From 197e8080086db64219f3163a09033943a69d97c0 Mon Sep 17 00:00:00 2001 From: ElisDN Date: Wed, 17 Feb 2016 12:42:31 +0300 Subject: [PATCH] Extracted hybrid auth manager --- composer.json | 3 +- composer.lock | 55 +++++- config/common.php | 2 +- modules/user/components/AuthManager.php | 182 ------------------ .../components/AuthRoleModelInterface.php | 38 ---- .../events/RemoveAllAssignmentsEvent.php | 10 - .../user/components/events/RemoveAllEvent.php | 10 - .../components/events/RemoveRoleEvent.php | 10 - .../components/events/RenameRoleEvent.php | 11 -- modules/user/models/User.php | 2 +- 10 files changed, 57 insertions(+), 266 deletions(-) delete mode 100644 modules/user/components/AuthManager.php delete mode 100644 modules/user/components/AuthRoleModelInterface.php delete mode 100644 modules/user/components/events/RemoveAllAssignmentsEvent.php delete mode 100644 modules/user/components/events/RemoveAllEvent.php delete mode 100644 modules/user/components/events/RemoveRoleEvent.php delete mode 100644 modules/user/components/events/RenameRoleEvent.php diff --git a/composer.json b/composer.json index 7193b90..68eef10 100644 --- a/composer.json +++ b/composer.json @@ -18,7 +18,8 @@ "bower-asset/respond": "*", "bower-asset/jquery": "1.*", "kartik-v/yii2-widget-datepicker": "*", - "kartik-v/yii2-field-range": "*" + "kartik-v/yii2-field-range": "*", + "elisdn/yii2-hybrid-authmanager": "^1.0" }, "require-dev": { "yiisoft/yii2-codeception": "*", diff --git a/composer.lock b/composer.lock index f8830cc..96e85aa 100644 --- a/composer.lock +++ b/composer.lock @@ -4,8 +4,8 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "a9537e7492d6a354e71d29abf81e764b", - "content-hash": "58b25914490e3e94540293fba462f43f", + "hash": "68340cb564f726587cb3983cfbc8091d", + "content-hash": "9a023dc2f85b7d8740f2a350321899ed", "packages": [ { "name": "bower-asset/bootstrap", @@ -320,6 +320,57 @@ ], "time": "2015-03-06 05:28:07" }, + { + "name": "elisdn/yii2-hybrid-authmanager", + "version": "1.0.0", + "source": { + "type": "git", + "url": "https://github.com/ElisDN/yii2-hybrid-authmanager.git", + "reference": "f353a0debecfacec2be5d17b10c45d9ddb84c52e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ElisDN/yii2-hybrid-authmanager/zipball/f353a0debecfacec2be5d17b10c45d9ddb84c52e", + "reference": "f353a0debecfacec2be5d17b10c45d9ddb84c52e", + "shasum": "" + }, + "require": { + "yiisoft/yii2": "~2.0" + }, + "require-dev": { + "phpunit/phpunit": "4.*" + }, + "type": "yii2-extension", + "extra": { + "asset-installer-paths": { + "npm-asset-library": "vendor/npm", + "bower-asset-library": "vendor/bower" + } + }, + "autoload": { + "psr-4": { + "elisdn\\hybrid\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Dmitriy Yeliseyev", + "email": "mail@elisdn.ru", + "homepage": "http://www.elisdn.ru" + } + ], + "description": "Hybrid RBAC AuthManager for Yii2 Framework.", + "keywords": [ + "authmanager", + "yii 2", + "yii2" + ], + "time": "2016-03-18 14:36:27" + }, { "name": "ezyang/htmlpurifier", "version": "v4.6.0", diff --git a/config/common.php b/config/common.php index 56faa00..4b546de 100644 --- a/config/common.php +++ b/config/common.php @@ -53,7 +53,7 @@ ], ], 'authManager' => [ - 'class' => 'app\modules\user\components\AuthManager', + 'class' => 'elisdn\hybrid\AuthManager', 'modelClass' => 'app\modules\user\models\User', ], 'i18n' => [ diff --git a/modules/user/components/AuthManager.php b/modules/user/components/AuthManager.php deleted file mode 100644 index bde4a09..0000000 --- a/modules/user/components/AuthManager.php +++ /dev/null @@ -1,182 +0,0 @@ -getUser($userId)) { - foreach ($user->getAuthRoleNames() as $roleName) { - $assignment = new Assignment(); - $assignment->userId = $userId; - $assignment->roleName = $roleName; - $assignments[$assignment->roleName] = $assignment; - } - } - return $assignments; - } - - /** - * @inheritdoc - */ - public function getAssignment($roleName, $userId) - { - if ($userId && $user = $this->getUser($userId)) { - if (in_array($roleName, $user->getAuthRoleNames())) { - $assignment = new Assignment(); - $assignment->userId = $userId; - $assignment->roleName = $roleName; - return $assignment; - } - } - return null; - } - - /** - * @inheritdoc - */ - public function getUserIdsByRole($roleName) - { - /** @var AuthRoleModelInterface $class */ - $class = $this->modelClass; - return $class::findAuthIdsByRoleName($roleName); - } - - /** - * @inheritdoc - */ - protected function updateItem($name, $item) - { - if (parent::updateItem($name, $item)) { - if ($item->name !== $name) { - $this->trigger(self::EVENT_RENAME_ROLE, new RenameRoleEvent([ - 'oldRoleName' => $name, - 'newRoleName' => $item->name, - ])); - } - return true; - } - return false; - } - - /** - * @inheritdoc - */ - public function removeItem($item) - { - if (parent::removeItem($item)) { - $this->trigger(self::EVENT_REMOVE_ROLE, new RemoveRoleEvent([ - 'roleName' => $item->name, - ])); - return true; - } - return false; - } - - public function removeAll() - { - parent::removeAll(); - $this->trigger(self::EVENT_REMOVE_ALL, new RemoveAllEvent()); - } - - public function removeAllAssignments() - { - parent::removeAllAssignments(); - $this->trigger(self::EVENT_REMOVE_ALL_ASSIGNMENTS, new RemoveAllAssignmentsEvent()); - } - - /** - * @inheritdoc - */ - public function assign($role, $userId) - { - if ($userId && $user = $this->getUser($userId)) { - if (in_array($role->name, $user->getAuthRoleNames())) { - throw new InvalidParamException("Authorization item '{$role->name}' has already been assigned to user '$userId'."); - } else { - $assignment = new Assignment([ - 'userId' => $userId, - 'roleName' => $role->name, - 'createdAt' => time(), - ]); - $user->addAuthRoleName($role->name); - return $assignment; - } - } - return false; - } - - /** - * @inheritdoc - */ - public function revoke($role, $userId) - { - if ($userId && $user = $this->getUser($userId)) { - if (in_array($role->name, $user->getAuthRoleNames())) { - $user->removeAuthRoleName($role->name); - return true; - } - } - return false; - } - - /** - * @inheritdoc - */ - public function revokeAll($userId) - { - if ($userId && $user = $this->getUser($userId)) { - $user->clearAuthRoleNames(); - return true; - } - return false; - } - - /** - * @param integer $userId - * @throws \yii\base\InvalidValueException - * @return null|AuthRoleModelInterface - */ - private function getUser($userId) - { - /** @var \yii\web\User $webUser */ - $webUser = Yii::$app->get('user', false); - if ($webUser && !$webUser->getIsGuest() && $webUser->getId() == $userId && $webUser->getIdentity() instanceof AuthRoleModelInterface) { - return $webUser->getIdentity(); - } else { - /** @var AuthRoleModelInterface $class */ - $class = $this->modelClass; - $identity = $class::findAuthRoleIdentity($userId); - if ($identity && !$identity instanceof AuthRoleModelInterface) { - throw new InvalidValueException('The identity object must implement AuthRoleInterface.'); - } - return $identity; - } - } -} \ No newline at end of file diff --git a/modules/user/components/AuthRoleModelInterface.php b/modules/user/components/AuthRoleModelInterface.php deleted file mode 100644 index ce52968..0000000 --- a/modules/user/components/AuthRoleModelInterface.php +++ /dev/null @@ -1,38 +0,0 @@ -