From e516d64d1ec3721b5a685145086129f7f93d0cff Mon Sep 17 00:00:00 2001 From: deltacube <34888059+deltacube@users.noreply.github.com> Date: Sat, 13 Jan 2018 20:02:34 +0200 Subject: [PATCH] Fixes #15422: Added default roles dynamic definition support via closure for `yii\rbac\BaseManager` --- framework/CHANGELOG.md | 1 + framework/rbac/BaseManager.php | 32 +++++++++++++++++++++++++++++++- tests/framework/rbac/ManagerTestCase.php | 24 ++++++++++++++++++++++++ 3 files changed, 56 insertions(+), 1 deletion(-) diff --git a/framework/CHANGELOG.md b/framework/CHANGELOG.md index c622b11..0565af4 100644 --- a/framework/CHANGELOG.md +++ b/framework/CHANGELOG.md @@ -57,6 +57,7 @@ Yii Framework 2 Change Log - Enh #15357: Added multi statement support for `yii\db\sqlite\Command` (sergeymakinen) - Enh #15360: Refactored `BaseConsole::updateProgress()` (developeruz) - Enh #15415: Added transaction/retry support for `yii\db\Command` (sergeymakinen) +- Enh #15422: Added default roles dynamic definition support via closure for `yii\rbac\BaseManager` (deltacube) - Enh: Added check to `yii\base\Model::formName()` to prevent source path disclosure when form is represented by an anonymous class (silverfire) - Chg #15420: Handle OPTIONS request in `yii\filter\Cors` so the preflight check isn't passed trough authentication filters (michaelarnauts, leandrogehlen) diff --git a/framework/rbac/BaseManager.php b/framework/rbac/BaseManager.php index a772bc9..26e153f 100644 --- a/framework/rbac/BaseManager.php +++ b/framework/rbac/BaseManager.php @@ -28,7 +28,7 @@ abstract class BaseManager extends Component implements ManagerInterface * @var array a list of role names that are assigned to every user automatically without calling [[assign()]]. * Note that these roles are applied to users, regardless of their state of authentication. */ - public $defaultRoles = []; + protected $defaultRoles = []; /** @@ -196,6 +196,36 @@ abstract class BaseManager extends Component implements ManagerInterface } /** + * Set default roles + * @param array|\Closure $roles either array of roles or a callable returning it + * @since 2.0.14 + */ + public function setDefaultRoles($roles) + { + if (is_array($roles)) { + $this->defaultRoles = $roles; + } elseif (is_callable($roles)) { + $roles = $roles(); + if (!is_array($roles)) { + throw new InvalidParamException('Default roles closure must return an array'); + } + $this->defaultRoles = $roles; + } else { + throw new InvalidParamException('Default roles must be either an array or a callable'); + } + } + + /** + * Get default roles + * @return array default roles + * @since 2.0.14 + */ + public function getDefaultRoles() + { + return $this->defaultRoles; + } + + /** * Returns defaultRoles as array of Role objects. * @since 2.0.12 * @return Role[] default roles. The array is indexed by the role names diff --git a/tests/framework/rbac/ManagerTestCase.php b/tests/framework/rbac/ManagerTestCase.php index 5547d1a..83a595b 100644 --- a/tests/framework/rbac/ManagerTestCase.php +++ b/tests/framework/rbac/ManagerTestCase.php @@ -7,6 +7,7 @@ namespace yiiunit\framework\rbac; +use yii\base\InvalidParamException; use yii\rbac\Item; use yii\rbac\Permission; use yii\rbac\Role; @@ -613,4 +614,27 @@ abstract class ManagerTestCase extends TestCase $rule = $this->auth->getRule('action_rule'); $this->assertInstanceOf(ActionRule::className(), $rule); } + + public function testDefaultRoles() + { + try { + $this->auth->defaultRoles = 'test'; + } catch (\Exception $e) { + $this->assertInstanceOf(InvalidParamException::class, $e); + $this->assertEquals('Default roles must be either an array or a callable', $e->getMessage()); + + try { + $this->auth->defaultRoles = function () { + return 'test'; + }; + } catch (\Exception $e) { + $this->assertInstanceOf(InvalidParamException::class, $e); + $this->assertEquals('Default roles closure must return an array', $e->getMessage()); + } + + return; + } + + $this->fail('Not rise an exception'); + } }