Skip to content

Commit

Permalink
Simplified RBAC, removed news/add action
Browse files Browse the repository at this point in the history
  • Loading branch information
@samdark
samdark committed Dec 24, 2014
1 parent bd38147 commit 2511dfe
Show file tree
Hide file tree
Showing 10 changed files with 37 additions and 120 deletions.
2 changes: 1 addition & 1 deletion .gitignore
View file
Expand Up @@ -31,4 +31,4 @@ phpunit.phar
/config/authclients.php

# rbac assignments
/rbac/assignments.php
/rbac
51 changes: 15 additions & 36 deletions commands/RbacController.php
View file
Expand Up @@ -10,52 +10,31 @@ class RbacController extends Controller
{
public function actionInit()
{
$auth = Yii::$app->authManager;

$createNews = $auth->createPermission('createNews');
$createNews->description = 'Create a news';
$auth->add($createNews);

$updateNews = $auth->createPermission('updateNews');
$updateNews->description = 'Update news';
$auth->add($updateNews);

$addUserNews = $auth->createPermission('addUserNews');
$addUserNews->description = 'User add news';
$auth->add($addUserNews);

$listNews = $auth->createPermission('listNews');
$listNews->description = 'Show list news';
$auth->add($listNews);
if (!$this->confirm("Are you sure? It will re-create permissions tree.")) {
return self::EXIT_CODE_NORMAL;
}

$deleteNews = $auth->createPermission('deleteNews');
$deleteNews->description = 'Delete news';
$auth->add($deleteNews);
$auth = Yii::$app->authManager;
$auth->removeAll();

$adminListNews = $auth->createPermission('adminListNews');
$adminListNews->description = 'Show list news';
$auth->add($adminListNews);
$adminNews = $auth->createPermission('adminNews');
$adminNews->description = 'Administrate news';
$auth->add($adminNews);

$user = $auth->createRole('user');
$user->description = 'Пользователь';
$auth->add($user);
$auth->addChild($user, $addUserNews);
$auth->addChild($user, $listNews);
$adminUsers = $auth->createPermission('adminUsers');
$adminUsers->description = 'Administrate users';
$auth->add($adminUsers);

$moderator = $auth->createRole('moderator');
$moderator->description = 'Модератор';
$moderator->description = 'Moderator';
$auth->add($moderator);
$auth->addChild($moderator, $createNews);
$auth->addChild($moderator, $updateNews);
$auth->addChild($moderator, $listNews);
$auth->addChild($moderator, $adminListNews);
$auth->addChild($moderator, $deleteNews);
$auth->addChild($moderator, $adminNews);

$admin = $auth->createRole('admin');
$admin->description = 'Администратор';
$admin->description = 'Administrator';
$auth->add($admin);
$auth->addChild($admin, $updateNews);
$auth->addChild($admin, $moderator);
$auth->addChild($admin, $adminUsers);
}

public function actionAssign($role, $userId)
Expand Down
15 changes: 1 addition & 14 deletions controllers/NewsController.php
View file
Expand Up @@ -26,7 +26,7 @@ public function behaviors()
[
'allow' => true,
'actions' => ['admin', 'create', 'update', 'delete'],
'roles' => ['moderator', 'admin'],
'roles' => ['adminUsers'],
],
],
],
Expand Down Expand Up @@ -97,19 +97,6 @@ public function actionAdmin($status = null)
]);
}

public function actionCreate()
{
$model = new News();
$model->scenario = 'insert';
if ($model->load(Yii::$app->request->post()) && $model->save()) {
return $this->redirect(['view', 'id' => $model->id]);
} else {
return $this->render('create', [
'model' => $model,
]);
}
}

public function actionUpdate($id)
{
$model = $this->findModel($id);
Expand Down
4 changes: 2 additions & 2 deletions models/News.php
View file
Expand Up @@ -25,6 +25,7 @@ class News extends ActiveRecord
const STATUS_DELETED = 3;

const SCENARIO_SUGGEST = 'suggest';
const SCENARIO_UPDATE = 'update';

/**
* @inheritdoc
Expand Down Expand Up @@ -54,8 +55,7 @@ public function scenarios()
{
$scenarios = parent::scenarios();
$scenarios[self::SCENARIO_SUGGEST] = ['title', 'text', 'link'];
$scenarios['insert'] = ['title', 'text', 'link', 'status'];
$scenarios['update'] = ['title', 'text', 'link', 'status'];
$scenarios[self::SCENARIO_UPDATE] = ['title', 'text', 'link', 'status'];
return $scenarios;
}

Expand Down
44 changes: 8 additions & 36 deletions rbac/items.php
View file
@@ -1,54 +1,26 @@
<?php
return [
'createNews' => [
'adminNews' => [
'type' => 2,
'description' => 'Create a news',
'description' => 'Administrate news',
],
'updateNews' => [
'adminUsers' => [
'type' => 2,
'description' => 'Update news',
],
'addUserNews' => [
'type' => 2,
'description' => 'User add news',
],
'listNews' => [
'type' => 2,
'description' => 'Show list news',
],
'deleteNews' => [
'type' => 2,
'description' => 'Delete news',
],
'adminListNews' => [
'type' => 2,
'description' => 'Show list news',
],
'user' => [
'type' => 1,
'description' => 'Пользователь',
'children' => [
'addUserNews',
'listNews',
],
'description' => 'Administrate users',
],
'moderator' => [
'type' => 1,
'description' => 'Модератор',
'description' => 'Moderator',
'children' => [
'createNews',
'updateNews',
'listNews',
'adminListNews',
'deleteNews',
'adminNews',
],
],
'admin' => [
'type' => 1,
'description' => 'Администратор',
'description' => 'Administrator',
'children' => [
'updateNews',
'moderator',
'adminUsers',
],
],
];
3 changes: 2 additions & 1 deletion views/layouts/main.php
View file
Expand Up @@ -41,7 +41,8 @@
$menuItems[] = ['label' => 'Signup', 'url' => ['/site/signup']];
$menuItems[] = ['label' => 'Login', 'url' => ['/site/login']];
} else {
$menuItems[] = ['label' => 'News admin', 'url' => ['/news/admin'], 'visible'=>(\Yii::$app->user->can('moderator')||\Yii::$app->user->can('admin'))?true:false];
$menuItems[] = ['label' => 'News admin', 'url' => ['/news/admin'], 'visible'=> \Yii::$app->user->can('adminNews')];
$menuItems[] = ['label' => 'User admin', 'url' => ['/user/index'], 'visible'=> \Yii::$app->user->can('adminUsers')];
$menuItems[] = ['label' => Yii::$app->user->identity->username, 'url' => ['/user/view', 'id' => \Yii::$app->user->id]];
$menuItems[] = [
'label' => 'Logout',
Expand Down
2 changes: 1 addition & 1 deletion views/news/_form.php
View file
Expand Up @@ -17,6 +17,6 @@
<?= $form->field($model, 'link')->textInput(['maxlength' => 255]) ?>
<?= $form->field($model, 'status')->dropDownList(\app\models\News::getStatuses()) ?>
<div class="form-group">
<?= Html::submitButton($model->isNewRecord ? Yii::t('news', 'Create') : Yii::t('news', 'Update'), ['class' => $model->isNewRecord ? 'btn btn-success' : 'btn btn-primary']) ?>
<?= Html::submitButton(Yii::t('news', 'Update'), ['class' => $model->isNewRecord ? 'btn btn-success' : 'btn btn-primary']) ?>
</div>
<?php ActiveForm::end(); ?>
22 changes: 0 additions & 22 deletions views/news/create.php
View file

This file was deleted.

12 changes: 6 additions & 6 deletions views/news/view.php
View file
Expand Up @@ -10,7 +10,7 @@
<div class="row news-view">

<div class="col-xs-12">
<?php if(\Yii::$app->user->can('moderator')||\Yii::$app->user->can('admin')){ ?>
<?php if(\Yii::$app->user->can('adminNews')): ?>
<div class="controls">
<?= Html::a(Yii::t('news', 'Update'), ['update', 'id' => $model->id], ['class' => 'btn btn-primary']) ?>
<?= Html::a(Yii::t('news', 'Delete'), ['delete', 'id' => $model->id], [
Expand All @@ -21,10 +21,10 @@
],
]) ?>
</div>
<?php } ?>
<?= $this->render('_view', [
'isFull' => true,
'model' => $model,
]) ?>
<?php endif ?>
<?= $this->render('_view', [
'isFull' => true,
'model' => $model,
]) ?>
</div>
</div>
2 changes: 1 addition & 1 deletion views/user/view.php
View file
Expand Up @@ -19,7 +19,7 @@
<div class="col-xs-6">
<h1><?= Html::encode($this->title) ?></h1>

<?php if (Yii::$app->user->can('admin')): ?>
<?php if (Yii::$app->user->can('adminUsers')): ?>
<p>
<?= Html::a(Yii::t('app', 'Update'), ['update', 'id' => $model->id], ['class' => 'btn btn-primary']) ?>
<?= Html::a(Yii::t('app', 'Delete'), ['delete', 'id' => $model->id], [
Expand Down

0 comments on commit 2511dfe

Please sign in to comment.