Skip to content

Y
yii2
Commit 14b782cf by Qiang Xue
Options

Added `$user` as the first parameter of `yii\rbac\Rule::execute()`

parent e5f9edbf
Showing with 11 additions and 12 deletions
framework/CHANGELOG.md
...@@ -15,6 +15,7 @@ Yii Framework 2 Change Log ...@@ -15,6 +15,7 @@ Yii Framework 2 Change Log
- Enh: Added support for using sub-queries when building a DB query with `IN` condition (qiangxue) - Enh: Added support for using sub-queries when building a DB query with `IN` condition (qiangxue)
- Enh: Supported adding a new response formatter without the need to reconfigure existing formatters (qiangxue) - Enh: Supported adding a new response formatter without the need to reconfigure existing formatters (qiangxue)
- Chg: Replaced `clearAll()` and `clearAllAssignments()` in `yii\rbac\ManagerInterface` with `removeAll()`, `removeAllRoles()`, `removeAllPermissions()`, `removeAllRules()` and `removeAllAssignments()` (qiangxue) - Chg: Replaced `clearAll()` and `clearAllAssignments()` in `yii\rbac\ManagerInterface` with `removeAll()`, `removeAllRoles()`, `removeAllPermissions()`, `removeAllRules()` and `removeAllAssignments()` (qiangxue)
- Chg: Added `$user` as the first parameter of `yii\rbac\Rule::execute()` (qiangxue)
2.0.0-beta April 13, 2014 2.0.0-beta April 13, 2014
......
framework/UPGRADE.md
...@@ -14,3 +14,6 @@ Upgrade from Yii 2.0 Beta ...@@ -14,3 +14,6 @@ Upgrade from Yii 2.0 Beta
* If you used `clearAll()` or `clearAllAssignments()` of `yii\rbac\DbManager`, you should replace * If you used `clearAll()` or `clearAllAssignments()` of `yii\rbac\DbManager`, you should replace
them with `removeAll()` and `removeAllAssignments()` respectively. them with `removeAll()` and `removeAllAssignments()` respectively.
* If you created RBAC rule classes, you should modify their `execute()` method by adding `$user`
as the first parameter: `execute($user, $item, $params)`. The `$user` parameter represents
the ID of the user currently being access checked. Previously, this is passed via `$params['user']`.
framework/rbac/DbManager.php
...@@ -74,9 +74,6 @@ class DbManager extends BaseManager ...@@ -74,9 +74,6 @@ class DbManager extends BaseManager
public function checkAccess($userId, $permissionName, $params = []) public function checkAccess($userId, $permissionName, $params = [])
{ {
$assignments = $this->getAssignments($userId); $assignments = $this->getAssignments($userId);
if (!isset($params['user'])) {
$params['user'] = $userId;
}
return $this->checkAccessRecursive($userId, $permissionName, $params, $assignments); return $this->checkAccessRecursive($userId, $permissionName, $params, $assignments);
} }
...@@ -100,7 +97,7 @@ class DbManager extends BaseManager ...@@ -100,7 +97,7 @@ class DbManager extends BaseManager
Yii::trace($item instanceof Role ? "Checking role: $itemName" : "Checking permission: $itemName", __METHOD__); Yii::trace($item instanceof Role ? "Checking role: $itemName" : "Checking permission: $itemName", __METHOD__);
if (!$this->executeRule($item, $params)) { if (!$this->executeRule($user, $item, $params)) {
return false; return false;
} }
......
framework/rbac/PhpManager.php
...@@ -76,9 +76,6 @@ class PhpManager extends BaseManager ...@@ -76,9 +76,6 @@ class PhpManager extends BaseManager
public function checkAccess($userId, $permissionName, $params = []) public function checkAccess($userId, $permissionName, $params = [])
{ {
$assignments = $this->getAssignments($userId); $assignments = $this->getAssignments($userId);
if (!isset($params['user'])) {
$params['user'] = $userId;
}
return $this->checkAccessRecursive($userId, $permissionName, $params, $assignments); return $this->checkAccessRecursive($userId, $permissionName, $params, $assignments);
} }
...@@ -113,7 +110,7 @@ class PhpManager extends BaseManager ...@@ -113,7 +110,7 @@ class PhpManager extends BaseManager
$item = $this->_items[$itemName]; $item = $this->_items[$itemName];
Yii::trace($item instanceof Role ? "Checking role: $itemName" : "Checking permission : $itemName", __METHOD__); Yii::trace($item instanceof Role ? "Checking role: $itemName" : "Checking permission : $itemName", __METHOD__);
if (!$this->executeRule($item, $params)) { if (!$this->executeRule($user, $item, $params)) {
return false; return false;
} }
......
framework/rbac/Rule.php
...@@ -33,9 +33,11 @@ abstract class Rule extends Object ...@@ -33,9 +33,11 @@ abstract class Rule extends Object
/** /**
* Executes the rule. * Executes the rule.
* *
* @param string|integer $user the user ID. This should be either an integer or a string representing
* the unique identifier of a user. See [[\yii\web\User::id]].
* @param Item $item the auth item that this rule is associated with * @param Item $item the auth item that this rule is associated with
* @param array $params parameters passed to [[ManagerInterface::allow()]]. * @param array $params parameters passed to [[ManagerInterface::allow()]].
* @return boolean a value indicating whether the rule permits the auth item it is associated with. * @return boolean a value indicating whether the rule permits the auth item it is associated with.
*/ */
abstract public function execute($item, $params); abstract public function execute($user, $item, $params);
} }
tests/unit/framework/rbac/AuthorRule.php
...@@ -14,8 +14,8 @@ class AuthorRule extends Rule ...@@ -14,8 +14,8 @@ class AuthorRule extends Rule
/** /**
* @inheritdoc * @inheritdoc
*/ */
public function execute($item, $params) public function execute($user, $item, $params)
{ {
return $params['authorID'] == $params['user']; return $params['authorID'] == $user;
} }
} }
tests/unit/framework/rbac/ManagerTestCase.php
...@@ -2,7 +2,6 @@ ...@@ -2,7 +2,6 @@
namespace yiiunit\framework\rbac; namespace yiiunit\framework\rbac;
use yii\rbac\Assignment;
use yii\rbac\Item; use yii\rbac\Item;
use yii\rbac\Permission; use yii\rbac\Permission;
use yii\rbac\Role; use yii\rbac\Role;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment