| Property | Type | Description | |
|---|---|---|---|
| $assignmentFile | the path of the PHP script that contains the authorization assignments. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online. | ||
| $itemFile | the path of the PHP script that contains the authorization items. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online. | ||
| $ruleFile | the path of the PHP script that contains the authorization rules. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online. |
| Property | Type | Description | |
|---|---|---|---|
| $assignments | array | ||
| $children | array | ||
| $items | |||
| $rules |
| Method | Description | |
|---|---|---|
| addChild ( $parent, $child ) | ||
| assign ( $role, $userId ) | ||
| canAddChild ( $parent, $child ) | ||
| checkAccess ( $userId, $permissionName, $params = [] ) | ||
| getAssignment ( $roleName, $userId ) | ||
| getAssignments ( $userId ) | ||
| getChildRoles ( $roleName ) | ||
| getChildren ( $name ) | ||
| getItem ( $name ) | ||
| getItems ( $type ) | ||
| getPermissionsByRole ( $roleName ) | ||
| getPermissionsByUser ( $userId ) | ||
| getRolesByUser ( $userId ) | ||
| getRule ( $name ) | ||
| getRules ( ) | ||
| getUserIdsByRole ( $roleName ) | ||
| hasChild ( $parent, $child ) | ||
| init ( ) | Initializes the application component. | |
| removeAll ( ) | ||
| removeAllAssignments ( ) | ||
| removeAllPermissions ( ) | ||
| removeAllRoles ( ) | ||
| removeAllRules ( ) | ||
| removeChild ( $parent, $child ) | ||
| removeChildren ( $parent ) | ||
| removeItem ( $item ) | ||
| revoke ( $role, $userId ) | ||
| revokeAll ( $userId ) | ||
| updateRule ( $name, $rule ) |
| Method | Description | |
|---|---|---|
| addItem ( $item ) | ||
| addRule ( $rule ) | ||
|
checkAccessRecursive ( string | integer $user, string $itemName, array $params, |
Performs access check for the specified user. | |
|
detectLoop ( |
Checks whether there is a loop in the authorization item hierarchy. | |
| getChildrenRecursive ( string $name, array &$result ) | Recursively finds all children and grand children of the specified item. | |
|
getDirectPermissionsByUser ( string | integer $userId ) : |
Returns all permissions that are directly assigned to user. | |
|
getInheritedPermissionsByUser ( string | integer $userId ) : |
Returns all permissions that the user inherits from the roles assigned to him. | |
| invalidateScriptCache ( string $file ) | Invalidates precompiled script cache (such as OPCache or APC) for the given file. | |
| load ( ) | Loads authorization data from persistent storage. | |
| loadFromFile ( string $file ) : array | Loads the authorization data from a PHP script file. | |
| removeAllItems ( integer $type ) | Removes all auth items of the specified type. | |
| removeRule ( $rule ) | ||
| save ( ) | Saves authorization data into persistent storage. | |
| saveAssignments ( ) | Saves assignments data into persistent storage. | |
| saveItems ( ) | Saves items data into persistent storage. | |
| saveRules ( ) | Saves rules data into persistent storage. | |
| saveToFile ( array $data, string $file ) | Saves the authorization data to a PHP script file. | |
| updateItem ( $name, $item ) |
|
protected checkAccessRecursive ( string | integer $user, string $itemName, array $params, |
||
| $user | string | integer | the user ID. This should can be either an integer or a string representing the unique identifier of a user. See [[\yii\web\User::id]]. |
| $itemName | string | the name of the operation that need access check |
| $params | array | name-value pairs that would be passed to rules associated with the tasks and roles assigned to the user. A param with name 'user' is added to this array, which holds the value of `$userId`. |
| $assignments | the assignments to the specified user | |
| return | boolean | whether the operations can be performed by the user. |
|
protected detectLoop ( |
||
| $parent | parent item | |
| $child | the child item that is to be added to the hierarchy | |
| return | boolean | whether a loop exists |
| protected getChildrenRecursive ( string $name, array &$result ) | ||
| $name | string | the name of the item whose children are to be looked for. |
| $result | array | the children and grand children (in array keys) |
|
protected getDirectPermissionsByUser ( string | integer $userId ) : |
||
| $userId | string | integer | the user ID (see [[\yii\web\User::id]]) |
| return | all direct permissions that the user has. The array is indexed by the permission names. | |
|
protected getInheritedPermissionsByUser ( string | integer $userId ) : |
||
| $userId | string | integer | the user ID (see [[\yii\web\User::id]]) |
| return | all inherited permissions that the user has. The array is indexed by the permission names. | |
| public init ( ) |
| protected invalidateScriptCache ( string $file ) | ||
| $file | string | the file path. |
| protected loadFromFile ( string $file ) : array | ||
| $file | string | the file path. |
| return | array | the authorization data |
| protected removeAllItems ( integer $type ) | ||
| $type | integer | the auth item type (either Item::TYPE_PERMISSION or Item::TYPE_ROLE) |
| protected saveAssignments ( ) |
| protected saveToFile ( array $data, string $file ) | ||
| $data | array | the authorization data |
| $file | string | the file path. |
| public $assignmentFile |
| public $itemFile |
| public $ruleFile |
