Class yii\rbac\PhpManager

继承yii\rbac\PhpManager » yii\rbac\BaseManager » yii\base\Component » yii\base\BaseObject
实现yii\base\Configurable, yii\rbac\ManagerInterface
可用自版本2.0
源代码 https://github.com/yiisoft/yii2/blob/master/framework/rbac/PhpManager.php

PhpManager represents an authorization manager that stores authorization information in terms of a PHP script file.

The authorization data will be saved to and loaded from three files specified by $itemFile, $assignmentFile and $ruleFile.

PhpManager is mainly suitable for authorization data that is not too big (for example, the authorization data for a personal blog system). Use yii\rbac\DbManager for more complex authorization data.

Note that PhpManager is not compatible with facebooks HHVM because it relies on writing php files and including them afterwards which is not supported by HHVM.

For more details and usage information on PhpManager, see the guide article on security authorization.

公共属性

隐藏继承的属性

属性类型描述定义在
$assignmentFile string The path of the PHP script that contains the authorization assignments. yii\rbac\PhpManager
$behaviors yii\base\Behavior[] 附加到此组件的行为列表. 该属性是只读的. yii\base\Component
$defaultRoleInstances yii\rbac\Role[] Default roles. The array is indexed by the role names. This property is read-only. yii\rbac\BaseManager
$itemFile string The path of the PHP script that contains the authorization items. yii\rbac\PhpManager
$permissions yii\rbac\Permission[] All permissions in the system. yii\rbac\BaseManager
$roles yii\rbac\Role[] All roles in the system. yii\rbac\BaseManager
$ruleFile string The path of the PHP script that contains the authorization rules. yii\rbac\PhpManager

受保护的属性

隐藏继承的属性

属性类型描述定义在
$assignments array yii\rbac\PhpManager
$children array yii\rbac\PhpManager
$defaultRoles array A list of role names that are assigned to every user automatically without calling assign(). yii\rbac\BaseManager
$items yii\rbac\Item[] yii\rbac\PhpManager
$rules yii\rbac\Rule[] yii\rbac\PhpManager

公共方法

隐藏继承的方法

方法描述定义在
__call() 调用不是类方法的指定的方法. yii\base\Component
__clone() 在通过克隆现有对象创建对象之后调用此方法. yii\base\Component
__construct() 构造函数. yii\base\BaseObject
__get() 返回组件属性的值. yii\base\Component
__isset() 检查属性是否已设置, 即已定义且不为null. yii\base\Component
__set() 设置组件属性的值. yii\base\Component
__unset() 将组件属性设置为null. yii\base\Component
add() Adds a role, permission or rule to the RBAC system. yii\rbac\BaseManager
addChild() Adds an item as a child of another item. yii\rbac\PhpManager
assign() Assigns a role to a user. yii\rbac\PhpManager
attachBehavior() 将行为附加到此组件. yii\base\Component
attachBehaviors() 将行为列表附加到组件. yii\base\Component
behaviors() 返回此组件应该具有的行为列表. yii\base\Component
canAddChild() Checks the possibility of adding a child to parent. yii\rbac\PhpManager
canGetProperty() 返回一个值, 指示属性是否可读取. yii\base\Component
canSetProperty() 返回一个值, 指示属性是否可设置. yii\base\Component
checkAccess() yii\rbac\PhpManager
className() 返回此类的完全限定名称. yii\base\BaseObject
createPermission() Creates a new Permission object. yii\rbac\BaseManager
createRole() Creates a new Role object. yii\rbac\BaseManager
detachBehavior() 从组件中分离一个行为. yii\base\Component
detachBehaviors() 分离组件中的所有行为. yii\base\Component
ensureBehaviors() 确保在 behaviors() 中声明的行为已附加到此组件. yii\base\Component
getAssignment() Returns the assignment information regarding a role and a user. yii\rbac\PhpManager
getAssignments() Returns all role assignment information for the specified user. yii\rbac\PhpManager
getBehavior() 返回指定的行为对象. yii\base\Component
getBehaviors() 返回附加到此组件的所有行为. yii\base\Component
getChildRoles() Returns child roles of the role specified. Depth isn't limited. yii\rbac\PhpManager
getChildren() Returns the child permissions and/or roles. yii\rbac\PhpManager
getDefaultRoleInstances() Returns defaultRoles as array of Role objects. yii\rbac\BaseManager
getDefaultRoles() Get default roles yii\rbac\BaseManager
getItem() Returns the named auth item. yii\rbac\PhpManager
getItems() Returns the items of the specified type. yii\rbac\PhpManager
getPermission() Returns the named permission. yii\rbac\BaseManager
getPermissions() Returns all permissions in the system. yii\rbac\BaseManager
getPermissionsByRole() Returns all permissions that the specified role represents. yii\rbac\PhpManager
getPermissionsByUser() Returns all permissions that the user has. yii\rbac\PhpManager
getRole() Returns the named role. yii\rbac\BaseManager
getRoles() Returns all roles in the system. yii\rbac\BaseManager
getRolesByUser() {@inheritdoc} The roles returned by this method include the roles assigned via $defaultRoles. yii\rbac\PhpManager
getRule() Returns the rule of the specified name. yii\rbac\PhpManager
getRules() Returns all rules available in the system. yii\rbac\PhpManager
getUserIdsByRole() Returns all user IDs assigned to the role specified. yii\rbac\PhpManager
hasChild() Returns a value indicating whether the child already exists for the parent. yii\rbac\PhpManager
hasEventHandlers() 返回一个值, 指示是否有任何处理程序附加到指定的事件. yii\base\Component
hasMethod() 返回一个值, 指示方法是否已定义. yii\base\Component
hasProperty() 返回一个值, 指示属性是否已定义. yii\base\Component
init() Initializes the application component. yii\rbac\PhpManager
off() 从该组件分离现有的事件处理程序. yii\base\Component
on() 将事件处理程序附加到事件. yii\base\Component
remove() Removes a role, permission or rule from the RBAC system. yii\rbac\BaseManager
removeAll() Removes all authorization data, including roles, permissions, rules, and assignments. yii\rbac\PhpManager
removeAllAssignments() Removes all role assignments. yii\rbac\PhpManager
removeAllPermissions() Removes all permissions. yii\rbac\PhpManager
removeAllRoles() Removes all roles. yii\rbac\PhpManager
removeAllRules() Removes all rules. yii\rbac\PhpManager
removeChild() Removes a child from its parent. yii\rbac\PhpManager
removeChildren() Removed all children form their parent. yii\rbac\PhpManager
removeItem() Removes an auth item from the RBAC system. yii\rbac\PhpManager
revoke() Revokes a role from a user. yii\rbac\PhpManager
revokeAll() Revokes all roles from a user. yii\rbac\PhpManager
setDefaultRoles() Set default roles yii\rbac\BaseManager
trigger() 触发事件. yii\base\Component
update() Updates the specified role, permission or rule in the system. yii\rbac\BaseManager
updateRule() Updates a rule to the RBAC system. yii\rbac\PhpManager

受保护的方法

隐藏继承的方法

方法描述定义在
addItem() Adds an auth item to the RBAC system. yii\rbac\PhpManager
addRule() Adds a rule to the RBAC system. yii\rbac\PhpManager
checkAccessRecursive() Performs access check for the specified user. yii\rbac\PhpManager
detectLoop() Checks whether there is a loop in the authorization item hierarchy. yii\rbac\PhpManager
executeRule() Executes the rule associated with the specified auth item. yii\rbac\BaseManager
getChildrenRecursive() Recursively finds all children and grand children of the specified item. yii\rbac\PhpManager
getDirectPermissionsByUser() Returns all permissions that are directly assigned to user. yii\rbac\PhpManager
getInheritedPermissionsByUser() Returns all permissions that the user inherits from the roles assigned to him. yii\rbac\PhpManager
hasNoAssignments() Checks whether array of $assignments is empty and $defaultRoles property is empty as well. yii\rbac\BaseManager
invalidateScriptCache() Invalidates precompiled script cache (such as OPCache or APC) for the given file. yii\rbac\PhpManager
load() Loads authorization data from persistent storage. yii\rbac\PhpManager
loadFromFile() Loads the authorization data from a PHP script file. yii\rbac\PhpManager
removeAllItems() Removes all auth items of the specified type. yii\rbac\PhpManager
removeRule() Removes a rule from the RBAC system. yii\rbac\PhpManager
save() Saves authorization data into persistent storage. yii\rbac\PhpManager
saveAssignments() Saves assignments data into persistent storage. yii\rbac\PhpManager
saveItems() Saves items data into persistent storage. yii\rbac\PhpManager
saveRules() Saves rules data into persistent storage. yii\rbac\PhpManager
saveToFile() Saves the authorization data to a PHP script file. yii\rbac\PhpManager
updateItem() Updates an auth item in the RBAC system. yii\rbac\PhpManager

属性详情

$assignmentFile public 属性

The path of the PHP script that contains the authorization assignments. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.

参见:

public string $assignmentFile '@app/rbac/assignments.php'
$assignments protected 属性
protected array $assignments = []
$children protected 属性
protected array $children = []
$itemFile public 属性

The path of the PHP script that contains the authorization items. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.

参见:

public string $itemFile '@app/rbac/items.php'
$items protected 属性
protected yii\rbac\Item[] $items = []
$ruleFile public 属性

The path of the PHP script that contains the authorization rules. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.

参见:

public string $ruleFile '@app/rbac/rules.php'
$rules protected 属性
protected yii\rbac\Rule[] $rules = []

方法详情

addChild() public 方法

Adds an item as a child of another item.

public boolean addChild ( $parent, $child )
$parent yii\rbac\Item
$child yii\rbac\Item
return boolean

Whether the child successfully added

throws yii\base\Exception

if the parent-child relationship already exists or if a loop has been detected.

addItem() protected 方法

Adds an auth item to the RBAC system.

protected boolean addItem ( $item )
$item yii\rbac\Item

The item to add

return boolean

Whether the auth item is successfully added to the system

throws Exception

if data validation or saving fails (such as the name of the role or permission is not unique)

addRule() protected 方法

Adds a rule to the RBAC system.

protected boolean addRule ( $rule )
$rule yii\rbac\Rule

The rule to add

return boolean

Whether the rule is successfully added to the system

throws Exception

if data validation or saving fails (such as the name of the rule is not unique)

assign() public 方法

Assigns a role to a user.

public yii\rbac\Assignment assign ( $role, $userId )
$role yii\rbac\Role|yii\rbac\Permission
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Assignment

The role assignment information.

throws Exception

if the role has already been assigned to the user

canAddChild() public 方法 (可用自版本: 2.0.8)

Checks the possibility of adding a child to parent.

public boolean canAddChild ( $parent, $child )
$parent yii\rbac\Item

The parent item

$child yii\rbac\Item

The child item to be added to the hierarchy

return boolean

Possibility of adding

checkAccess() public 方法

public void checkAccess ( $userId, $permissionName, $params = [] )
$userId
$permissionName
$params
checkAccessRecursive() protected 方法

Performs access check for the specified user.

This method is internally called by checkAccess().

protected boolean checkAccessRecursive ( $user, $itemName, $params, $assignments )
$user string|integer

The user ID. This should can be either an integer or a string representing the unique identifier of a user. See yii\web\User::$id.

$itemName string

The name of the operation that need access check

$params array

Name-value pairs that would be passed to rules associated with the tasks and roles assigned to the user. A param with name 'user' is added to this array, which holds the value of $userId.

$assignments yii\rbac\Assignment[]

The assignments to the specified user

return boolean

Whether the operations can be performed by the user.

detectLoop() protected 方法

Checks whether there is a loop in the authorization item hierarchy.

protected boolean detectLoop ( $parent, $child )
$parent yii\rbac\Item

Parent item

$child yii\rbac\Item

The child item that is to be added to the hierarchy

return boolean

Whether a loop exists

getAssignment() public 方法

Returns the assignment information regarding a role and a user.

public null|yii\rbac\Assignment getAssignment ( $roleName, $userId )
$roleName string

The role name

$userId string|integer

The user ID (see yii\web\User::$id)

return null|yii\rbac\Assignment

The assignment information. Null is returned if the role is not assigned to the user.

getAssignments() public 方法

Returns all role assignment information for the specified user.

public yii\rbac\Assignment[] getAssignments ( $userId )
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Assignment[]

The assignments indexed by role names. An empty array will be returned if there is no role assigned to the user.

getChildRoles() public 方法 (可用自版本: 2.0.10)

Returns child roles of the role specified. Depth isn't limited.

public yii\rbac\Role[] getChildRoles ( $roleName )
$roleName string

Name of the role to file child roles for

return yii\rbac\Role[]

Child roles. The array is indexed by the role names. First element is an instance of the parent Role itself.

throws yii\base\InvalidParamException

if Role was not found that are getting by $roleName

getChildren() public 方法

Returns the child permissions and/or roles.

public yii\rbac\Item[] getChildren ( $name )
$name string

The parent name

return yii\rbac\Item[]

The child permissions and/or roles

getChildrenRecursive() protected 方法

Recursively finds all children and grand children of the specified item.

protected void getChildrenRecursive ( $name, &$result )
$name string

The name of the item whose children are to be looked for.

$result array

The children and grand children (in array keys)

getDirectPermissionsByUser() protected 方法 (可用自版本: 2.0.7)

Returns all permissions that are directly assigned to user.

protected yii\rbac\Permission[] getDirectPermissionsByUser ( $userId )
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Permission[]

All direct permissions that the user has. The array is indexed by the permission names.

getInheritedPermissionsByUser() protected 方法 (可用自版本: 2.0.7)

Returns all permissions that the user inherits from the roles assigned to him.

protected yii\rbac\Permission[] getInheritedPermissionsByUser ( $userId )
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Permission[]

All inherited permissions that the user has. The array is indexed by the permission names.

getItem() public 方法

Returns the named auth item.

public yii\rbac\Item getItem ( $name )
$name string

The auth item name.

return yii\rbac\Item

The auth item corresponding to the specified name. Null is returned if no such item.

getItems() public 方法

Returns the items of the specified type.

public yii\rbac\Item[] getItems ( $type )
$type integer

The auth item type (either yii\rbac\Item::TYPE_ROLE or yii\rbac\Item::TYPE_PERMISSION

return yii\rbac\Item[]

The auth items of the specified type.

getPermissionsByRole() public 方法

Returns all permissions that the specified role represents.

public yii\rbac\Permission[] getPermissionsByRole ( $roleName )
$roleName string

The role name

return yii\rbac\Permission[]

All permissions that the role represents. The array is indexed by the permission names.

getPermissionsByUser() public 方法

Returns all permissions that the user has.

public yii\rbac\Permission[] getPermissionsByUser ( $userId )
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Permission[]

All permissions that the user has. The array is indexed by the permission names.

getRolesByUser() public 方法

{@inheritdoc} The roles returned by this method include the roles assigned via $defaultRoles.

public void getRolesByUser ( $userId )
$userId
getRule() public 方法

Returns the rule of the specified name.

public null|yii\rbac\Rule getRule ( $name )
$name string

The rule name

return null|yii\rbac\Rule

The rule object, or null if the specified name does not correspond to a rule.

getRules() public 方法

Returns all rules available in the system.

public yii\rbac\Rule[] getRules ( )
return yii\rbac\Rule[]

The rules indexed by the rule names

getUserIdsByRole() public 方法 (可用自版本: 2.0.7)

Returns all user IDs assigned to the role specified.

public array getUserIdsByRole ( $roleName )
$roleName string
return array

Array of user ID strings

hasChild() public 方法

Returns a value indicating whether the child already exists for the parent.

public boolean hasChild ( $parent, $child )
$parent yii\rbac\Item
$child yii\rbac\Item
return boolean

Whether $child is already a child of $parent

init() public 方法

Initializes the application component.

This method overrides parent implementation by loading the authorization data from PHP script.

public void init ( )
invalidateScriptCache() protected 方法 (可用自版本: 2.0.9)

Invalidates precompiled script cache (such as OPCache or APC) for the given file.

protected void invalidateScriptCache ( $file )
$file string

The file path.

load() protected 方法

Loads authorization data from persistent storage.

protected void load ( )
loadFromFile() protected 方法

Loads the authorization data from a PHP script file.

参见 saveToFile().

protected array loadFromFile ( $file )
$file string

The file path.

return array

The authorization data

removeAll() public 方法

Removes all authorization data, including roles, permissions, rules, and assignments.

public void removeAll ( )
removeAllAssignments() public 方法

Removes all role assignments.

public void removeAllAssignments ( )
removeAllItems() protected 方法

Removes all auth items of the specified type.

protected void removeAllItems ( $type )
$type integer

The auth item type (either Item::TYPE_PERMISSION or Item::TYPE_ROLE)

removeAllPermissions() public 方法

Removes all permissions.

All parent child relations will be adjusted accordingly.

public void removeAllPermissions ( )
removeAllRoles() public 方法

Removes all roles.

All parent child relations will be adjusted accordingly.

public void removeAllRoles ( )
removeAllRules() public 方法

Removes all rules.

All roles and permissions which have rules will be adjusted accordingly.

public void removeAllRules ( )
removeChild() public 方法

Removes a child from its parent.

Note, the child item is not deleted. Only the parent-child relationship is removed.

public boolean removeChild ( $parent, $child )
$parent yii\rbac\Item
$child yii\rbac\Item
return boolean

Whether the removal is successful

removeChildren() public 方法

Removed all children form their parent.

Note, the children items are not deleted. Only the parent-child relationships are removed.

public boolean removeChildren ( $parent )
$parent yii\rbac\Item
return boolean

Whether the removal is successful

removeItem() public 方法

Removes an auth item from the RBAC system.

public boolean removeItem ( $item )
$item yii\rbac\Item

The item to remove

return boolean

Whether the role or permission is successfully removed

throws Exception

if data validation or saving fails (such as the name of the role or permission is not unique)

removeRule() protected 方法

Removes a rule from the RBAC system.

protected boolean removeRule ( $rule )
$rule yii\rbac\Rule

The rule to remove

return boolean

Whether the rule is successfully removed

throws Exception

if data validation or saving fails (such as the name of the rule is not unique)

revoke() public 方法

Revokes a role from a user.

public boolean revoke ( $role, $userId )
$role yii\rbac\Role|yii\rbac\Permission
$userId string|integer

The user ID (see yii\web\User::$id)

return boolean

Whether the revoking is successful

revokeAll() public 方法

Revokes all roles from a user.

public boolean revokeAll ( $userId )
$userId mixed

The user ID (see yii\web\User::$id)

return boolean

Whether the revoking is successful

save() protected 方法

Saves authorization data into persistent storage.

protected void save ( )
saveAssignments() protected 方法

Saves assignments data into persistent storage.

protected void saveAssignments ( )
saveItems() protected 方法

Saves items data into persistent storage.

protected void saveItems ( )
saveRules() protected 方法

Saves rules data into persistent storage.

protected void saveRules ( )
saveToFile() protected 方法

Saves the authorization data to a PHP script file.

参见 loadFromFile().

protected void saveToFile ( $data, $file )
$data array

The authorization data

$file string

The file path.

updateItem() protected 方法

Updates an auth item in the RBAC system.

protected boolean updateItem ( $name, $item )
$name string

The name of the item being updated

$item yii\rbac\Item

The updated item

return boolean

Whether the auth item is successfully updated

throws Exception

if data validation or saving fails (such as the name of the role or permission is not unique)

updateRule() public 方法

Updates a rule to the RBAC system.

public boolean updateRule ( $name, $rule )
$name string

The name of the rule being updated

$rule yii\rbac\Rule

The updated rule

return boolean

Whether the rule is successfully updated

throws Exception

if data validation or saving fails (such as the name of the rule is not unique)