212 lines
6.2 KiB
212 lines
6.2 KiB
<?php |
|
/** |
|
* Created by Error202 |
|
* Date: 13.08.2017 |
|
*/ |
|
|
|
namespace core\services; |
|
|
|
use yii\helpers\ArrayHelper; |
|
use yii\rbac\ManagerInterface; |
|
use yii\rbac\Role; |
|
use yii\helpers\Json; |
|
|
|
class RoleManager |
|
{ |
|
private $manager; |
|
|
|
public function __construct(ManagerInterface $manager) |
|
{ |
|
$this->manager = $manager; |
|
} |
|
|
|
public function assign($userId, $name) |
|
{ |
|
$am = $this->manager; |
|
$am->revokeAll($userId); |
|
if (!$role = $am->getRole($name)) { |
|
throw new \DomainException('Role "' . $name . '" does not exist.'); |
|
} |
|
$am->revokeAll($userId); |
|
$am->assign($role, $userId); |
|
} |
|
|
|
public function create($name, $description = '', $ruleName = null, $data = null) |
|
{ |
|
$am = $this->manager; |
|
if ($role = $am->getRole($name)) { |
|
throw new \DomainException('Role "' . $name . '" is already exist.'); |
|
} |
|
$newRole = $am->createRole($name); |
|
$newRole->description = $description; |
|
$newRole->data = $data == null ? null : Json::decode($data); |
|
$newRole->ruleName = empty($ruleName) ? null : $ruleName; |
|
try { |
|
$am->add($newRole); |
|
} |
|
catch (\ReflectionException $e) |
|
{ |
|
throw new \DomainException($e->getMessage()); |
|
} |
|
} |
|
|
|
public function update($name, $newName, $description = '', $ruleName = null, $data = null) |
|
{ |
|
$am = $this->manager; |
|
if (!$role = $am->getRole($name)) { |
|
throw new \DomainException('Role "' . $name . '" does not exist.'); |
|
} |
|
if (($name == 'admin' || $name == 'user') && $name != $newName) |
|
{ |
|
throw new \DomainException('Role "' . $name . '" can not be renamed.'); |
|
} |
|
$role->name = $newName; |
|
$role->description = $description; |
|
$role->ruleName = empty($ruleName) ? null : $ruleName; |
|
$role->data = $data == null ? null : Json::decode($data); |
|
try { |
|
$am->update($name, $role); |
|
} |
|
catch (\ReflectionException $e) |
|
{ |
|
throw new \DomainException($e->getMessage()); |
|
} |
|
} |
|
|
|
public function delete($name) |
|
{ |
|
$am = $this->manager; |
|
if (!$role = $am->getRole($name)) { |
|
throw new \DomainException('Role "' . $name . '" does not exist.'); |
|
} |
|
if ($role->name == 'admin' || $role->name == 'user') |
|
{ |
|
throw new \DomainException('Can not delete role "' . $name . '"'); |
|
} |
|
$am->remove($role); |
|
} |
|
|
|
public function child($parentRoleName, $childRoleName) |
|
{ |
|
$am = $this->manager; |
|
if (!$parentRole = $am->getRole($parentRoleName)) { |
|
throw new \DomainException('Parent role "' . $parentRoleName . '" does not exist.'); |
|
} |
|
if (!$childRole = $am->getRole($childRoleName)) { |
|
throw new \DomainException('Child role "' . $childRoleName . '" does not exist.'); |
|
} |
|
if ($parentRoleName == $childRoleName) |
|
{ |
|
throw new \DomainException('Can not add a role to yourself.'); |
|
} |
|
$am->addChild($parentRole, $childRole); |
|
} |
|
|
|
public function killchild($parentRoleName, $childRoleName) |
|
{ |
|
$am = $this->manager; |
|
if (!$parentRole = $am->getRole($parentRoleName)) { |
|
throw new \DomainException('Parent role "' . $parentRoleName . '" does not exist.'); |
|
} |
|
if (!$childRole = $am->getRole($childRoleName)) { |
|
throw new \DomainException('Child role "' . $childRoleName . '" does not exist.'); |
|
} |
|
if ($parentRoleName == $childRoleName) |
|
{ |
|
throw new \DomainException('Can not kill yourself as child.'); |
|
} |
|
if (!$am->hasChild($parentRole, $childRole)) |
|
{ |
|
throw new \DomainException('Role "' . $childRoleName . '" does not assigned to "' . $parentRoleName . '".'); |
|
} |
|
$am->removeChild($parentRole, $childRole); |
|
} |
|
|
|
public function getRoles() |
|
{ |
|
$am = $this->manager; |
|
return $am->getRoles(); |
|
} |
|
|
|
public function getRole($name) |
|
{ |
|
$am = $this->manager; |
|
if (!$role = $am->getRole($name)) { |
|
throw new \DomainException('Role "' . $name . '" does not exist.'); |
|
} |
|
return $role; |
|
} |
|
|
|
public function getChildRoles($name) |
|
{ |
|
$am = $this->manager; |
|
return $am->getChildRoles($name); |
|
} |
|
|
|
public function getRolesNamesByUser($id) |
|
{ |
|
$am = $this->manager; |
|
$roles = $am->getRolesByUser($id); |
|
return array_map(function(Role $role){ |
|
return $role->name; |
|
}, $roles); |
|
} |
|
|
|
public function getRolesListArray() |
|
{ |
|
$data = array_map(function (Role $role){ |
|
return [ |
|
'name' => $role->name, |
|
'description' => $role->description, |
|
]; |
|
}, $this->getRoles()); |
|
return $data; |
|
} |
|
|
|
public function getRolesSelectArray() |
|
{ |
|
$data = ArrayHelper::map($this->getRoles(), 'name', 'description'); |
|
return $data; |
|
} |
|
|
|
public function getRolesSelectArrayByRole($id) |
|
{ |
|
$am = $this->manager; |
|
$data = ArrayHelper::getColumn($am->getChildRoles($id), 'name'); |
|
return $data; |
|
} |
|
|
|
public function saveChildren($roleName, $rolesNames, $permissionNames) |
|
{ |
|
$am = $this->manager; |
|
$role = $am->getRole($roleName); |
|
$am->removeChildren($role); |
|
|
|
if (is_array($rolesNames) && !empty($rolesNames)) { |
|
foreach ($rolesNames as $name) { |
|
$childRole = $am->getRole($name); |
|
$am->addChild($role, $childRole); |
|
} |
|
} |
|
|
|
if (is_array($permissionNames) && !empty($permissionNames)) { |
|
foreach ($permissionNames as $name) { |
|
$childPermission = $am->getPermission($name); |
|
$am->addChild($role, $childPermission); |
|
} |
|
} |
|
} |
|
|
|
public static function getCurrentRoleName() |
|
{ |
|
$roles = \Yii::$app->authManager->getRolesByUser(\Yii::$app->user->id); |
|
if (!$roles) { |
|
return null; |
|
} |
|
reset($roles); |
|
/* @var $role \yii\rbac\Role */ |
|
$role = current($roles); |
|
|
|
return $role->name; |
|
} |
|
} |