Commit a6136e1b by Qiang Xue

Renamed `yii\web\User::checkAccess()` to `yii\web\User::can()`

parent 8fbe10ac
...@@ -14,10 +14,20 @@ defined('STDOUT') or define('STDOUT', fopen('php://stdout', 'w')); ...@@ -14,10 +14,20 @@ defined('STDOUT') or define('STDOUT', fopen('php://stdout', 'w'));
define('YII_DEBUG', true); define('YII_DEBUG', true);
$vendor = __DIR__ . '/../vendor/autoload.php'; $composerAutoload = [
if (file_exists($vendor)) { __DIR__ . '/../vendor/autoload.php', // yii2 as the root package
require($vendor); __DIR__ . '/../../../autoload.php', // yii2-basic or yii2-advanced as the root package
} else { ];
foreach ($composerAutoload as $autoload) {
if (file_exists($autoload)) {
require($autoload);
$vendorPath = dirname($autoload);
break;
}
}
if (!isset($vendorPath)) {
echo "composer autoloader could not be found.\nYou should run `composer install` in repo root directory.\n"; echo "composer autoloader could not be found.\nYou should run `composer install` in repo root directory.\n";
exit(1); exit(1);
} }
......
...@@ -283,6 +283,7 @@ Yii Framework 2 Change Log ...@@ -283,6 +283,7 @@ Yii Framework 2 Change Log
- Chg: Moved all filter classes to namespace `yii\filters` (qiangxue) - Chg: Moved all filter classes to namespace `yii\filters` (qiangxue)
- Chg: Removed `Application::preload` in favor of `Application::bootstrap` (qiangxue) - Chg: Removed `Application::preload` in favor of `Application::bootstrap` (qiangxue)
- Chg: Re-implemented RBAC by following more closely to the original NIST RBAC model. Dropped `yii\rbac\PhpManager`. (qiangxue) - Chg: Re-implemented RBAC by following more closely to the original NIST RBAC model. Dropped `yii\rbac\PhpManager`. (qiangxue)
- Chg: Renamed `yii\web\User::checkAccess()` to `yii\web\User::can()` (qiangxue)
- New #66: [Auth client library](https://github.com/yiisoft/yii2-authclient) OpenId, OAuth1, OAuth2 clients (klimov-paul) - New #66: [Auth client library](https://github.com/yiisoft/yii2-authclient) OpenId, OAuth1, OAuth2 clients (klimov-paul)
- New #303: Added built-in support for REST API (qiangxue) - New #303: Added built-in support for REST API (qiangxue)
- New #503: Added `yii\di\Container` and `yii\di\ServiceLocator` (qiangxue) - New #503: Added `yii\di\Container` and `yii\di\ServiceLocator` (qiangxue)
......
...@@ -13,7 +13,7 @@ use Yii; ...@@ -13,7 +13,7 @@ use Yii;
* Application is the base class for all application classes. * Application is the base class for all application classes.
* *
* @property \yii\web\AssetManager $assetManager The asset manager component. This property is read-only. * @property \yii\web\AssetManager $assetManager The asset manager component. This property is read-only.
* @property \yii\rbac\Manager $authManager The auth manager for this application. Null is returned if auth * @property \yii\rbac\ManagerInterface $authManager The auth manager for this application. Null is returned if auth
* manager is not configured. This property is read-only. * manager is not configured. This property is read-only.
* @property string $basePath The root directory of the application. * @property string $basePath The root directory of the application.
* @property \yii\caching\Cache $cache The cache application component. Null if the component is not enabled. * @property \yii\caching\Cache $cache The cache application component. Null if the component is not enabled.
...@@ -559,7 +559,7 @@ abstract class Application extends Module ...@@ -559,7 +559,7 @@ abstract class Application extends Module
/** /**
* Returns the auth manager for this application. * Returns the auth manager for this application.
* @return \yii\rbac\Manager the auth manager for this application. * @return \yii\rbac\ManagerInterface the auth manager for this application.
* Null is returned if auth manager is not configured. * Null is returned if auth manager is not configured.
*/ */
public function getAuthManager() public function getAuthManager()
......
...@@ -195,17 +195,18 @@ return [ ...@@ -195,17 +195,18 @@ return [
'yii\mutex\Mutex' => YII_PATH . '/mutex/Mutex.php', 'yii\mutex\Mutex' => YII_PATH . '/mutex/Mutex.php',
'yii\mutex\MysqlMutex' => YII_PATH . '/mutex/MysqlMutex.php', 'yii\mutex\MysqlMutex' => YII_PATH . '/mutex/MysqlMutex.php',
'yii\rbac\Assignment' => YII_PATH . '/rbac/Assignment.php', 'yii\rbac\Assignment' => YII_PATH . '/rbac/Assignment.php',
'yii\rbac\BaseManager' => YII_PATH . '/rbac/BaseManager.php',
'yii\rbac\DbManager' => YII_PATH . '/rbac/DbManager.php', 'yii\rbac\DbManager' => YII_PATH . '/rbac/DbManager.php',
'yii\rbac\Item' => YII_PATH . '/rbac/Item.php', 'yii\rbac\Item' => YII_PATH . '/rbac/Item.php',
'yii\rbac\Manager' => YII_PATH . '/rbac/Manager.php', 'yii\rbac\ManagerInterface' => YII_PATH . '/rbac/ManagerInterface.php',
'yii\rbac\PhpManager' => YII_PATH . '/rbac/PhpManager.php', 'yii\rbac\Permission' => YII_PATH . '/rbac/Permission.php',
'yii\rbac\Role' => YII_PATH . '/rbac/Role.php',
'yii\rbac\Rule' => YII_PATH . '/rbac/Rule.php', 'yii\rbac\Rule' => YII_PATH . '/rbac/Rule.php',
'yii\requirements\YiiRequirementChecker' => YII_PATH . '/requirements/YiiRequirementChecker.php', 'yii\requirements\YiiRequirementChecker' => YII_PATH . '/requirements/YiiRequirementChecker.php',
'yii\rest\Action' => YII_PATH . '/rest/Action.php', 'yii\rest\Action' => YII_PATH . '/rest/Action.php',
'yii\rest\ActiveController' => YII_PATH . '/rest/ActiveController.php', 'yii\rest\ActiveController' => YII_PATH . '/rest/ActiveController.php',
'yii\rest\Controller' => YII_PATH . '/rest/Controller.php', 'yii\rest\Controller' => YII_PATH . '/rest/Controller.php',
'yii\rest\CreateAction' => YII_PATH . '/rest/CreateAction.php', 'yii\rest\CreateAction' => YII_PATH . '/rest/CreateAction.php',
'yii\rest\DataExporter' => YII_PATH . '/rest/DataExporter.php',
'yii\rest\DeleteAction' => YII_PATH . '/rest/DeleteAction.php', 'yii\rest\DeleteAction' => YII_PATH . '/rest/DeleteAction.php',
'yii\rest\IndexAction' => YII_PATH . '/rest/IndexAction.php', 'yii\rest\IndexAction' => YII_PATH . '/rest/IndexAction.php',
'yii\rest\OptionsAction' => YII_PATH . '/rest/OptionsAction.php', 'yii\rest\OptionsAction' => YII_PATH . '/rest/OptionsAction.php',
......
...@@ -42,8 +42,8 @@ class AccessRule extends Component ...@@ -42,8 +42,8 @@ class AccessRule extends Component
* - `?`: matches a guest user (not authenticated yet) * - `?`: matches a guest user (not authenticated yet)
* - `@`: matches an authenticated user * - `@`: matches an authenticated user
* *
* Using additional role names requires RBAC (Role-Based Access Control), and * Using other role names requires RBAC (Role-Based Access Control), and
* [[User::checkAccess()]] will be called. * [[User::can()]] will be called.
* *
* If this property is not set or empty, it means this rule applies to all roles. * If this property is not set or empty, it means this rule applies to all roles.
*/ */
...@@ -148,7 +148,7 @@ class AccessRule extends Component ...@@ -148,7 +148,7 @@ class AccessRule extends Component
if (!$user->getIsGuest()) { if (!$user->getIsGuest()) {
return true; return true;
} }
} elseif ($user->checkAccess($role)) { } elseif ($user->can($role)) {
return true; return true;
} }
} }
......
...@@ -570,33 +570,32 @@ class User extends Component ...@@ -570,33 +570,32 @@ class User extends Component
} }
/** /**
* Performs access check for this user. * Checks if the user can perform the operation as specified by the given permission.
* *
* Note that you must configure "authManager" application component in order to use this method. * Note that you must configure "authManager" application component in order to use this method.
* Otherwise an exception will be thrown. * Otherwise an exception will be thrown.
* *
* @param string $operation the name of the operation that need access check. * @param string $permissionName the name of the permission (e.g. "edit post") that needs access check.
* @param array $params name-value pairs that would be passed to business rules associated * @param array $params name-value pairs that would be passed to the rules associated
* with the tasks and roles assigned to the user. A param with name 'userId' is added to * with the roles and permissions assigned to the user. A param with name 'user' is added to
* this array, which holds the value of [[id]] when [[\yii\rbac\DbManager]] or * this array, which holds the value of [[id]].
* [[\yii\rbac\PhpManager]] is used.
* @param boolean $allowCaching whether to allow caching the result of access check. * @param boolean $allowCaching whether to allow caching the result of access check.
* When this parameter is true (default), if the access check of an operation was performed * When this parameter is true (default), if the access check of an operation was performed
* before, its result will be directly returned when calling this method to check the same * before, its result will be directly returned when calling this method to check the same
* operation. If this parameter is false, this method will always call * operation. If this parameter is false, this method will always call
* [[\yii\rbac\Manager::checkAccess()]] to obtain the up-to-date access result. Note that this * [[\yii\rbac\ManagerInterface::checkAccess()]] to obtain the up-to-date access result. Note that this
* caching is effective only within the same request and only works when `$params = []`. * caching is effective only within the same request and only works when `$params = []`.
* @return boolean whether the operations can be performed by this user. * @return boolean whether the user can perform the operation as specified by the given permission.
*/ */
public function checkAccess($operation, $params = [], $allowCaching = true) public function can($permissionName, $params = [], $allowCaching = true)
{ {
$auth = Yii::$app->getAuthManager(); $auth = Yii::$app->getAuthManager();
if ($allowCaching && empty($params) && isset($this->_access[$operation])) { if ($allowCaching && empty($params) && isset($this->_access[$permissionName])) {
return $this->_access[$operation]; return $this->_access[$permissionName];
} }
$access = $auth->checkAccess($this->getId(), $operation, $params); $access = $auth->checkAccess($this->getId(), $permissionName, $params);
if ($allowCaching && empty($params)) { if ($allowCaching && empty($params)) {
$this->_access[$operation] = $access; $this->_access[$permissionName] = $access;
} }
return $access; return $access;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment