Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.

241 Zeilen
8.4KB

  1. <?php
  2. /**
  3. * @link http://www.yiiframework.com/
  4. * @copyright Copyright (c) 2008 Yii Software LLC
  5. * @license http://www.yiiframework.com/license/
  6. */
  7. namespace yii\rbac;
  8. /**
  9. * @author Qiang Xue <qiang.xue@gmail.com>
  10. * @since 2.0
  11. */
  12. interface ManagerInterface
  13. {
  14. /**
  15. * Checks if the user has the specified permission.
  16. * @param string|integer $userId the user ID. This should be either an integer or a string representing
  17. * the unique identifier of a user. See [[\yii\web\User::id]].
  18. * @param string $permissionName the name of the permission to be checked against
  19. * @param array $params name-value pairs that will be passed to the rules associated
  20. * with the roles and permissions assigned to the user.
  21. * @return boolean whether the user has the specified permission.
  22. * @throws \yii\base\InvalidParamException if $permissionName does not refer to an existing permission
  23. */
  24. public function checkAccess($userId, $permissionName, $params = []);
  25. /**
  26. * Creates a new Role object.
  27. * Note that the newly created role is not added to the RBAC system yet.
  28. * You must fill in the needed data and call [[add()]] to add it to the system.
  29. * @param string $name the role name
  30. * @return Role the new Role object
  31. */
  32. public function createRole($name);
  33. /**
  34. * Creates a new Permission object.
  35. * Note that the newly created permission is not added to the RBAC system yet.
  36. * You must fill in the needed data and call [[add()]] to add it to the system.
  37. * @param string $name the permission name
  38. * @return Permission the new Permission object
  39. */
  40. public function createPermission($name);
  41. /**
  42. * Adds a role, permission or rule to the RBAC system.
  43. * @param Role|Permission|Rule $object
  44. * @return boolean whether the role, permission or rule is successfully added to the system
  45. * @throws \Exception if data validation or saving fails (such as the name of the role or permission is not unique)
  46. */
  47. public function add($object);
  48. /**
  49. * Removes a role, permission or rule from the RBAC system.
  50. * @param Role|Permission|Rule $object
  51. * @return boolean whether the role, permission or rule is successfully removed
  52. */
  53. public function remove($object);
  54. /**
  55. * Updates the specified role, permission or rule in the system.
  56. * @param string $name the old name of the role, permission or rule
  57. * @param Role|Permission|Rule $object
  58. * @return boolean whether the update is successful
  59. * @throws \Exception if data validation or saving fails (such as the name of the role or permission is not unique)
  60. */
  61. public function update($name, $object);
  62. /**
  63. * Returns the named role.
  64. * @param string $name the role name.
  65. * @return Role the role corresponding to the specified name. Null is returned if no such role.
  66. */
  67. public function getRole($name);
  68. /**
  69. * Returns all roles in the system.
  70. * @return Role[] all roles in the system. The array is indexed by the role names.
  71. */
  72. public function getRoles();
  73. /**
  74. * Returns the roles that are assigned to the user via [[assign()]].
  75. * Note that child roles that are not assigned directly to the user will not be returned.
  76. * @param string|integer $userId the user ID (see [[\yii\web\User::id]])
  77. * @return Role[] all roles directly or indirectly assigned to the user. The array is indexed by the role names.
  78. */
  79. public function getRolesByUser($userId);
  80. /**
  81. * Returns the named permission.
  82. * @param string $name the permission name.
  83. * @return Permission the permission corresponding to the specified name. Null is returned if no such permission.
  84. */
  85. public function getPermission($name);
  86. /**
  87. * Returns all permissions in the system.
  88. * @return Permission[] all permissions in the system. The array is indexed by the permission names.
  89. */
  90. public function getPermissions();
  91. /**
  92. * Returns all permissions that the specified role represents.
  93. * @param string $roleName the role name
  94. * @return Permission[] all permissions that the role represents. The array is indexed by the permission names.
  95. */
  96. public function getPermissionsByRole($roleName);
  97. /**
  98. * Returns all permissions that the user has.
  99. * @param string|integer $userId the user ID (see [[\yii\web\User::id]])
  100. * @return Permission[] all permissions that the user has. The array is indexed by the permission names.
  101. */
  102. public function getPermissionsByUser($userId);
  103. /**
  104. * Returns the rule of the specified name.
  105. * @param string $name the rule name
  106. * @return Rule the rule object, or null if the specified name does not correspond to a rule.
  107. */
  108. public function getRule($name);
  109. /**
  110. * Returns all rules available in the system.
  111. * @return Rule[] the rules indexed by the rule names
  112. */
  113. public function getRules();
  114. /**
  115. * Adds an item as a child of another item.
  116. * @param Item $parent
  117. * @param Item $child
  118. * @throws \yii\base\Exception if the parent-child relationship already exists or if a loop has been detected.
  119. */
  120. public function addChild($parent, $child);
  121. /**
  122. * Removes a child from its parent.
  123. * Note, the child item is not deleted. Only the parent-child relationship is removed.
  124. * @param Item $parent
  125. * @param Item $child
  126. * @return boolean whether the removal is successful
  127. */
  128. public function removeChild($parent, $child);
  129. /**
  130. * Removed all children form their parent.
  131. * Note, the children items are not deleted. Only the parent-child relationships are removed.
  132. * @param Item $parent
  133. * @return boolean whether the removal is successful
  134. */
  135. public function removeChildren($parent);
  136. /**
  137. * Returns a value indicating whether the child already exists for the parent.
  138. * @param Item $parent
  139. * @param Item $child
  140. * @return boolean whether `$child` is already a child of `$parent`
  141. */
  142. public function hasChild($parent, $child);
  143. /**
  144. * Returns the child permissions and/or roles.
  145. * @param string $name the parent name
  146. * @return Item[] the child permissions and/or roles
  147. */
  148. public function getChildren($name);
  149. /**
  150. * Assigns a role to a user.
  151. *
  152. * @param Role $role
  153. * @param string|integer $userId the user ID (see [[\yii\web\User::id]])
  154. * @return Assignment the role assignment information.
  155. * @throws \Exception if the role has already been assigned to the user
  156. */
  157. public function assign($role, $userId);
  158. /**
  159. * Revokes a role from a user.
  160. * @param Role $role
  161. * @param string|integer $userId the user ID (see [[\yii\web\User::id]])
  162. * @return boolean whether the revoking is successful
  163. */
  164. public function revoke($role, $userId);
  165. /**
  166. * Revokes all roles from a user.
  167. * @param mixed $userId the user ID (see [[\yii\web\User::id]])
  168. * @return boolean whether the revoking is successful
  169. */
  170. public function revokeAll($userId);
  171. /**
  172. * Returns the assignment information regarding a role and a user.
  173. * @param string|integer $userId the user ID (see [[\yii\web\User::id]])
  174. * @param string $roleName the role name
  175. * @return Assignment the assignment information. Null is returned if
  176. * the role is not assigned to the user.
  177. */
  178. public function getAssignment($roleName, $userId);
  179. /**
  180. * Returns all role assignment information for the specified user.
  181. * @param string|integer $userId the user ID (see [[\yii\web\User::id]])
  182. * @return Assignment[] the assignments indexed by role names. An empty array will be
  183. * returned if there is no role assigned to the user.
  184. */
  185. public function getAssignments($userId);
  186. /**
  187. * Removes all authorization data, including roles, permissions, rules, and assignments.
  188. */
  189. public function removeAll();
  190. /**
  191. * Removes all permissions.
  192. * All parent child relations will be adjusted accordingly.
  193. */
  194. public function removeAllPermissions();
  195. /**
  196. * Removes all roles.
  197. * All parent child relations will be adjusted accordingly.
  198. */
  199. public function removeAllRoles();
  200. /**
  201. * Removes all rules.
  202. * All roles and permissions which have rules will be adjusted accordingly.
  203. */
  204. public function removeAllRules();
  205. /**
  206. * Removes all role assignments.
  207. */
  208. public function removeAllAssignments();
  209. }