/yiisoft/yii2/rbac/BaseManager.php

224 lines
7.1KB
Raw Blame 히스토리 

  1. <?php

  2. /**

  3.  * @link http://www.yiiframework.com/

  4.  * @copyright Copyright (c) 2008 Yii Software LLC

  5.  * @license http://www.yiiframework.com/license/

  6.  */

  7. 

  8. namespace yii\rbac;

  9. 

  10. use yii\base\Component;

  11. use yii\base\InvalidConfigException;

  12. use yii\base\InvalidParamException;

  13. 

  14. /**

  15.  * BaseManager is a base class implementing [[ManagerInterface]] for RBAC management.

  16.  *

  17.  * @author Qiang Xue <qiang.xue@gmail.com>

  18.  * @since 2.0

  19.  */

  20. abstract class BaseManager extends Component implements ManagerInterface

  21. {

  22.     /**

  23.      * @var array a list of role names that are assigned to every user automatically without calling [[assign()]].

  24.      */

  25.     public $defaultRoles = [];

  26. 

  27. 

  28.     /**

  29.      * Returns the named auth item.

  30.      * @param string $name the auth item name.

  31.      * @return Item the auth item corresponding to the specified name. Null is returned if no such item.

  32.      */

  33.     abstract protected function getItem($name);

  34. 

  35.     /**

  36.      * Returns the items of the specified type.

  37.      * @param integer $type the auth item type (either [[Item::TYPE_ROLE]] or [[Item::TYPE_PERMISSION]]

  38.      * @return Item[] the auth items of the specified type.

  39.      */

  40.     abstract protected function getItems($type);

  41. 

  42.     /**

  43.      * Adds an auth item to the RBAC system.

  44.      * @param Item $item the item to add

  45.      * @return boolean whether the auth item is successfully added to the system

  46.      * @throws \Exception if data validation or saving fails (such as the name of the role or permission is not unique)

  47.      */

  48.     abstract protected function addItem($item);

  49. 

  50.     /**

  51.      * Adds a rule to the RBAC system.

  52.      * @param Rule $rule the rule to add

  53.      * @return boolean whether the rule is successfully added to the system

  54.      * @throws \Exception if data validation or saving fails (such as the name of the rule is not unique)

  55.      */

  56.     abstract protected function addRule($rule);

  57. 

  58.     /**

  59.      * Removes an auth item from the RBAC system.

  60.      * @param Item $item the item to remove

  61.      * @return boolean whether the role or permission is successfully removed

  62.      * @throws \Exception if data validation or saving fails (such as the name of the role or permission is not unique)

  63.      */

  64.     abstract protected function removeItem($item);

  65. 

  66.     /**

  67.      * Removes a rule from the RBAC system.

  68.      * @param Rule $rule the rule to remove

  69.      * @return boolean whether the rule is successfully removed

  70.      * @throws \Exception if data validation or saving fails (such as the name of the rule is not unique)

  71.      */

  72.     abstract protected function removeRule($rule);

  73. 

  74.     /**

  75.      * Updates an auth item in the RBAC system.

  76.      * @param string $name the name of the item being updated

  77.      * @param Item $item the updated item

  78.      * @return boolean whether the auth item is successfully updated

  79.      * @throws \Exception if data validation or saving fails (such as the name of the role or permission is not unique)

  80.      */

  81.     abstract protected function updateItem($name, $item);

  82. 

  83.     /**

  84.      * Updates a rule to the RBAC system.

  85.      * @param string $name the name of the rule being updated

  86.      * @param Rule $rule the updated rule

  87.      * @return boolean whether the rule is successfully updated

  88.      * @throws \Exception if data validation or saving fails (such as the name of the rule is not unique)

  89.      */

  90.     abstract protected function updateRule($name, $rule);

  91. 

  92.     /**

  93.      * @inheritdoc

  94.      */

  95.     public function createRole($name)

  96.     {

  97.         $role = new Role();

  98.         $role->name = $name;

  99.         return $role;

  100.     }

  101. 

  102.     /**

  103.      * @inheritdoc

  104.      */

  105.     public function createPermission($name)

  106.     {

  107.         $permission = new Permission();

  108.         $permission->name = $name;

  109.         return $permission;

  110.     }

  111. 

  112.     /**

  113.      * @inheritdoc

  114.      */

  115.     public function add($object)

  116.     {

  117.         if ($object instanceof Item) {

  118.             if ($object->ruleName && $this->getRule($object->ruleName) === null) {

  119.                 $rule = \Yii::createObject($object->ruleName);

  120.                 $rule->name = $object->ruleName;

  121.                 $this->addRule($rule);

  122.             }

  123.             return $this->addItem($object);

  124.         } elseif ($object instanceof Rule) {

  125.             return $this->addRule($object);

  126.         } else {

  127.             throw new InvalidParamException('Adding unsupported object type.');

  128.         }

  129.     }

  130. 

  131.     /**

  132.      * @inheritdoc

  133.      */

  134.     public function remove($object)

  135.     {

  136.         if ($object instanceof Item) {

  137.             return $this->removeItem($object);

  138.         } elseif ($object instanceof Rule) {

  139.             return $this->removeRule($object);

  140.         } else {

  141.             throw new InvalidParamException('Removing unsupported object type.');

  142.         }

  143.     }

  144. 

  145.     /**

  146.      * @inheritdoc

  147.      */

  148.     public function update($name, $object)

  149.     {

  150.         if ($object instanceof Item) {

  151.             if ($object->ruleName && $this->getRule($object->ruleName) === null) {

  152.                 $rule = \Yii::createObject($object->ruleName);

  153.                 $rule->name = $object->ruleName;

  154.                 $this->addRule($rule);

  155.             }

  156.             return $this->updateItem($name, $object);

  157.         } elseif ($object instanceof Rule) {

  158.             return $this->updateRule($name, $object);

  159.         } else {

  160.             throw new InvalidParamException('Updating unsupported object type.');

  161.         }

  162.     }

  163. 

  164.     /**

  165.      * @inheritdoc

  166.      */

  167.     public function getRole($name)

  168.     {

  169.         $item = $this->getItem($name);

  170.         return $item instanceof Item && $item->type == Item::TYPE_ROLE ? $item : null;

  171.     }

  172. 

  173.     /**

  174.      * @inheritdoc

  175.      */

  176.     public function getPermission($name)

  177.     {

  178.         $item = $this->getItem($name);

  179.         return $item instanceof Item && $item->type == Item::TYPE_PERMISSION ? $item : null;

  180.     }

  181. 

  182.     /**

  183.      * @inheritdoc

  184.      */

  185.     public function getRoles()

  186.     {

  187.         return $this->getItems(Item::TYPE_ROLE);

  188.     }

  189. 

  190.     /**

  191.      * @inheritdoc

  192.      */

  193.     public function getPermissions()

  194.     {

  195.         return $this->getItems(Item::TYPE_PERMISSION);

  196.     }

  197. 

  198.     /**

  199.      * Executes the rule associated with the specified auth item.

  200.      *

  201.      * If the item does not specify a rule, this method will return true. Otherwise, it will

  202.      * return the value of [[Rule::execute()]].

  203.      *

  204.      * @param string|integer $user the user ID. This should be either an integer or a string representing

  205.      * the unique identifier of a user. See [[\yii\web\User::id]].

  206.      * @param Item $item the auth item that needs to execute its rule

  207.      * @param array $params parameters passed to [[CheckAccessInterface::checkAccess()]] and will be passed to the rule

  208.      * @return boolean the return value of [[Rule::execute()]]. If the auth item does not specify a rule, true will be returned.

  209.      * @throws InvalidConfigException if the auth item has an invalid rule.

  210.      */

  211.     protected function executeRule($user, $item, $params)

  212.     {

  213.         if ($item->ruleName === null) {

  214.             return true;

  215.         }

  216.         $rule = $this->getRule($item->ruleName);

  217.         if ($rule instanceof Rule) {

  218.             return $rule->execute($user, $item, $params);

  219.         } else {

  220.             throw new InvalidConfigException("Rule not found: {$item->ruleName}");

  221.         }

  222.     }

  223. }