Fixes #7656: Fixed `yii\rbac\DbManager::getRolesByUser()` and `yii\rbac\PhpManager::getRolesByUser()` to return roles only

10 years ago · 28dce6c9b6
4 changed files with 13 additions and 2 deletions
--- a/framework/CHANGELOG.md
+++ b/framework/CHANGELOG.md
@ -9,6 +9,7 @@ Yii Framework 2 Change Log
 - Bug #7473: Fixed `yii\console\controllers\AssetController` does not create missing folders for the target bundles (schmunk42, klimov-paul)
 - Bug #7529: Fixed `yii\web\Response::sendContentAsFile()` that was broken in 2.0.3 (samdark)
 - Bug #7603: Fixed escape characters in `FormatConverter` to work with unicode characters (maddoger, cebe)
 - Bug #7656: Fixed `yii\rbac\DbManager::getRolesByUser()` and `yii\rbac\PhpManager::getRolesByUser()` to return roles only (samdark)
 - Bug #7757: Fix fetching tables schema for oci and mysql when PDO::ATTR_CASE is set (nineinchnick)
 - Bug #7775: Added more strict check on controller IDs when they are being used to create controller instances on Windows (Bhoft, qiangxue)
 - Bug #7831: Add order when fetching database table names and constraints (nineinchnick)
--- a/framework/rbac/DbManager.php
+++ b/framework/rbac/DbManager.php
@ -454,7 +454,8 @@ class DbManager extends BaseManager
        $query = (new Query)->select('b.*')
            ->from(['a' => $this->assignmentTable, 'b' => $this->itemTable])
            ->where('{{a}}.[[item_name]]={{b}}.[[name]]')
-            ->andWhere(['a.user_id' => (string) $userId]);
+            ->andWhere(['a.user_id' => (string) $userId])
            ->andWhere(['b.type' => Item::TYPE_ROLE]);
        $roles = [];
        foreach ($query->all($this->db) as $row) {
--- a/framework/rbac/PhpManager.php
+++ b/framework/rbac/PhpManager.php
@ -377,7 +377,10 @@ class PhpManager extends BaseManager
    {
        $roles = [];
        foreach ($this->getAssignments($userId) as $name => $assignment) {
-            $roles[$name] = $this->items[$assignment->roleName];
+            $role = $this->items[$assignment->roleName];
            if ($role->type === Item::TYPE_ROLE) {
                $roles[$name] = $role;
            }
        }
        return $roles;
--- a/tests/framework/rbac/ManagerTestCase.php
+++ b/tests/framework/rbac/ManagerTestCase.php
@ -182,6 +182,10 @@ abstract class ManagerTestCase extends TestCase
        $rule = new AuthorRule;
        $this->auth->add($rule);
        $uniqueTrait = $this->auth->createPermission('Fast Metabolism');
        $uniqueTrait->description = 'Your metabolic rate is twice normal. This means that you are much less resistant to radiation and poison, but your body heals faster.';
        $this->auth->add($uniqueTrait);
        $createPost = $this->auth->createPermission('createPost');
        $createPost->description = 'create a post';
        $this->auth->add($createPost);
@ -214,6 +218,8 @@ abstract class ManagerTestCase extends TestCase
        $this->auth->addChild($admin, $author);
        $this->auth->addChild($admin, $updateAnyPost);
        $this->auth->assign($uniqueTrait, 'reader A');
        $this->auth->assign($reader, 'reader A');
        $this->auth->assign($author, 'author B');
        $this->auth->assign($admin, 'admin C');