Консольный скрипт для создания ролей, разрешений и имен правил в rbac (roles, permissions, rules)
Primary tabs
О создании консольной команды мы говорили тут.
Консольный скрипт для создания ролей в rbac
<?php namespace app\modules\admin\commands; //use yii\helpers\Console; use yii\console\Controller; use Yii; /** * Конфигурируем роли, разрешения и правила. * * @package app\commands */ class RolesController extends Controller { /** * Тестовый метод для консольной команды. * * Вызвать можно так: * ./yii admin/roles/init */ public function actionInit() { $rule_ar = ['ANotOnlyViewRule' => 'app\rbac\rules\NotOnlyViewRule', 'BNotOnlyViewRule' => 'app\rbac\rules\NotOnlyViewRule', 'CNotOnlyViewRule' => 'app\rbac\rules\NotOnlyViewRule', ]; $perm_ar = [ 'ANotOnlyViewPermission' => ['rule' => 'ANotOnlyViewRule', 'description' => 'Если пользователь принадлежит к ручным КДЛ'], 'BNotOnlyViewPermission' => ['rule' => 'BNotOnlyViewRule', 'description' => 'Если пользователь принадлежит к ручным КДЛ'], 'CNotOnlyViewPermission' => ['rule' => 'CNotOnlyViewRule', 'description' => 'Если пользователь принадлежит к ручным КДЛ'], ]; $role_ar = ['A_ROLE' => ['description' => 'Просто для пробы.', 'permissions' => ['ANotOnlyViewPermission', 'BNotOnlyViewPermission'], 'childRoles' => ['D_ROLE'] ], 'B_ROLE' => ['description' => 'Просто для пробы.', 'permissions' => ['BNotOnlyViewPermission', ], 'childRoles' => ['D_ROLE'] ], 'C_ROLE' => ['description' => 'Просто для пробы.', 'permissions' => ['CNotOnlyViewPermission', 'ANotOnlyViewPermission'], 'childRoles' => ['ABC_ROLE'] ] ]; $this->createRules($rule_ar); $this->createPermissions($perm_ar); $this->createRoles($role_ar); } public function actionRemoveAll() { echo "All the authorization data will be removed! Are you sure?(yes/no)\n"; $line = trim(fgets(STDIN)); if($line == "yes") { $auth = Yii::$app->authManager; $auth->removeAll(); echo "Goodbye all the authorization data!\n"; } } private function createRules($rules) { $auth = Yii::$app->authManager; $res = []; $all_rules = $auth->getRules(); foreach ($rules as $key => $value) { if (!array_key_exists($key, $all_rules)) { $res[$key] = null; eval('$res[$key] = new '. $value. ';'); if ($res[$key]) { $res[$key]->name = $key; $auth->add($res[$key]); } echo "Rule $key was added.\n"; } } return $res; } private function createPermissions($permissions) { $auth = Yii::$app->authManager; $res = []; $all_rules = $auth->getRules(); $all_permissions = $auth->getPermissions(); foreach ($permissions as $key => $value) { if (!array_key_exists($key, $all_permissions)) { $res[$key] = $auth->createPermission($key); echo "Permission $key was added\n"; if ($value['rule'] && array_key_exists($value['rule'], $all_rules)) { $rulename = $all_rules[$value['rule']]->name; $res[$key]->ruleName = $rulename; echo "\twith rule $rulename\n"; } if ($value['description']) { $res[$key]->description = $value['description']; } $auth->add($res[$key]); if (array_key_exists('permissions', $value)) { $all_permissions = $auth->getPermissions(); foreach ($value['permissions'] as $permission) { if (array_key_exists($permission, $all_permissions)) { $auth->addChild($res[$key], $all_permissions[$permission]); echo "\twith permission ". $permission. "\n"; } } } } } return $res; } private function createRoles($roles) { $auth = Yii::$app->authManager; $res = []; $all_permissions = $auth->getPermissions(); $all_roles = $auth->getRoles(); $all_rules = $auth->getRules(); foreach ($roles as $key => $value) { if (!array_key_exists($key, $all_roles)) { $res[$key] = $auth->createRole($key); if (array_key_exists('rule', $value)) { $res[$key]->rule = $value['rule']; } if (array_key_exists('description', $value)) { $res[$key]->description = $value['description']; } $auth->add($res[$key]); echo "Role $key was added\n"; if (array_key_exists('permissions', $value)) { foreach ($value['permissions'] as $permission) { if (array_key_exists($permission, $all_permissions)) { $auth->addChild($res[$key], $all_permissions[$permission]); echo "\twith permission ". $permission. "\n"; } } } if (array_key_exists('childRoles', $value)) { $all_roles = $auth->getRoles(); foreach ($value['childRoles'] as $childRole) { if (array_key_exists($childRole, $all_roles)) { $auth->addChild($res[$key], $all_roles[$childRole]); echo "\t\twith child role ". $childRole. "\n"; } } } } } return $res; } }
Метод для удаления запускается командой
./yii admin/roles/remove-all
- Log in to post comments
- 1894 reads