Skip to content

Moved authManager from base to web application #1192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Moved authManager from base to web application #1192

wants to merge 1 commit into from

Conversation

@samdark
Copy link
Member

@samdark samdark commented Nov 13, 2013

It's rarely used in apps other than web and can be set in config if needed.

@samdark
Moved authManager from base to web application since it's rarely used…
89aa62f 
… in apps other than web and can be set in config if needed
@klimov-paul
Copy link
Member

klimov-paul commented Nov 13, 2013

Disagreed.
It could be a situation, when I need RBAC checks even in console application. Indeed it will unlikely check current user permissions, but it can be used to check permissions for the particular user in the database.

// Some cron script:
$users = User::find()->all();
foreach ($users as $user) {
    if (Yii::$app->authManager->checkAccess($user->id, 'adminNotification')) {
        Yii::$app->mail->... ->send();
    }
}

@coveralls
Copy link

coveralls commented Nov 13, 2013

Coverage Status

Coverage remained the same when pulling 89aa62f on moved-auth-to-web into 0eaafd7 on master.

@ponikrf
Copy link

ponikrf commented Nov 13, 2013

Am... if count users over 9000? superfast realization...
imho you went on the wrong side
And... you can load this component late...

Sorry for my english

@klimov-paul
Copy link
Member

klimov-paul commented Nov 13, 2013

if count users over 9000?

Need to use DataProvider with pagination then. This is a concept example after all.

you can load this component late

I can tell same thing about almost any application component. Following this philosophy we should remove “authManager” even from yii\web\Application, because it could be a web application, which will not use RBAC.

RBAC is not web-specific feature – it is a basic thing, which can be used anywhere, so it should be kept in the base application.

@samdark
Copy link
Member Author

samdark commented Nov 13, 2013

Yes, it can be used in console but it's rare in practice. Nothing prevents you from adding it later via config.

@ponikrf
Copy link

ponikrf commented Nov 13, 2013

Following your logic, anything can be used anywhere.

RBAC is not web-specific feature – it is a basic thing, which can be used anywhere, so it should be kept in the >base application.

Basic application can not exist without RBAC? seriously?

@qiangxue
Copy link
Member

qiangxue commented Nov 13, 2013

I think it should remain in base application. It's like urlManager. You usually don't directly use it in console, but you often need to work with it (such as maintaining RBAC, generating URLs, etc.)

@samdark
Copy link
Member Author

samdark commented Nov 13, 2013

Makes sense.

@samdark samdark closed this Nov 13, 2013
@ponikrf
Copy link

ponikrf commented Nov 13, 2013

If you add this method to \yii\web\Application and \yii\console\Application and remove from \yii\base\application?
You do not like this practice?

@cebe
Copy link
Member

cebe commented Nov 13, 2013

@ponikrf it would be duplicating code that can be done in one place. so not a good solution.

@cebe cebe deleted the moved-auth-to-web branch November 26, 2013 20:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@samdark @klimov-paul @coveralls @ponikrf @qiangxue @cebe