Class yii\rbac\PhpManager
| Inheritance | yii\rbac\PhpManager » yii\rbac\BaseManager » yii\base\Component » yii\base\Object |
|---|---|
| Implements | yii\base\Configurable, yii\rbac\ManagerInterface |
| Available since version | 2.0 |
| Source Code | https://github.com/yiisoft/yii2/blob/master/framework/rbac/PhpManager.php |
PhpManager represents an authorization manager that stores authorization information in terms of a PHP script file.
The authorization data will be saved to and loaded from three files specified by $itemFile, $assignmentFile and $ruleFile.
PhpManager is mainly suitable for authorization data that is not too big (for example, the authorization data for a personal blog system). Use yii\rbac\DbManager for more complex authorization data.
Note that PhpManager is not compatible with facebooks HHVM because it relies on writing php files and including them afterwards which is not supported by HHVM.
Public Properties
| Property | Type | Description | Defined By |
|---|---|---|---|
| $assignmentFile | string | The path of the PHP script that contains the authorization assignments. | yii\rbac\PhpManager |
| $behaviors | yii\base\Behavior[] | List of behaviors attached to this component | yii\base\Component |
| $defaultRoles | array | A list of role names that are assigned to every user automatically without calling assign(). | yii\rbac\BaseManager |
| $itemFile | string | The path of the PHP script that contains the authorization items. | yii\rbac\PhpManager |
| $permissions | yii\rbac\Permission[] | All permissions in the system. | yii\rbac\BaseManager |
| $roles | yii\rbac\Role[] | All roles in the system. | yii\rbac\BaseManager |
| $ruleFile | string | The path of the PHP script that contains the authorization rules. | yii\rbac\PhpManager |
Protected Properties
| Property | Type | Description | Defined By |
|---|---|---|---|
| $assignments | array | yii\rbac\PhpManager | |
| $children | array | yii\rbac\PhpManager | |
| $items | yii\rbac\Item[] | yii\rbac\PhpManager | |
| $rules | yii\rbac\Rule[] | yii\rbac\PhpManager |
Public Methods
| Method | Description | Defined By |
|---|---|---|
| __call() | Calls the named method which is not a class method. | yii\base\Component |
| __clone() | This method is called after the object is created by cloning an existing one. | yii\base\Component |
| __construct() | Constructor. | yii\base\Object |
| __get() | Returns the value of a component property. | yii\base\Component |
| __isset() | Checks if a property is set, i.e. defined and not null. | yii\base\Component |
| __set() | Sets the value of a component property. | yii\base\Component |
| __unset() | Sets a component property to be null. | yii\base\Component |
| add() | Adds a role, permission or rule to the RBAC system. | yii\rbac\BaseManager |
| addChild() | Adds an item as a child of another item. | yii\rbac\PhpManager |
| assign() | Assigns a role to a user. | yii\rbac\PhpManager |
| attachBehavior() | Attaches a behavior to this component. | yii\base\Component |
| attachBehaviors() | Attaches a list of behaviors to the component. | yii\base\Component |
| behaviors() | Returns a list of behaviors that this component should behave as. | yii\base\Component |
| canGetProperty() | Returns a value indicating whether a property can be read. | yii\base\Component |
| canSetProperty() | Returns a value indicating whether a property can be set. | yii\base\Component |
| checkAccess() | Checks if the user has the specified permission. | yii\rbac\PhpManager |
| className() | Returns the fully qualified name of this class. | yii\base\Object |
| createPermission() | Creates a new Permission object. | yii\rbac\BaseManager |
| createRole() | Creates a new Role object. | yii\rbac\BaseManager |
| detachBehavior() | Detaches a behavior from the component. | yii\base\Component |
| detachBehaviors() | Detaches all behaviors from the component. | yii\base\Component |
| ensureBehaviors() | Makes sure that the behaviors declared in behaviors() are attached to this component. | yii\base\Component |
| getAssignment() | Returns the assignment information regarding a role and a user. | yii\rbac\PhpManager |
| getAssignments() | Returns all role assignment information for the specified user. | yii\rbac\PhpManager |
| getBehavior() | Returns the named behavior object. | yii\base\Component |
| getBehaviors() | Returns all behaviors attached to this component. | yii\base\Component |
| getChildren() | Returns the child permissions and/or roles. | yii\rbac\PhpManager |
| getItem() | Returns the named auth item. | yii\rbac\PhpManager |
| getItems() | Returns the items of the specified type. | yii\rbac\PhpManager |
| getPermission() | Returns the named permission. | yii\rbac\BaseManager |
| getPermissions() | Returns all permissions in the system. | yii\rbac\BaseManager |
| getPermissionsByRole() | Returns all permissions that the specified role represents. | yii\rbac\PhpManager |
| getPermissionsByUser() | Returns all permissions that the user has. | yii\rbac\PhpManager |
| getRole() | Returns the named role. | yii\rbac\BaseManager |
| getRoles() | Returns all roles in the system. | yii\rbac\BaseManager |
| getRolesByUser() | Returns the roles that are assigned to the user via assign(). | yii\rbac\PhpManager |
| getRule() | Returns the rule of the specified name. | yii\rbac\PhpManager |
| getRules() | Returns all rules available in the system. | yii\rbac\PhpManager |
| hasChild() | Returns a value indicating whether the child already exists for the parent. | yii\rbac\PhpManager |
| hasEventHandlers() | Returns a value indicating whether there is any handler attached to the named event. | yii\base\Component |
| hasMethod() | Returns a value indicating whether a method is defined. | yii\base\Component |
| hasProperty() | Returns a value indicating whether a property is defined for this component. | yii\base\Component |
| init() | Initializes the application component. | yii\rbac\PhpManager |
| off() | Detaches an existing event handler from this component. | yii\base\Component |
| on() | Attaches an event handler to an event. | yii\base\Component |
| remove() | Removes a role, permission or rule from the RBAC system. | yii\rbac\BaseManager |
| removeAll() | Removes all authorization data, including roles, permissions, rules, and assignments. | yii\rbac\PhpManager |
| removeAllAssignments() | Removes all role assignments. | yii\rbac\PhpManager |
| removeAllPermissions() | Removes all permissions. | yii\rbac\PhpManager |
| removeAllRoles() | Removes all roles. | yii\rbac\PhpManager |
| removeAllRules() | Removes all rules. | yii\rbac\PhpManager |
| removeChild() | Removes a child from its parent. | yii\rbac\PhpManager |
| removeChildren() | Removed all children form their parent. | yii\rbac\PhpManager |
| removeItem() | Removes an auth item from the RBAC system. | yii\rbac\PhpManager |
| revoke() | Revokes a role from a user. | yii\rbac\PhpManager |
| revokeAll() | Revokes all roles from a user. | yii\rbac\PhpManager |
| trigger() | Triggers an event. | yii\base\Component |
| update() | Updates the specified role, permission or rule in the system. | yii\rbac\BaseManager |
| updateRule() | Updates a rule to the RBAC system. | yii\rbac\PhpManager |
Protected Methods
| Method | Description | Defined By |
|---|---|---|
| addItem() | Adds an auth item to the RBAC system. | yii\rbac\PhpManager |
| addRule() | Adds a rule to the RBAC system. | yii\rbac\PhpManager |
| checkAccessRecursive() | Performs access check for the specified user. | yii\rbac\PhpManager |
| detectLoop() | Checks whether there is a loop in the authorization item hierarchy. | yii\rbac\PhpManager |
| executeRule() | Executes the rule associated with the specified auth item. | yii\rbac\BaseManager |
| getChildrenRecursive() | Recursively finds all children and grand children of the specified item. | yii\rbac\PhpManager |
| load() | Loads authorization data from persistent storage. | yii\rbac\PhpManager |
| loadFromFile() | Loads the authorization data from a PHP script file. | yii\rbac\PhpManager |
| removeAllItems() | Removes all auth items of the specified type. | yii\rbac\PhpManager |
| removeRule() | Removes a rule from the RBAC system. | yii\rbac\PhpManager |
| save() | Saves authorization data into persistent storage. | yii\rbac\PhpManager |
| saveAssignments() | Saves assignments data into persistent storage. | yii\rbac\PhpManager |
| saveItems() | Saves items data into persistent storage. | yii\rbac\PhpManager |
| saveRules() | Saves rules data into persistent storage. | yii\rbac\PhpManager |
| saveToFile() | Saves the authorization data to a PHP script file. | yii\rbac\PhpManager |
| updateItem() | Updates an auth item in the RBAC system. | yii\rbac\PhpManager |
Property Details
The path of the PHP script that contains the authorization assignments. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.
See also:
The path of the PHP script that contains the authorization items. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.
See also:
The path of the PHP script that contains the authorization rules. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.
See also:
Method Details
Adds an item as a child of another item.
| void addChild( $parent, $child ) | ||
| $parent | yii\rbac\Item | |
| $child | yii\rbac\Item | |
| throws | yii\base\Exception | if the parent-child relationship already exists or if a loop has been detected. |
|---|---|---|
Adds an auth item to the RBAC system.
| boolean addItem( $item ) | ||
| $item | yii\rbac\Item | The item to add |
| return | boolean | Whether the auth item is successfully added to the system |
|---|---|---|
| throws | Exception | if data validation or saving fails (such as the name of the role or permission is not unique) |
Adds a rule to the RBAC system.
| boolean addRule( $rule ) | ||
| $rule | yii\rbac\Rule | The rule to add |
| return | boolean | Whether the rule is successfully added to the system |
|---|---|---|
| throws | Exception | if data validation or saving fails (such as the name of the rule is not unique) |
Assigns a role to a user.
| yii\rbac\Assignment assign( $role, $userId ) | ||
| $role | yii\rbac\Role | |
| $userId | string|integer | The user ID (see yii\web\User::$id) |
| return | yii\rbac\Assignment | The role assignment information. |
|---|---|---|
| throws | Exception | if the role has already been assigned to the user |
Checks if the user has the specified permission.
| boolean checkAccess( $userId, $permissionName, $params = [] ) | ||
| $userId | string|integer | The user ID. This should be either an integer or a string representing the unique identifier of a user. See yii\web\User::$id. |
| $permissionName | string | The name of the permission to be checked against |
| $params | array | Name-value pairs that will be passed to the rules associated with the roles and permissions assigned to the user. |
| return | boolean | Whether the user has the specified permission. |
|---|---|---|
| throws | yii\base\InvalidParamException | if $permissionName does not refer to an existing permission |
Performs access check for the specified user.
This method is internally called by checkAccess().
| boolean checkAccessRecursive( $user, $itemName, $params, $assignments ) | ||
| $user | string|integer | The user ID. This should can be either an integer or a string representing the unique identifier of a user. See yii\web\User::$id. |
| $itemName | string | The name of the operation that need access check |
| $params | array | Name-value pairs that would be passed to rules associated
with the tasks and roles assigned to the user. A param with name 'user' is added to this array,
which holds the value of |
| $assignments | yii\rbac\Assignment[] | The assignments to the specified user |
| return | boolean | Whether the operations can be performed by the user. |
|---|---|---|
Checks whether there is a loop in the authorization item hierarchy.
| boolean detectLoop( $parent, $child ) | ||
| $parent | yii\rbac\Item | Parent item |
| $child | yii\rbac\Item | The child item that is to be added to the hierarchy |
| return | boolean | Whether a loop exists |
|---|---|---|
Returns the assignment information regarding a role and a user.
| null|yii\rbac\Assignment getAssignment( $roleName, $userId ) | ||
| $roleName | string | The role name |
| $userId | string|integer | The user ID (see yii\web\User::$id) |
| return | null|yii\rbac\Assignment | The assignment information. Null is returned if the role is not assigned to the user. |
|---|---|---|
Returns all role assignment information for the specified user.
| yii\rbac\Assignment[] getAssignments( $userId ) | ||
| $userId | string|integer | The user ID (see yii\web\User::$id) |
| return | yii\rbac\Assignment[] | The assignments indexed by role names. An empty array will be returned if there is no role assigned to the user. |
|---|---|---|
Returns the child permissions and/or roles.
| yii\rbac\Item[] getChildren( $name ) | ||
| $name | string | The parent name |
| return | yii\rbac\Item[] | The child permissions and/or roles |
|---|---|---|
Recursively finds all children and grand children of the specified item.
| void getChildrenRecursive( $name, <b>&</b>$result ) | ||
| $name | string | The name of the item whose children are to be looked for. |
| $result | array | The children and grand children (in array keys) |
Returns the named auth item.
| yii\rbac\Item getItem( $name ) | ||
| $name | string | The auth item name. |
| return | yii\rbac\Item | The auth item corresponding to the specified name. Null is returned if no such item. |
|---|---|---|
Returns the items of the specified type.
| yii\rbac\Item[] getItems( $type ) | ||
| $type | integer | The auth item type (either yii\rbac\Item::TYPE_ROLE or yii\rbac\Item::TYPE_PERMISSION |
| return | yii\rbac\Item[] | The auth items of the specified type. |
|---|---|---|
Returns all permissions that the specified role represents.
| yii\rbac\Permission[] getPermissionsByRole( $roleName ) | ||
| $roleName | string | The role name |
| return | yii\rbac\Permission[] | All permissions that the role represents. The array is indexed by the permission names. |
|---|---|---|
Returns all permissions that the user has.
| yii\rbac\Permission[] getPermissionsByUser( $userId ) | ||
| $userId | string|integer | The user ID (see yii\web\User::$id) |
| return | yii\rbac\Permission[] | All permissions that the user has. The array is indexed by the permission names. |
|---|---|---|
Returns the roles that are assigned to the user via assign().
Note that child roles that are not assigned directly to the user will not be returned.
| yii\rbac\Role[] getRolesByUser( $userId ) | ||
| $userId | string|integer | The user ID (see yii\web\User::$id) |
| return | yii\rbac\Role[] | All roles directly or indirectly assigned to the user. The array is indexed by the role names. |
|---|---|---|
Returns the rule of the specified name.
| null|yii\rbac\Rule getRule( $name ) | ||
| $name | string | The rule name |
| return | null|yii\rbac\Rule | The rule object, or null if the specified name does not correspond to a rule. |
|---|---|---|
Returns all rules available in the system.
| yii\rbac\Rule[] getRules( ) | ||
| return | yii\rbac\Rule[] | The rules indexed by the rule names |
|---|---|---|
Returns a value indicating whether the child already exists for the parent.
| boolean hasChild( $parent, $child ) | ||
| $parent | yii\rbac\Item | |
| $child | yii\rbac\Item | |
| return | boolean | Whether |
|---|---|---|
Initializes the application component.
This method overrides parent implementation by loading the authorization data from PHP script.
| void init( ) |
Loads authorization data from persistent storage.
| void load( ) |
Loads the authorization data from a PHP script file.
See also saveToFile().
| array loadFromFile( $file ) | ||
| $file | string | The file path. |
| return | array | The authorization data |
|---|---|---|
Removes all authorization data, including roles, permissions, rules, and assignments.
| void removeAll( ) |
Removes all role assignments.
| void removeAllAssignments( ) |
Removes all auth items of the specified type.
| void removeAllItems( $type ) | ||
| $type | integer | The auth item type (either Item::TYPE_PERMISSION or Item::TYPE_ROLE) |
Removes all permissions.
All parent child relations will be adjusted accordingly.
| void removeAllPermissions( ) |
Removes all roles.
All parent child relations will be adjusted accordingly.
| void removeAllRoles( ) |
Removes all rules.
All roles and permissions which have rules will be adjusted accordingly.
| void removeAllRules( ) |
Removes a child from its parent.
Note, the child item is not deleted. Only the parent-child relationship is removed.
| boolean removeChild( $parent, $child ) | ||
| $parent | yii\rbac\Item | |
| $child | yii\rbac\Item | |
| return | boolean | Whether the removal is successful |
|---|---|---|
Removed all children form their parent.
Note, the children items are not deleted. Only the parent-child relationships are removed.
| boolean removeChildren( $parent ) | ||
| $parent | yii\rbac\Item | |
| return | boolean | Whether the removal is successful |
|---|---|---|
Removes an auth item from the RBAC system.
| boolean removeItem( $item ) | ||
| $item | yii\rbac\Item | The item to remove |
| return | boolean | Whether the role or permission is successfully removed |
|---|---|---|
| throws | Exception | if data validation or saving fails (such as the name of the role or permission is not unique) |
Removes a rule from the RBAC system.
| boolean removeRule( $rule ) | ||
| $rule | yii\rbac\Rule | The rule to remove |
| return | boolean | Whether the rule is successfully removed |
|---|---|---|
| throws | Exception | if data validation or saving fails (such as the name of the rule is not unique) |
Revokes a role from a user.
| boolean revoke( $role, $userId ) | ||
| $role | yii\rbac\Role | |
| $userId | string|integer | The user ID (see yii\web\User::$id) |
| return | boolean | Whether the revoking is successful |
|---|---|---|
Revokes all roles from a user.
| boolean revokeAll( $userId ) | ||
| $userId | mixed | The user ID (see yii\web\User::$id) |
| return | boolean | Whether the revoking is successful |
|---|---|---|
Saves authorization data into persistent storage.
| void save( ) |
Saves assignments data into persistent storage.
| void saveAssignments( ) |
Saves items data into persistent storage.
| void saveItems( ) |
Saves rules data into persistent storage.
| void saveRules( ) |
Saves the authorization data to a PHP script file.
See also loadFromFile().
| void saveToFile( $data, $file ) | ||
| $data | array | The authorization data |
| $file | string | The file path. |
Updates an auth item in the RBAC system.
| boolean updateItem( $name, $item ) | ||
| $name | string | The name of the item being updated |
| $item | yii\rbac\Item | The updated item |
| return | boolean | Whether the auth item is successfully updated |
|---|---|---|
| throws | Exception | if data validation or saving fails (such as the name of the role or permission is not unique) |
Updates a rule to the RBAC system.
| boolean updateRule( $name, $rule ) | ||
| $name | string | The name of the rule being updated |
| $rule | yii\rbac\Rule | The updated rule |
| return | boolean | Whether the rule is successfully updated |
|---|---|---|
| throws | Exception | if data validation or saving fails (such as the name of the rule is not unique) |