Skip to content

Y
yii2
Commit b260fbbd by Aleksandr Krivtcun
Options

Merge branch 'master' of git://github.com/yiisoft/yii2 into translation-ru-structure-widgets

parents 8eb73958 37dde677
Showing with 1035 additions and 469 deletions
apps/advanced/common/models/User.php
<?php
namespace common\models;
use Yii;
use yii\base\NotSupportedException;
use yii\behaviors\TimestampBehavior;
use yii\db\ActiveRecord;
use Yii;
use yii\web\IdentityInterface;
/**
......@@ -25,7 +26,6 @@ class User extends ActiveRecord implements IdentityInterface
{
const STATUS_DELETED = 0;
const STATUS_ACTIVE = 10;
const ROLE_USER = 10;
/**
......@@ -42,13 +42,7 @@ class User extends ActiveRecord implements IdentityInterface
public function behaviors()
{
return [
'timestamp' => [
'class' => 'yii\behaviors\TimestampBehavior',
'attributes' => [
ActiveRecord::EVENT_BEFORE_INSERT => ['created_at', 'updated_at'],
ActiveRecord::EVENT_BEFORE_UPDATE => ['updated_at'],
],
],
TimestampBehavior::className(),
];
}
......@@ -85,7 +79,7 @@ class User extends ActiveRecord implements IdentityInterface
/**
* Finds user by username
*
* @param string $username
* @param string $username
* @return static|null
*/
public static function findByUsername($username)
......@@ -96,12 +90,12 @@ class User extends ActiveRecord implements IdentityInterface
/**
* Finds user by password reset token
*
* @param string $token password reset token
* @param string $token password reset token
* @return static|null
*/
public static function findByPasswordResetToken($token)
{
$expire = \Yii::$app->params['user.passwordResetTokenExpire'];
$expire = Yii::$app->params['user.passwordResetTokenExpire'];
$parts = explode('_', $token);
$timestamp = (int) end($parts);
if ($timestamp + $expire < time()) {
......@@ -142,7 +136,7 @@ class User extends ActiveRecord implements IdentityInterface
/**
* Validates password
*
* @param string $password password to validate
* @param string $password password to validate
* @return boolean if password provided is valid for current user
*/
public function validatePassword($password)
......
apps/advanced/requirements.php
......@@ -69,14 +69,6 @@ $requirements = array(
'condition' => extension_loaded('apc'),
'by' => '<a href="http://www.yiiframework.com/doc-2.0/yii-caching-apccache.html">ApcCache</a>',
),
// Additional PHP extensions :
array(
'name' => 'Mcrypt extension',
'mandatory' => false,
'condition' => extension_loaded('mcrypt'),
'by' => '<a href="http://www.yiiframework.com/doc-2.0/yii-helpers-security.html">Security Helper</a>',
'memo' => 'Required by encrypt and decrypt methods.'
),
// PHP ini :
'phpSafeMode' => array(
'name' => 'PHP safe mode',
......
apps/basic/requirements.php
......@@ -69,14 +69,6 @@ $requirements = array(
'condition' => extension_loaded('apc'),
'by' => '<a href="http://www.yiiframework.com/doc-2.0/yii-caching-apccache.html">ApcCache</a>',
),
// Additional PHP extensions :
array(
'name' => 'Mcrypt extension',
'mandatory' => false,
'condition' => extension_loaded('mcrypt'),
'by' => '<a href="http://www.yiiframework.com/doc-2.0/yii-helpers-security.html">Security Helper</a>',
'memo' => 'Required by encrypt and decrypt methods.'
),
// PHP ini :
'phpSafeMode' => array(
'name' => 'PHP safe mode',
......
docs/guide-es/concept-behaviors.md 0 → 100644
Comportamientos
===============
Comportamientos son instancias de [[yii\base\Behavior]] o sus clases "hija". Comportamientos, también conocido como
[mixins](http://en.wikipedia.org/wiki/Mixin), te permiten mejorar la funcionalidad de un [[yii\base\Component|componente]]
existente sin necesidad de modificar su herencia de clases.
Cuando un comportamiento se une a un componente, "inyectará" sus métodos y propiedades dentro del componente, y podrás
acceder a esos métodos y propiedades como si hubieran estado definidos por la clase de componente. Además, un
comportamiento puede responder a [eventos](concept-events.md) disparados por el componente de modo que se pueda personalizar
o adaptar a la ejecución normal del código del componente.
Usando comportamientos <a name="using-behaviors"></a>
----------------------
Para poder utilizar un comportamiento, primero tienes que unirlo a un [[yii\base\Component|componente]]. Describiremos cómo
puedes vincular un comportamiento en la próxima sub-sección.
Una vez que el comportamiento ha sido vinculado a un componente, su uso es sencillo.
Puedes usar a una variable *pública* o a una [propiedad](concept-properties.md) definida por un `getter` y/o un `setter`
del comportamiento a través del componente con el que se ha vinculado, como por ejemplo,
```php
// "prop1" es una propiedad definida en la clase comportamiento
echo $component->prop1;
$component->prop1 = $value;
```
También puedes llamar métodos *públicos* del comportamiento de una forma similar,
```php
// bar() es un método público definido dentro de la clase comportamiento
$component->bar();
```
Como puedes ver, aunque `$component` no tiene definida `prop1` y `bar()`, pueden ser usadas como si fueran parte
definida del componente.
Si dos comportamientos definen la misma propiedad o método y ambos están vinculados con el mismo componente, el
comportamiento que ha sido vinculado primero tendrá preferencia cuando se esté accediendo a la propiedad o método.
Un comportamiento puede estar asociado con un nombre cuando se une a un componente. Si este es el caso, es posible
acceder al objeto de comportamiento mediante el nombre, como se muestra a continuación,
```php
$behavior = $component->getBehavior('myBehavior');
```
También puedes acceder a todos los comportamientos vinculados al componente:
```php
$behaviors = $component->getBehaviors();
```
Vinculando Comportamientos <a name="attaching-behaviors"></a>
--------------------------
Puedes vincular un comportamiento a un [[yii\base\Component|componente]] ya sea estática o dinámicamente. La primera forma
es la más comúnmente utilizada en la práctica.
Para unir un comportamiento estáticamente, reemplaza el método [[yii\base\Component::behaviors()|behaviors()]] de la
clase componente que se está conectando. Por ejemplo,
```php
namespace app\models;
use yii\db\ActiveRecord;
use app\components\MyBehavior;
class User extends ActiveRecord
{
public function behaviors()
{
return [
// comportamiento anónimo, sólo el nombre de la clase del comportamiento
MyBehavior::className(),
// comportamiento nombrado, sólo el nombre de la clase del comportamiento
'myBehavior2' => MyBehavior::className(),
// comportamiento anónimo, matriz de configuración
[
'class' => MyBehavior::className(),
'prop1' => 'value1',
'prop2' => 'value2',
],
// comportamiento nombrado, matriz de configuración
'myBehavior4' => [
'class' => MyBehavior::className(),
'prop1' => 'value1',
'prop2' => 'value2',
]
];
}
}
```
El método [[yii\base\Component::behaviors()|behaviors()]] tiene que devolver la lista de los comportamientos
[configuraciones](concept-configurations.md).
Cada configuración de un comportamiento puede ser el nombre de la clase o una matriz de configuración.
Puedes asociciar un nombre a un comportamiento especificándolo en la clave de la matriz correspondiente a la configuración
del comportamiento. En este caso, el comportamiento puede ser llamado un *comportamiento nombrado* (named behavior). En
el ejemplo anterior, hay dos tipos de comportamientos nombrados: `myBehavior2` y `myBehavior4`. Si un comportamiento
no está asociado con un nombre, se le llama *comportamiento anónimo* (anonymous behavior).
Para vincular un comportamiento dinámicamente, llama al método [[yii\base\Component::attachBehavior()]] desde el componente al
que se le va a unir el comportamiento. Por ejemplo,
```php
use app\components\MyBehavior;
// vincular un objeto comportamiento "behavior"
$component->attachBehavior('myBehavior1', new MyBehavior);
// vincular una clase comportamiento
$component->attachBehavior('myBehavior2', MyBehavior::className());
// asociar una matriz de configuración
$component->attachBehavior('myBehavior3', [
'class' => MyBehavior::className(),
'prop1' => 'value1',
'prop2' => 'value2',
]);
```
You may attach multiple behaviors at once by using the [[yii\base\Component::attachBehaviors()]] method.
For example,
```php
$component->attachBehaviors([
'myBehavior1' => new MyBehavior, // a named behavior
MyBehavior::className(), // an anonymous behavior
]);
```
También puedes asociar comportamientos a traves de [configuraciones](concept-configurations.md) compor el siguiente
ejemplo. Para más detalles, por favor visita la sección [Configuraciones](concept-configurations.md#configuration-format).
```php
[
'as myBehavior2' => MyBehavior::className(),
'as myBehavior3' => [
'class' => MyBehavior::className(),
'prop1' => 'value1',
'prop2' => 'value2',
],
]
```
Desasociar Comportamientos <a name="detaching-behaviors"></a>
--------------------------
Para desasociar un comportamiento, puedes llamar el método [[yii\base\Component::detachBehavior()]] con el nombre con el
que se le asoció:
```php
$component->detachBehavior('myBehavior1');
```
También puedes desvincular *todos* los comportamientos:
```php
$component->detachBehaviors();
```
Definiendo Comportamientos <a name="defining-behaviors"></a>
--------------------------
Para definir un comportamiento, crea una clase extendendiéndola de [[yii\base\Behavior]] o una de sus clases "hija". Por ejemplo,
```php
namespace app\components;
use yii\base\Model;
use yii\base\Behavior;
class MyBehavior extends Behavior
{
public $prop1;
private $_prop2;
public function getProp2()
{
return $this->_prop2;
}
public function setProp2($value)
{
$this->_prop2 = $value;
}
public function foo()
{
// ...
}
}
```
El código anterior define la clase del comportamiento `app\components\MyBehavior` que provee dos propiedades `prop1` y
`prop2`, y un método `foo()` al componente con el que está asociado.
The above code defines the behavior class `app\components\MyBehavior` which will provide two properties
`prop1` and `prop2`, and one method `foo()` to the component it is attached to. Fíjese que la propiedad `prop2` esta
definida a través del getter `getProp2()` y el setter `setProp2()`. Esto es debido a que [[yii\base\Object]] es una
clase "ancestro" (o padre) de [[yii\base\Behavior]], la cual soporta la definición de [propiedades](concept-properties.md) por
getters/setters.
En un comportamiento, puedes acceder al componente al que está vinculado a través de la propiedad [[yii\base\Behavior::owner]].
Si un omportamiento necesita responder a los eventos que han sido disparados desde el componente al qu están asociados,
debería sobreescribir el método [[yii\base\Behavior::events()]]. Por ejemplo,
```php
namespace app\components;
use yii\db\ActiveRecord;
use yii\base\Behavior;
class MyBehavior extends Behavior
{
// ...
public function events()
{
return [
ActiveRecord::EVENT_BEFORE_VALIDATE => 'beforeValidate',
];
}
public function beforeValidate($event)
{
// ...
}
}
```
El método [[yii\base\Behavior::events()|events()]] tiene que devolver un listado de eventos y sus correspondientes
controladores (handlers). El código anterior declara el evento [[yii\db\ActiveRecord::EVENT_BEFORE_VALIDATE|EVENT_BEFORE_VALIDATE]]
con su controlador `beforeValidate()`. Cuando se especifica un controlador de evento, pudes utilizar uno de los siguientes
formatos:
* una cadena que se refiere al nombre de un método de la clase comportamiento, como el ejemplo anterior;
* una matriz con un objeto o nombre de la clase, y el nombre de un método, por ejemplo, `[$object, 'nombreMétodo']`;
* una función anónima.
El formato de un controlador de eventos tendría que ser como se describe a continuación, donde `$event` se refiere al
parámetro `evento`. Por favor, visita la sección [Eventos](concept-events.md) para obtener más información acerca de
eventos.
```php
function ($event) {
}
```
Utilizando `TimestampBehavior` <a name="using-timestamp-behavior"></a>
-----------------------------
Para terminar, vamos a echar un vistazo a [[yii\behaviors\TimestampBehavior]] - un comportamiento que soporta de forma
automática la actualización de atributos `timestamp` (sellos de tiempo) de un [[yii\db\ActiveRecord|Registro Activo]]
(Active Record) cuando éste está siendo guardado.
Primero, vincula este comportamiento a la clase [[yii\db\ActiveRecord|Active Record]] que desees utilizar.
```php
namespace app\models\User;
use yii\db\ActiveRecord;
use yii\behaviors\TimestampBehavior;
class User extends ActiveRecord
{
// ...
public function behaviors()
{
return [
[
'class' => TimestampBehavior::className(),
'attributes' => [
ActiveRecord::EVENT_BEFORE_INSERT => ['created_at', 'updated_at'],
ActiveRecord::EVENT_BEFORE_UPDATE => ['updated_at'],
],
],
];
}
}
```
La configuración del comportamiento anterior especifica que
* cuando el registro está siendo insertado, el comportamiento debe asignar el sello de tiempo actual a los atributos
`created_at` y `updated_at`;
* cuando el registro está siendo actualizado, el comportamiento debe asignar el sello de tiempo actual al atributo
`updated_at.
Ahora si tienes un objeto `User` e intentas guardarlo, descubrirás que sus campos `created_at` y `updated_at` están
automáticamente actualizados con el sello de tiempo actual:
```php
$user = new User;
$user->email = 'test@example.com';
$user->save();
echo $user->created_at; // muestra el sello tiempo actual (timestamp)
```
El comportamiento [[yii\behaviors\TimestampBehavior|TimestampBehavior]] también ofrece un método muy útil llamado
[[yii\behaviors\TimestampBehavior::touch()|touch()]], que asigna el sello de tiempo actual a un atributo especificado y
lo guarda automáticamente en la base de datos:
```php
$user->touch('login_time');
```
Comparación con Traits <a name="comparison-with-traits"></a>
----------------------
Mientras que los comportamientos son similares a [traits](http://www.php.net/traits) en cuanto que ambos "inyectan" sus
métodos y propiedades a la clase primaria, son diferentes en muchos aspectos. Tal y como se describe abajo, los dos
tienen sus ventajas y desventajas. Son much mejor descritos como complementos y no como reemplazos entre sí.
### Las Ventajas de los Comportamientos <a name="pros-for-behaviors"></a>
Las clases de comportamientos (Behaviors), como todas las clases, soportan herencias. Traits, por otro lado, pueden ser
considerados como un copia-y-pega de PHP. Los Traits no soportan la herencia de clases.
Los comportamientos pueden ser asociados y desasociados a un componente dinámicamente sin necesidad de que la clase del
componente sea modificada. Para usar un trait, debes modificar la clase que la usa.
Los comportamientos son configurables mientras que los traits no.
Los comportamientos pueden personalizar la ejecución de un componente al responder a sus eventos.
Cuando hay un conflicto de nombre entre los diferentes comportamientos vinculados a un mismo componente, el conflicto es
automáticamente resuelto respetando al que ha sido asociado primero.
El conflicto de nombres en traits requiere que manualmente sean resueltos cambiando el nombre de las propiedades o métodos
afectados.
### Las Ventajas de los Traits <a name="pros-for-traits"></a>
Los Traits son mucho más eficientes que los comportamientos debido a que los últimos son objetos que consumen tiempo y
memoria.
Los IDEs (Programas de desarrollo) trabajan mucho mejor con traits ya que forman parte del lenguaje PHP.
docs/guide-es/concept-components.md 0 → 100644
Componentes
===========
Los componentes son los principales bloques de construcción de las aplicaciones Yii. Los componentes son instancias de
[[yii\base\Component]] o de una clase extendida. Las tres características principales que los componentes proporcionan
a las otras clases son:
* [Propiedades](concept-properties.md)
* [Eventos](concept-events.md)
* [Comportamientos](concept-behaviors.md)
Por separado y combinadas, estas características hacen que las clases Yii sean mucho mas personalizables y sean mucho
más fáciles de usar. Por ejemplo, el incluido [[yii\jui\DatePicker|widget de selección de fecha]], un componente de la
interfaz de usuario, puede ser utilizado en una [vista](structure-view.md) para generar un selector de fechas interactivo:
```php
use yii\jui\DatePicker;
echo DatePicker::widget([
'language' => 'ru',
'name' => 'country',
'clientOptions' => [
'dateFormat' => 'yy-mm-dd',
],
]);
```
Las propiedades del widget son facilmente modificables porque la clase se extiende de [[yii\base\Component]].
Mientras que los componentes son muy potentes, son un poco más pesados que los objetos normales, debido al hecho de que
necesitan más memoria y tiempo de CPU para poder soportar [eventos](concept-events.md) y [comportamientos](concept-behaviors.md) en particular.
Si tus componentes no necesitan estas dos características, deberías considerar extender tu componente directamente de
[[yii\base\Object]] en vez de [[yii\base\Component]]. De esta manera harás que tus componentes sean mucho más eficientes que
que objetos PHP normales, pero con el añadido soporte para [propiedades](concept-properties.md).
Cuando extiendes tu clase de [[yii\base\Component]] o [[yii\base\Object]], se recomienda que sigas las siguientes
convenciones:
- Si sobrescribes el constructor, especifica un parámetro `$config` como el *último* parámetro del constructor, y después
pasa este parámetro al constructor de la clase "padre".
- Siempre llama al constructor del "padre" al *final* de su propio constructor.
- Si sobrescribes el método [[yii\base\Object::init()]], asegúrate de que llamas a la implementación de la clase "padre"
*al principio* de tu método `init`.
Por ejemplo:
```php
namespace yii\components\MyClass;
use yii\base\Object;
class MyClass extends Object
{
public $prop1;
public $prop2;
public function __construct($param1, $param2, $config = [])
{
// ... inicialización antes de la configuración está siendo aplicada
parent::__construct($config);
}
public function init()
{
parent::init();
// ... inicialización despues de la configuración esta siendo aplicada
}
}
```
Siguiendo esas directrices hará que tus componentes sean [configurables](concept-configurations.md) cuando son creados. Por ejemplo:
```php
$component = new MyClass(1, 2, ['prop1' => 3, 'prop2' => 4]);
// alternativamente
$component = \Yii::createObject([
'class' => MyClass::className(),
'prop1' => 3,
'prop2' => 4,
], [1, 2]);
```
> Información: Mientras que el enfoque de llamar [[Yii::createObject()]] parece mucho más complicado, es mucho más potente
debido al hecho de que se implementa en la parte superior de un [contenedor de inyección de dependencia](concept-di-container.md).
La clase [[yii\base\Object]] hace cumplir el siguiente ciclo de vida del objeto:
1. Pre-inicialización en el constructor. Puedes establecer los valores predeterminados de propiedades aquí.
2. Configuración del objeto a través de `$config`. La configuración puede sobrescribir los valores prdeterminados dentro
del constructor.
3. Post-inicialización dentro de [[yii\base\Object::init()|init()]]. Puedes sobrescribir este método para realizar
comprobaciones de validez y normalización de las propiedades.
4. LLamadas a métodos del objeto.
Los tres primeros pasos ocurren dentro del constructor del objeto. Esto significa que una vez obtengas la instancia de
un objeto, ésta ha sido inicializada para que puedas utilizarla adecuadamente.
docs/guide/extend-creating-extensions.md
......@@ -3,7 +3,7 @@ Extending Yii
> Note: This section is under development.
The Yii framework was designed to be easily extendable. Additional features can be added to your project and then reused, either by yourself on other projects or by sharing your work as a formal Yii extension.
The Yii framework was designed to be easily extensible. Additional features can be added to your project and then reused, either by yourself on other projects or by sharing your work as a formal Yii extension.
Code style
----------
......
docs/guide/extend-customizing-core.md
Helper Classes
==============
> Note: This section is under development.
Yii provides many classes that help simplify common coding tasks, such as string or array manipulations,
HTML code generation, and so forth. These helper classes are organized under the `yii\helpers` namespace and
are all static classes (meaning they contain only static properties and methods and should not be instantiated).
You use a helper class by directly calling one of its static methods:
```
use yii\helpers\ArrayHelper;
$c = ArrayHelper::merge($a, $b);
```
Extending Helper Classes
------------------------
To make helper classes easier to extend, Yii breaks each helper class into two classes: a base class (e.g. `BaseArrayHelper`)
and a concrete class (e.g. `ArrayHelper`). When you use a helper, you should only use the concrete version, never use the base class.
If you want to customize a helper, perform the following steps (using `ArrayHelper` as an example):
1. Name your class the same as the concrete class provided by Yii, including the namespace: `yii\helpers\ArrayHelper`
2. Extend your class from the base class: `class ArrayHelper extends \yii\helpers\BaseArrayHelper`.
3. In your class, override any method or property as needed, or add new methods or properties.
4. Tell your application to use your version of the helper class by including the following line of code in the bootstrap script:
```php
Yii::$classMap['yii\helpers\ArrayHelper'] = 'path/to/ArrayHelper.php';
```
Step 4 above will instruct the Yii class autoloader to load your version of the helper class instead of the one included in the Yii distribution.
> Tip: You can use `Yii::$classMap` to replace ANY core Yii class with your own customized version, not just helper classes.
docs/guide/extend-using-composer.md
......@@ -22,6 +22,20 @@ curl -s http://getcomposer.org/installer | php
We strongly recommend a global composer installation.
Installing Composer Class Autoloader
------------------------------------
Make sure the [entry script](concept-entry-scripts.md) of your application contains the following lines of code:
```php
// install Composer's class autoloader
require(__DIR__ . '/../vendor/autoload.php');
// include Yii class file
require(__DIR__ . '/../vendor/yiisoft/yii2/Yii.php');
```
Working with composer
---------------------
......@@ -52,7 +66,7 @@ composer.phar update
As an example, packages on `dev-master` will constantly get new updates when you run `update`, while running `install` won't, unless you've pulled an update of the `composer.lock` file.
There are several paramaters available to the above commands. Very commonly used ones are `--no-dev`, which would skip packages in the `require-dev` section and `--prefer-dist`, which downloads archives if available, instead of checking out repositories to your `vendor` folder.
There are several parameters available to the above commands. Very commonly used ones are `--no-dev`, which would skip packages in the `require-dev` section and `--prefer-dist`, which downloads archives if available, instead of checking out repositories to your `vendor` folder.
> Composer commands must be executed within your Yii project's directory, where the `composer.json` file can be found.
Depending upon your operating system and setup, you may need to provide paths to the PHP executable and
......@@ -100,7 +114,7 @@ afterwards.
> Depending on the package additional configuration may be required (eg. you have to register a module in the config), but autoloading of the classes should be handled by composer.
Using a specifc version of a package
Using a specific version of a package
------------------------------------
Yii always comes with the latest version of a required library that it is compatible with, but allows you to use an older version if you need to.
......
docs/guide/helper-overview.md
......@@ -3,14 +3,26 @@ Helpers
> Note: This section is under development.
Helper classes typically contain static methods only and are used as follows:
Yii provides many classes that help simplify common coding tasks, such as string or array manipulations,
HTML code generation, and so on. These helper classes are organized under the `yii\helpers` namespace and
are all static classes (meaning they contain only static properties and methods and should not be instantiated).
You use a helper class by directly calling one of its static methods, like the following:
```php
use \yii\helpers\Html;
use yii\helpers\Html;
echo Html::encode('Test > test');
```
There are several classes provided by framework:
> Note: To support [extending helper classes](#extending-helper-classes), Yii breaks each core helper class
into two classes: a base class (e.g. `BaseArrayHelper`) and a concrete class (e.g. `ArrayHelper`).
When you use a helper, you should only use the concrete version and never use the base class.
## Core Helper Classes
The following core helper classes are provided in the Yii releases:
- ArrayHelper
- Console
......@@ -25,3 +37,39 @@ There are several classes provided by framework:
- StringHelper
- Url
- VarDumper
## Extending Helper Classes
To custom a core helper class (e.g. `yii\helpers\ArrayHelper`), you should extend from its corresponding base class
(e.g. `yii\helpers\BaseArrayHelper`) and name your class the same as the corresponding concrete class
(e.g. `yii\helpers\ArrayHelper`), including its namespace.
The following example shows how to customize the [[yii\helpers\ArrayHelper::merge()|merge()]] method of the
[[yii\helpers\ArrayHelper]] class:
```php
namespace yii\helpers;
use yii\helpers\BaseArrayHelper;
class ArrayHelper extends BaseArrayHelper
{
public static function merge($a, $b)
{
// your custom implementation
}
}
```
Save your class in a file named `ArrayHelper.php`. The file can be in any directory, such as `@app/components`.
Next, in your application's [entry script](structure-entry-scripts.md), add the following line of code
after including the `yii.php` file:
```php
Yii::$classMap['yii\helpers\ArrayHelper'] = 'path/to/ArrayHelper.php';
```
The above line instructs the [Yii class autoloader](concept-autoloading.md) to load your version of the helper
class, instead of the one included in the Yii releases.
docs/guide/structure-extensions.md
......@@ -3,33 +3,36 @@ Extensions
> Note: This section is under development.
Extensions are redistributable software packages that extend Yii by providing extra features. For example,
the [yii2-debug](tool-debugger.md) extension adds a handy debug toolbar to every page in your application
to help you more easily grasp how the pages are generated. You can install and use extensions in your
applications to accelerate your development process. You can also package your code in terms of extensions
to share with other people your great work.
Extensions are redistributable software packages specifically designed to be used in Yii applications and provide
ready-to-use features. For example, the [yiisoft/yii2-debug](tool-debugger.md) extension adds a handy debug toolbar
at the bottom of every page in your application to help you more easily grasp how the pages are generated. You can
use extensions to accelerate your development process. You can also package your code as extensions to share with
other people your great work.
> Info: We use the term "extension" to refer to Yii-specific software packages. For general purpose software packages
that can be used without Yii, we will refer to them using the term "package".
## Getting Extensions
The easiest way of getting extensions is using [Composer](https://getcomposer.org/). The name "extension"
is also known as "package" in Composer's terminology. To do so, you will need to
## Using Extensions
To use an extension, you need to install it first. Most extensions are distributed as [Composer](https://getcomposer.org/)
packages, and you can take the following two simple steps to install such an extension:
1. modify the `composer.json` file of your application and specify which extensions (Composer packages) you want to install.
2. run `php composer.phar install` to install the specified extensions.
1. install [Composer](https://getcomposer.org/), which you probably have already done when
[installing Yii](start-installation.md).
2. [specify which repositories](https://getcomposer.org/doc/05-repositories.md#repository) you would like
to get extensions from. In most cases you can skip this if you only want to install open source extensions
hosted on [Packagist](https://packagist.org/) - the default and biggest Composer repository.
3. modify the `composer.json` file of your application and specify which extensions you want to use.
4. run `php composer.phar install` to install the specified extensions.
You may need to install [Composer](https://getcomposer.org/) if you do not have it. Composer is a dependency
manager. This means when installing a package, it will install all its dependent packages automatically.
You usually only need to do Step 1 and 2 once. You may need to do Step 3 and 4 multiple times depending on your
evolving requirements for extensions.
> Info: By default, Composer installs packages registered on [Packagist](https://packagist.org/) - the biggest repository
for open source Composer packages. You may also [create your own repository](https://getcomposer.org/doc/05-repositories.md#repository)
and configure Composer to use it. This is useful if you are developing closed open extensions and want to share
within your projects.
By default, extensions installed by Composer are stored under the `BasePath/vendor` directory, where `BasePath`
refers to the application's [base path](structure-applications.md#basePath).
Extensions installed by Composer are stored under the `BasePath/vendor` directory, where `BasePath` refers to the
application's [base path](structure-applications.md#basePath).
For example, to get the `yii2-imagine` extension maintained officially by Yii, modify your `composer.json` like the following:
For example, to install the `yiisoft/yii2-imagine` extension, modify your `composer.json` like the following:
```json
{
......@@ -43,33 +46,15 @@ For example, to get the `yii2-imagine` extension maintained officially by Yii, m
}
```
The installed extension will be located in the `vendor/yiisoft/yii2-imagine` directory.
After the installation, you should see the directory `yiisoft/yii2-imagine` under `BasePath/vendor`. You should
also see another directory `imagine/imagine` which contains the installed dependent package.
> Info: All extensions officially maintained by Yii are named as `yiisoft/yii2-xyz`, where `xyz` varies for different
extensions.
## Using Extensions
> Info: The `yiisoft/yii2-imagine` is a core extension developed and maintained by the Yii developer team. All
core extensions are hosted on [Packagist](https://packagist.org/) and named like `yiisoft/yii2-xyz`, where `xyz`
varies for different extensions.
In order for your applications to use extensions, you will need to install Composer's class autoloader. This is
necessary such that PHP classes in extensions can be properly autoloaded when you reference them in the application code.
To do so, use the following lines in the [entry script](concept-entry-scripts.md) of your application:
```php
// install Composer's class autoloader
require(__DIR__ . '/../vendor/autoload.php');
// include Yii class file
require(__DIR__ . '/../vendor/yiisoft/yii2/Yii.php');
```
> Info: If you are using the [basic application template](start-installation.md) or
[advanced application template](tutorial-advanced-app.md), you do not need to do anything because the application templates
already contain the above code.
Now you can enjoy using the installed extensions. For example, to use the `yii2-imagine` extension shown in the last
subsection, you can write code like the following in your application, where `Image` is the class provided by
the extension:
Now you can use the installed extensions like they are part of your application. The following example shows
how you can use the `yii\imagine\Image` class provided by the `yiisoft/yii2-imagine` extension:
```php
use Yii;
......@@ -80,8 +65,98 @@ Image::thumbnail('@webroot/img/test-image.jpg', 120, 120)
->save(Yii::getAlias('@runtime/thumb-test-image.jpg'), ['quality' => 50]);
```
> Info: Extension classes are autoloaded using the [Yii class autoloader](concept-autoloading.md). Yii automatically
creates [aliases](concept-aliases.md#extension-aliases) for the root namespaces declared by the extensions.
Also make sure in the [application configuration](structure-applications.md#application-configurations), you have
configured `extension
## Creating Extensions
You may consider creating an extension when you feel the need to redistribute some of your great code so that
they can be easily reused by other people or in your other projects.
An extension can contain any code you like, such as a helper class, a widget, a module, etc.
It is recommended that you create an extension in terms of a Composer package so that it can be more easily
used elsewhere, liked described in the last subsection. Below are the steps you may follow to create an extension.
1. Put all the files you plan to include in the extension in a single directory. The directory should contain
no other irrelevant files. For simplicity, let's call this directory the extension's *root directory*.
2. Create a `composer.json` file directly under the root directory. The file is required by Composer, which describes
the metadata about your extension. Please refer to the [Composer Manual](https://getcomposer.org/doc/01-basic-usage.md#composer-json-project-setup)
for more details about the file format.
3. Create a VCS (version control system) repository to host the extension files. Any future development
and maintenance work about the extension should be done on this repository.
4. Register your extension with a Composer repository so that other users can find and install your extension.
If you are creating an open source extension, you can register it with [Packagist](https://packagist.org/);
If you are creating a private extension for internal use, you may register it with
[your own repository](https://getcomposer.org/doc/05-repositories.md#hosting-your-own).
As an example, you may refer to the [yiisoft/yii2-bootstrap](widget-bootstrap) extension which provides a set of
widgets encapsulating the Twitter Bootstrap plugins. The extension is hosted on [GitHub](https://github.com/yiisoft/yii2-bootstrap)
and registered with [Packagist](https://packagist.org/packages/yiisoft/yii2-bootstrap). Below is the content
of its `composer.json` file (some unimportant content is removed for simplicity):
```json
{
"name": "yiisoft/yii2-bootstrap",
"description": "The Twitter Bootstrap extension for the Yii framework",
"keywords": ["yii2", "bootstrap"],
"type": "yii2-extension",
"license": "BSD-3-Clause",
"require": {
"yiisoft/yii2": "*",
"twbs/bootstrap": "3.1.* | 3.0.*"
},
"autoload": {
"psr-4": {
"yii\\bootstrap\\": ""
}
}
}
```
### Yii2 Extensions
When creating a Composer package, you may specify the package type to be `yii2-extension`, like shown in the example
in the last subsection. This is recommended if your package is an extension that is specifically designed to be
used in Yii applications. By using `yii2-extension` as the package type, your package can get the following extra benefits:
For example, if your package contains a Yii [widget](structure-widgets.md), it is most likely
that the package
## Installing Extensions Manually
In some rare occasions, you may want to install some or all extensions manually, rather than relying on Composer.
To do so, you should
1. download the extension archive files and unpack them in the `vendor` directory.
2. install the class autoloaders provided by the extensions, if any.
3. download and install all dependent extensions as instructed.
If an extension does not have a class autoloader but follows the
[PSR-4 standard](https://github.com/php-fig/fig-standards/blob/master/proposed/psr-4-autoloader/psr-4-autoloader.md),
you may use the class autoloader provided by Yii to autoload the extension classes. All you need to do is just to
declare a [root alias](concept-aliases.md#defining-aliases) for the extension root directory. For example,
assuming you have installed an extension in the directory `vendor/mycompany/myext`, and the extension classes
are under the `myext` namespace, then you can include the following code in your application configuration:
```php
[
'aliases' => [
'@myext' => '@vendor/mycompany/myext',
],
]
```
## Core Extensions
## Best Practices
framework/CHANGELOG.md
......@@ -121,6 +121,12 @@ Yii Framework 2 Change Log
- Improved overall slug results.
- Added note about the fact that intl is required for non-latin languages to requirements checker.
- Enh #4028: Added ability to `yii\widgets\Menu` to encode each item's label separately (creocoder, umneeq)
- Enh #4072: `\yii\rbac\PhpManager` adjustments (samdark)
- Data is now stored in three separate files for items, assignments and rules. File format is simpler.
- Removed `authFile`. Added `itemFile`, `assignmentFile` and `ruleFile`.
- `createdAt` and `updatedAt` are now properly filled with corresponding file modification time.
- `save()` and `load()` are now protected instead of public.
- Added unit test for saving and loading data.
- Enh #4080: Added proper handling and support of the symlinked directories in `FileHelper`, added $options parameter in `FileHelper::removeDirectory()` (resurtm)
- Enh #4086: changedAttributes of afterSave Event now contain old values (dizews)
- Enh: Added support for using sub-queries when building a DB query with `IN` condition (qiangxue)
......
framework/UPGRADE.md
......@@ -74,6 +74,54 @@ Upgrade from Yii 2.0 Beta
* `mail` component was renamed to `mailer`, `yii\log\EmailTarget::$mail` was renamed to `yii\log\EmailTarget::$mailer`.
Please update all references in the code and config files.
* `\yii\rbac\PhpManager` now stores data in three separate files instead of one. In order to convert old file to
new ones save the following code as `convert.php` that should be placed in the same directory your `rbac.php` is in:
```php
<?php
$oldFile = 'rbac.php';
$itemsFile = 'items.php';
$assignmentsFile = 'assignments.php';
$rulesFile = 'rules.php';
$oldData = include $oldFile;
function saveToFile($data, $fileName) {
$out = var_export($data, true);
$out = "<?php\nreturn " . $out . ";";
$out = str_replace(['array (', ')'], ['[', ']'], $out);
file_put_contents($fileName, $out);
}
$items = [];
$assignments = [];
if (isset($oldData['items'])) {
foreach ($oldData['items'] as $name => $data) {
if (isset($data['assignments'])) {
foreach ($data['assignments'] as $userId => $assignmentData) {
$assignments[$userId] = $assignmentData['roleName'];
}
unset($data['assignments']);
}
$items[$name] = $data;
}
}
$rules = [];
if (isset($oldData['rules'])) {
$rules = $oldData['rules'];
}
saveToFile($items, $itemsFile);
saveToFile($assignments, $assignmentsFile);
saveToFile($rules, $rulesFile);
echo "Done!\n";
```
Run it once, delete `rbac.php`. If you've configured `authFile` property, remove the line from config and instead
configure `itemFile`, `assignmentFile` and `ruleFile`.
* Static helper `yii\helpers\Security` has been converted into an application component. You should change all usage of
its methods to a new syntax, for example: instead of `yii\helpers\Security::hashData()` use `Yii::$app->getSecurity()->hashData()`.
Default encryption and hash parameters has been upgraded. If you need to decrypt/validate data that was encrypted/hashed
......
framework/base/Security.php
......@@ -309,11 +309,19 @@ class Security extends Component
* Generates a random key.
* Note the generated key is a binary string with the specified number of bytes in it.
* @param integer $length the length of the key that should be generated
* @throws Exception on failure.
* @return string the generated random key
*/
public function generateRandomKey($length = 32)
{
return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
if (!extension_loaded('mcrypt')) {
throw new InvalidConfigException('The mcrypt PHP extension is not installed.');
}
$key = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
if ($key === false) {
throw new Exception('Unable to generate random key.');
}
return $key;
}
/**
......
framework/helpers/BaseFileHelper.php
......@@ -8,6 +8,7 @@
namespace yii\helpers;
use Yii;
use yii\base\InvalidConfigException;
use yii\base\InvalidParamException;
/**
......@@ -117,9 +118,17 @@ class BaseFileHelper
* @param boolean $checkExtension whether to use the file extension to determine the MIME type in case
* `finfo_open()` cannot determine it.
* @return string the MIME type (e.g. `text/plain`). Null is returned if the MIME type cannot be determined.
* @throws InvalidConfigException when the `fileinfo` PHP extension is not installed and `$checkExtension` is `false`.
*/
public static function getMimeType($file, $magicFile = null, $checkExtension = true)
{
if (!extension_loaded('fileinfo')) {
if ($checkExtension) {
return static::getMimeTypeByExtension($file, $magicFile);
} else {
throw new InvalidConfigException('The fileinfo PHP extension is not installed.');
}
}
$info = finfo_open(FILEINFO_MIME_TYPE, $magicFile);
if ($info) {
......@@ -131,7 +140,7 @@ class BaseFileHelper
}
}
return $checkExtension ? static::getMimeTypeByExtension($file) : null;
return $checkExtension ? static::getMimeTypeByExtension($file, $magicFile) : null;
}
/**
......
framework/rbac/Assignment.php
......@@ -13,8 +13,6 @@ use yii\base\Object;
/**
* Assignment represents an assignment of a role to a user.
*
* It includes additional assignment information including [[ruleName]] and [[data]].
*
* @author Qiang Xue <qiang.xue@gmail.com>
* @author Alexander Kochetov <creocoder@gmail.com>
* @since 2.0
......
framework/rbac/PhpManager.php
......@@ -26,34 +26,52 @@ use yii\helpers\VarDumper;
* @author Qiang Xue <qiang.xue@gmail.com>
* @author Alexander Kochetov <creocoder@gmail.com>
* @author Christophe Boulain <christophe.boulain@gmail.com>
* @author Alexander Makarov <sam@rmcreative.ru>
* @since 2.0
*/
class PhpManager extends BaseManager
{
/**
* @var string the path of the PHP script that contains the authorization data.
* @var string the path of the PHP script that contains the authorization items.
* This can be either a file path or a path alias to the file.
* Make sure this file is writable by the Web server process if the authorization needs to be changed online.
* @see loadFromFile()
* @see saveToFile()
*/
public $authFile = '@app/data/rbac.php';
public $itemFile = '@app/rbac/items.php';
/**
* @var string the path of the PHP script that contains the authorization assignments.
* This can be either a file path or a path alias to the file.
* Make sure this file is writable by the Web server process if the authorization needs to be changed online.
* @see loadFromFile()
* @see saveToFile()
*/
public $assignmentFile = '@app/rbac/assignments.php';
/**
* @var string the path of the PHP script that contains the authorization rules.
* This can be either a file path or a path alias to the file.
* Make sure this file is writable by the Web server process if the authorization needs to be changed online.
* @see loadFromFile()
* @see saveToFile()
*/
public $ruleFile = '@app/rbac/rules.php';
/**
* @var Item[]
*/
private $_items = []; // itemName => item
protected $items = []; // itemName => item
/**
* @var array
*/
private $_children = []; // itemName, childName => child
protected $children = []; // itemName, childName => child
/**
* @var Assignment[]
*/
private $_assignments = []; // userId, itemName => assignment
protected $assignments = []; // userId, itemName => assignment
/**
* @var Rule[]
*/
private $_rules = []; // ruleName => rule
protected $rules = []; // ruleName => rule
/**
......@@ -64,7 +82,9 @@ class PhpManager extends BaseManager
public function init()
{
parent::init();
$this->authFile = Yii::getAlias($this->authFile);
$this->itemFile = Yii::getAlias($this->itemFile);
$this->assignmentFile = Yii::getAlias($this->assignmentFile);
$this->ruleFile = Yii::getAlias($this->ruleFile);
$this->load();
}
......@@ -82,7 +102,7 @@ class PhpManager extends BaseManager
*/
public function getAssignments($userId)
{
return isset($this->_assignments[$userId]) ? $this->_assignments[$userId] : [];
return isset($this->assignments[$userId]) ? $this->assignments[$userId] : [];
}
/**
......@@ -100,12 +120,12 @@ class PhpManager extends BaseManager
*/
protected function checkAccessRecursive($user, $itemName, $params, $assignments)
{
if (!isset($this->_items[$itemName])) {
if (!isset($this->items[$itemName])) {
return false;
}
/* @var $item Item */
$item = $this->_items[$itemName];
$item = $this->items[$itemName];
Yii::trace($item instanceof Role ? "Checking role: $itemName" : "Checking permission : $itemName", __METHOD__);
if (!$this->executeRule($user, $item, $params)) {
......@@ -116,7 +136,7 @@ class PhpManager extends BaseManager
return true;
}
foreach ($this->_children as $parentName => $children) {
foreach ($this->children as $parentName => $children) {
if (isset($children[$itemName]) && $this->checkAccessRecursive($user, $parentName, $params, $assignments)) {
return true;
}
......@@ -130,7 +150,7 @@ class PhpManager extends BaseManager
*/
public function addChild($parent, $child)
{
if (!isset($this->_items[$parent->name], $this->_items[$child->name])) {
if (!isset($this->items[$parent->name], $this->items[$child->name])) {
throw new InvalidParamException("Either '{$parent->name}' or '{$child->name}' does not exist.");
}
......@@ -144,11 +164,11 @@ class PhpManager extends BaseManager
if ($this->detectLoop($parent, $child)) {
throw new InvalidCallException("Cannot add '{$child->name}' as a child of '{$parent->name}'. A loop has been detected.");
}
if (isset($this->_children[$parent->name][$child->name])) {
if (isset($this->children[$parent->name][$child->name])) {
throw new InvalidCallException("The item '{$parent->name}' already has a child '{$child->name}'.");
}
$this->_children[$parent->name][$child->name] = $this->_items[$child->name];
$this->save();
$this->children[$parent->name][$child->name] = $this->items[$child->name];
$this->saveItems();
return true;
}
......@@ -165,10 +185,10 @@ class PhpManager extends BaseManager
if ($child->name === $parent->name) {
return true;
}
if (!isset($this->_children[$child->name], $this->_items[$parent->name])) {
if (!isset($this->children[$child->name], $this->items[$parent->name])) {
return false;
}
foreach ($this->_children[$child->name] as $grandchild) {
foreach ($this->children[$child->name] as $grandchild) {
/* @var $grandchild Item */
if ($this->detectLoop($parent, $grandchild)) {
return true;
......@@ -183,9 +203,9 @@ class PhpManager extends BaseManager
*/
public function removeChild($parent, $child)
{
if (isset($this->_children[$parent->name][$child->name])) {
unset($this->_children[$parent->name][$child->name]);
$this->save();
if (isset($this->children[$parent->name][$child->name])) {
unset($this->children[$parent->name][$child->name]);
$this->saveItems();
return true;
} else {
return false;
......@@ -197,7 +217,7 @@ class PhpManager extends BaseManager
*/
public function hasChild($parent, $child)
{
return isset($this->_children[$parent->name][$child->name]);
return isset($this->children[$parent->name][$child->name]);
}
/**
......@@ -205,18 +225,18 @@ class PhpManager extends BaseManager
*/
public function assign($role, $userId, $ruleName = null, $data = null)
{
if (!isset($this->_items[$role->name])) {
if (!isset($this->items[$role->name])) {
throw new InvalidParamException("Unknown role '{$role->name}'.");
} elseif (isset($this->_assignments[$userId][$role->name])) {
} elseif (isset($this->assignments[$userId][$role->name])) {
throw new InvalidParamException("Authorization item '{$role->name}' has already been assigned to user '$userId'.");
} else {
$this->_assignments[$userId][$role->name] = new Assignment([
$this->assignments[$userId][$role->name] = new Assignment([
'userId' => $userId,
'roleName' => $role->name,
'createdAt' => time(),
]);
$this->save();
return $this->_assignments[$userId][$role->name];
$this->saveAssignments();
return $this->assignments[$userId][$role->name];
}
}
......@@ -225,9 +245,9 @@ class PhpManager extends BaseManager
*/
public function revoke($role, $userId)
{
if (isset($this->_assignments[$userId][$role->name])) {
unset($this->_assignments[$userId][$role->name]);
$this->save();
if (isset($this->assignments[$userId][$role->name])) {
unset($this->assignments[$userId][$role->name]);
$this->saveAssignments();
return true;
} else {
return false;
......@@ -239,11 +259,11 @@ class PhpManager extends BaseManager
*/
public function revokeAll($userId)
{
if (isset($this->_assignments[$userId]) && is_array($this->_assignments[$userId])) {
foreach ($this->_assignments[$userId] as $itemName => $value) {
unset($this->_assignments[$userId][$itemName]);
if (isset($this->assignments[$userId]) && is_array($this->assignments[$userId])) {
foreach ($this->assignments[$userId] as $itemName => $value) {
unset($this->assignments[$userId][$itemName]);
}
$this->save();
$this->saveAssignments();
return true;
} else {
return false;
......@@ -255,7 +275,7 @@ class PhpManager extends BaseManager
*/
public function getAssignment($roleName, $userId)
{
return isset($this->_assignments[$userId][$roleName]) ? $this->_assignments[$userId][$roleName] : null;
return isset($this->assignments[$userId][$roleName]) ? $this->assignments[$userId][$roleName] : null;
}
/**
......@@ -265,7 +285,7 @@ class PhpManager extends BaseManager
{
$items = [];
foreach ($this->_items as $name => $item) {
foreach ($this->items as $name => $item) {
/* @var $item Item */
if ($item->type == $type) {
$items[$name] = $item;
......@@ -281,15 +301,15 @@ class PhpManager extends BaseManager
*/
public function removeItem($item)
{
if (isset($this->_items[$item->name])) {
foreach ($this->_children as &$children) {
if (isset($this->items[$item->name])) {
foreach ($this->children as &$children) {
unset($children[$item->name]);
}
foreach ($this->_assignments as &$assignments) {
foreach ($this->assignments as &$assignments) {
unset($assignments[$item->name]);
}
unset($this->_items[$item->name]);
$this->save();
unset($this->items[$item->name]);
$this->saveItems();
return true;
} else {
return false;
......@@ -301,7 +321,7 @@ class PhpManager extends BaseManager
*/
public function getItem($name)
{
return isset($this->_items[$name]) ? $this->_items[$name] : null;
return isset($this->items[$name]) ? $this->items[$name] : null;
}
/**
......@@ -310,10 +330,10 @@ class PhpManager extends BaseManager
public function updateRule($name, $rule)
{
if ($rule->name !== $name) {
unset($this->_rules[$name]);
unset($this->rules[$name]);
}
$this->_rules[$rule->name] = $rule;
$this->save();
$this->rules[$rule->name] = $rule;
$this->saveRules();
return true;
}
......@@ -322,7 +342,7 @@ class PhpManager extends BaseManager
*/
public function getRule($name)
{
return isset($this->_rules[$name]) ? $this->_rules[$name] : null;
return isset($this->rules[$name]) ? $this->rules[$name] : null;
}
/**
......@@ -330,7 +350,7 @@ class PhpManager extends BaseManager
*/
public function getRules()
{
return $this->_rules;
return $this->rules;
}
/**
......@@ -340,7 +360,7 @@ class PhpManager extends BaseManager
{
$roles = [];
foreach ($this->getAssignments($userId) as $name => $assignment) {
$roles[$name] = $this->_items[$assignment->roleName];
$roles[$name] = $this->items[$assignment->roleName];
}
return $roles;
......@@ -358,8 +378,8 @@ class PhpManager extends BaseManager
}
$permissions = [];
foreach (array_keys($result) as $itemName) {
if (isset($this->_items[$itemName]) && $this->_items[$itemName] instanceof Permission) {
$permissions[$itemName] = $this->_items[$itemName];
if (isset($this->items[$itemName]) && $this->items[$itemName] instanceof Permission) {
$permissions[$itemName] = $this->items[$itemName];
}
}
return $permissions;
......@@ -373,8 +393,8 @@ class PhpManager extends BaseManager
*/
protected function getChildrenRecursive($name, &$result)
{
if (isset($this->_children[$name])) {
foreach ($this->_children[$name] as $child) {
if (isset($this->children[$name])) {
foreach ($this->children[$name] as $child) {
$result[$child->name] = true;
$this->getChildrenRecursive($child->name, $result);
}
......@@ -398,8 +418,8 @@ class PhpManager extends BaseManager
$permissions = [];
foreach (array_keys($result) as $itemName) {
if (isset($this->_items[$itemName]) && $this->_items[$itemName] instanceof Permission) {
$permissions[$itemName] = $this->_items[$itemName];
if (isset($this->items[$itemName]) && $this->items[$itemName] instanceof Permission) {
$permissions[$itemName] = $this->items[$itemName];
}
}
return $permissions;
......@@ -410,7 +430,7 @@ class PhpManager extends BaseManager
*/
public function getChildren($name)
{
return isset($this->_children[$name]) ? $this->_children[$name] : [];
return isset($this->children[$name]) ? $this->children[$name] : [];
}
/**
......@@ -418,10 +438,10 @@ class PhpManager extends BaseManager
*/
public function removeAll()
{
$this->_children = [];
$this->_items = [];
$this->_assignments = [];
$this->_rules = [];
$this->children = [];
$this->items = [];
$this->assignments = [];
$this->rules = [];
$this->save();
}
......@@ -448,9 +468,9 @@ class PhpManager extends BaseManager
protected function removeAllItems($type)
{
$names = [];
foreach ($this->_items as $name => $item) {
foreach ($this->items as $name => $item) {
if ($item->type == $type) {
unset($this->_items[$name]);
unset($this->items[$name]);
$names[$name] = true;
}
}
......@@ -458,25 +478,25 @@ class PhpManager extends BaseManager
return;
}
foreach ($this->_assignments as $i => $assignment) {
foreach ($this->assignments as $i => $assignment) {
if (isset($names[$assignment->roleName])) {
unset($this->_assignments[$i]);
unset($this->assignments[$i]);
}
}
foreach ($this->_children as $name => $children) {
foreach ($this->children as $name => $children) {
if (isset($names[$name])) {
unset($this->_children[$name]);
unset($this->children[$name]);
} else {
foreach ($children as $childName => $item) {
if (isset($names[$childName])) {
unset($children[$childName]);
}
}
$this->_children[$name] = $children;
$this->children[$name] = $children;
}
}
$this->save();
$this->saveItems();
}
/**
......@@ -484,11 +504,11 @@ class PhpManager extends BaseManager
*/
public function removeAllRules()
{
foreach ($this->_items as $item) {
foreach ($this->items as $item) {
$item->ruleName = null;
}
$this->_rules = [];
$this->save();
$this->rules = [];
$this->saveRules();
}
/**
......@@ -496,8 +516,8 @@ class PhpManager extends BaseManager
*/
public function removeAllAssignments()
{
$this->_assignments = [];
$this->save();
$this->assignments = [];
$this->saveAssignments();
}
/**
......@@ -505,14 +525,14 @@ class PhpManager extends BaseManager
*/
protected function removeRule($rule)
{
if (isset($this->_rules[$rule->name])) {
unset($this->_rules[$rule->name]);
foreach ($this->_items as $item) {
if (isset($this->rules[$rule->name])) {
unset($this->rules[$rule->name]);
foreach ($this->items as $item) {
if ($item->ruleName === $rule->name) {
$item->ruleName = null;
}
}
$this->save();
$this->saveRules();
return true;
} else {
return false;
......@@ -524,8 +544,8 @@ class PhpManager extends BaseManager
*/
protected function addRule($rule)
{
$this->_rules[$rule->name] = $rule;
$this->save();
$this->rules[$rule->name] = $rule;
$this->saveRules();
return true;
}
......@@ -534,25 +554,25 @@ class PhpManager extends BaseManager
*/
protected function updateItem($name, $item)
{
$this->_items[$item->name] = $item;
$this->items[$item->name] = $item;
if ($name !== $item->name) {
if (isset($this->_items[$item->name])) {
if (isset($this->items[$item->name])) {
throw new InvalidParamException("Unable to change the item name. The name '{$item->name}' is already used by another item.");
}
if (isset($this->_items[$name])) {
unset ($this->_items[$name]);
if (isset($this->items[$name])) {
unset ($this->items[$name]);
if (isset($this->_children[$name])) {
$this->_children[$item->name] = $this->_children[$name];
unset ($this->_children[$name]);
if (isset($this->children[$name])) {
$this->children[$item->name] = $this->children[$name];
unset ($this->children[$name]);
}
foreach ($this->_children as &$children) {
foreach ($this->children as &$children) {
if (isset($children[$name])) {
$children[$item->name] = $children[$name];
unset ($children[$name]);
}
}
foreach ($this->_assignments as &$assignments) {
foreach ($this->assignments as &$assignments) {
if (isset($assignments[$name])) {
$assignments[$item->name] = $assignments[$name];
unset($assignments[$name]);
......@@ -560,7 +580,7 @@ class PhpManager extends BaseManager
}
}
}
$this->save();
$this->saveItems();
return true;
}
......@@ -577,9 +597,9 @@ class PhpManager extends BaseManager
$item->updatedAt = $time;
}
$this->_items[$item->name] = $item;
$this->items[$item->name] = $item;
$this->save();
$this->saveItems();
return true;
......@@ -588,95 +608,63 @@ class PhpManager extends BaseManager
/**
* Loads authorization data from persistent storage.
*/
public function load()
{
$this->_children = [];
$this->_rules = [];
$this->_assignments = [];
$this->_items = [];
$data = $this->loadFromFile($this->authFile);
if (isset($data['items'])) {
foreach ($data['items'] as $name => $item) {
$class = $item['type'] == Item::TYPE_PERMISSION ? Permission::className() : Role::className();
$this->_items[$name] = new $class([
'name' => $name,
'description' => isset($item['description']) ? $item['description'] : null,
'ruleName' => isset($item['ruleName']) ? $item['ruleName'] : null,
'data' => isset($item['data']) ? $item['data'] : null,
'createdAt' => isset($item['createdAt']) ? $item['createdAt'] : null,
'updatedAt' => isset($item['updatedAt']) ? $item['updatedAt'] : null,
]);
}
protected function load()
{
$this->children = [];
$this->rules = [];
$this->assignments = [];
$this->items = [];
$items = $this->loadFromFile($this->itemFile);
$itemsMtime = @filemtime($this->itemFile);
$assignments = $this->loadFromFile($this->assignmentFile);
$assignmentsMtime = @filemtime($this->assignmentFile);
$rules = $this->loadFromFile($this->ruleFile);
foreach ($items as $name => $item) {
$class = $item['type'] == Item::TYPE_PERMISSION ? Permission::className() : Role::className();
$this->items[$name] = new $class([
'name' => $name,
'description' => isset($item['description']) ? $item['description'] : null,
'ruleName' => isset($item['ruleName']) ? $item['ruleName'] : null,
'data' => isset($item['data']) ? $item['data'] : null,
'createdAt' => $itemsMtime,
'updatedAt' => $itemsMtime,
]);
}
foreach ($data['items'] as $name => $item) {
if (isset($item['children'])) {
foreach ($item['children'] as $childName) {
if (isset($this->_items[$childName])) {
$this->_children[$name][$childName] = $this->_items[$childName];
}
}
}
if (isset($item['assignments'])) {
foreach ($item['assignments'] as $userId => $assignment) {
$this->_assignments[$userId][$name] = new Assignment([
'userId' => $userId,
'roleName' => $assignment['roleName'],
'createdAt' => isset($assignment['createdAt']) ? $assignment['createdAt'] : null,
]);
foreach ($items as $name => $item) {
if (isset($item['children'])) {
foreach ($item['children'] as $childName) {
if (isset($this->items[$childName])) {
$this->children[$name][$childName] = $this->items[$childName];
}
}
}
}
if (isset($data['rules'])) {
foreach ($data['rules'] as $name => $ruleData) {
$this->_rules[$name] = unserialize($ruleData);
}
foreach ($assignments as $userId => $role) {
$this->assignments[$userId][$role] = new Assignment([
'userId' => $userId,
'roleName' => $role,
'createdAt' => $assignmentsMtime,
]);
}
foreach ($rules as $name => $ruleData) {
$this->rules[$name] = unserialize($ruleData);
}
}
/**
* Saves authorization data into persistent storage.
*/
public function save()
protected function save()
{
$items = [];
foreach ($this->_items as $name => $item) {
/* @var $item Item */
$items[$name] = array_filter([
'type' => $item->type,
'description' => $item->description,
'ruleName' => $item->ruleName,
'data' => $item->data,
]);
if (isset($this->_children[$name])) {
foreach ($this->_children[$name] as $child) {
/* @var $child Item */
$items[$name]['children'][] = $child->name;
}
}
}
foreach ($this->_assignments as $userId => $assignments) {
foreach ($assignments as $name => $assignment) {
/* @var $assignment Assignment */
if (isset($items[$name])) {
$items[$name]['assignments'][$userId] = [
'roleName' => $assignment->roleName,
];
}
}
}
$rules = [];
foreach ($this->_rules as $name => $rule) {
$rules[$name] = serialize($rule);
}
$this->saveToFile(['items' => $items, 'rules' => $rules], $this->authFile);
$this->saveItems();
$this->saveAssignments();
$this->saveRules();
}
/**
......@@ -706,4 +694,57 @@ class PhpManager extends BaseManager
{
file_put_contents($file, "<?php\nreturn " . VarDumper::export($data) . ";\n", LOCK_EX);
}
/**
* Saves items data into persistent storage.
*/
protected function saveItems()
{
$items = [];
foreach ($this->items as $name => $item) {
/* @var $item Item */
$items[$name] = array_filter(
[
'type' => $item->type,
'description' => $item->description,
'ruleName' => $item->ruleName,
'data' => $item->data,
]
);
if (isset($this->children[$name])) {
foreach ($this->children[$name] as $child) {
/* @var $child Item */
$items[$name]['children'][] = $child->name;
}
}
}
$this->saveToFile($items, $this->itemFile);
}
/**
* Saves assignments data into persistent storage.
*/
protected function saveAssignments()
{
$assignmentData = [];
foreach ($this->assignments as $userId => $assignments) {
foreach ($assignments as $name => $assignment) {
/* @var $assignment Assignment */
$assignmentData[$userId] = $assignment->roleName;
}
}
$this->saveToFile($assignmentData, $this->assignmentFile);
}
/**
* Saves rules data into persistent storage.
*/
protected function saveRules()
{
$rules = [];
foreach ($this->rules as $name => $rule) {
$rules[$name] = serialize($rule);
}
$this->saveToFile($rules, $this->ruleFile);
}
}
framework/requirements/requirements.php
......@@ -39,6 +39,13 @@ return array(
'memo' => 'Required for multibyte encoding string processing.'
),
array(
'name' => 'Mcrypt extension',
'mandatory' => false,
'condition' => extension_loaded('mcrypt'),
'by' => '<a href="http://www.yiiframework.com/doc-2.0/yii-base-security.html">Security Component</a>',
'memo' => 'Required by encrypt and decrypt methods.'
),
array(
'name' => 'Intl extension',
'mandatory' => false,
'condition' => $this->checkPhpExtensionVersion('intl', '1.0.2', '>='),
......@@ -50,7 +57,7 @@ return array(
),
array(
'name' => 'Fileinfo extension',
'mandatory' => true,
'mandatory' => false,
'condition' => extension_loaded('fileinfo'),
'by' => '<a href="http://www.php.net/manual/en/book.fileinfo.php">File Information</a>',
'memo' => 'Required for files upload to detect correct file mime-types.'
......
tests/unit/framework/base/SecurityTest.php
......@@ -131,4 +131,11 @@ class SecurityTest extends TestCase
$decryptedData = $this->security->decrypt($encryptedData, $key);
$this->assertEquals($data, $decryptedData);
}
public function testGenerateRandomKey()
{
$keyLength = 20;
$key = $this->security->generateRandomKey($keyLength);
$this->assertEquals($keyLength, strlen($key));
}
}
tests/unit/framework/rbac/ExposedPhpManager.php 0 → 100644
<?php
namespace yiiunit\framework\rbac;
use yii\rbac\PhpManager;
/**
* Exposes protected properties and methods to inspect from outside
*/
class ExposedPhpManager extends PhpManager
{
/**
* @var \yii\rbac\Item[]
*/
public $items = []; // itemName => item
/**
* @var array
*/
public $children = []; // itemName, childName => child
/**
* @var \yii\rbac\Assignment[]
*/
public $assignments = []; // userId, itemName => assignment
/**
* @var \yii\rbac\Rule[]
*/
public $rules = []; // ruleName => rule
public function load()
{
parent::load();
}
public function save()
{
parent::save();
}
}
\ No newline at end of file
tests/unit/framework/rbac/ManagerTestCase.php
......@@ -7,6 +7,9 @@ use yii\rbac\Permission;
use yii\rbac\Role;
use yiiunit\TestCase;
/**
* ManagerTestCase
*/
abstract class ManagerTestCase extends TestCase
{
/**
......@@ -14,7 +17,7 @@ abstract class ManagerTestCase extends TestCase
*/
protected $auth;
public function testCreateRoleAndPermission()
public function testCreateRole()
{
$role = $this->auth->createRole('admin');
$this->assertTrue($role instanceof Role);
......@@ -57,174 +60,6 @@ abstract class ManagerTestCase extends TestCase
$this->auth->addChild($user, $changeName);
$this->assertCount(1, $this->auth->getChildren($user->name));
}
/*
public function testRemove()
{
}
public function testUpdate()
{
}
public function testCreateItem()
{
$type = Item::TYPE_TASK;
$name = 'editUser';
$description = 'edit a user';
$ruleName = 'isAuthor';
$data = [1, 2, 3];
$item = $this->auth->createItem($name, $type, $description, $ruleName, $data);
$this->assertTrue($item instanceof Item);
$this->assertEquals($item->type, $type);
$this->assertEquals($item->name, $name);
$this->assertEquals($item->description, $description);
$this->assertEquals($item->ruleName, $ruleName);
$this->assertEquals($item->data, $data);
// test shortcut
$name2 = 'createUser';
$item2 = $this->auth->createRole($name2, $description, $ruleName, $data);
$this->assertEquals($item2->type, Item::TYPE_ROLE);
// test adding an item with the same name
$this->setExpectedException('\yii\base\Exception');
$this->auth->createItem($name, $type, $description, $ruleName, $data);
}
public function testGetItem()
{
$this->assertTrue($this->auth->getItem('readPost') instanceof Item);
$this->assertTrue($this->auth->getItem('reader') instanceof Item);
$this->assertNull($this->auth->getItem('unknown'));
}
public function testRemoveItem()
{
$this->assertTrue($this->auth->getItem('updatePost') instanceof Item);
$this->assertTrue($this->auth->removeItem('updatePost'));
$this->assertNull($this->auth->getItem('updatePost'));
$this->assertFalse($this->auth->removeItem('updatePost'));
}
public function testChangeItemName()
{
$item = $this->auth->getItem('readPost');
$this->assertTrue($item instanceof Item);
$this->assertTrue($this->auth->hasItemChild('reader', 'readPost'));
$item->name = 'readPost2';
$item->save();
$this->assertNull($this->auth->getItem('readPost'));
$this->assertEquals($this->auth->getItem('readPost2'), $item);
$this->assertFalse($this->auth->hasItemChild('reader', 'readPost'));
$this->assertTrue($this->auth->hasItemChild('reader', 'readPost2'));
}
public function testAddItemChild()
{
$this->auth->addItemChild('createPost', 'updatePost');
// test adding upper level item to lower one
$this->setExpectedException('\yii\base\Exception');
$this->auth->addItemChild('readPost', 'reader');
}
public function testAddItemChild2()
{
// test adding inexistent items
$this->setExpectedException('\yii\base\Exception');
$this->assertFalse($this->auth->addItemChild('createPost2', 'updatePost'));
}
public function testRemoveItemChild()
{
$this->assertTrue($this->auth->hasItemChild('reader', 'readPost'));
$this->assertTrue($this->auth->removeItemChild('reader', 'readPost'));
$this->assertFalse($this->auth->hasItemChild('reader', 'readPost'));
$this->assertFalse($this->auth->removeItemChild('reader', 'readPost'));
}
public function testGetItemChildren()
{
$this->assertEquals([], $this->auth->getItemChildren('readPost'));
$children = $this->auth->getItemChildren('author');
$this->assertEquals(3, count($children));
$this->assertTrue(reset($children) instanceof Item);
}
public function testAssign()
{
$auth = $this->auth->assign('new user', 'createPost', 'isAuthor', 'data');
$this->assertTrue($auth instanceof Assignment);
$this->assertEquals($auth->userId, 'new user');
$this->assertEquals($auth->itemName, 'createPost');
$this->assertEquals($auth->ruleName, 'isAuthor');
$this->assertEquals($auth->data, 'data');
$this->setExpectedException('\yii\base\Exception');
$this->auth->assign('new user', 'createPost2', 'rule', 'data');
}
public function testRevoke()
{
$this->assertTrue($this->auth->isAssigned('author B', 'author'));
$auth = $this->auth->getAssignment('author B', 'author');
$this->assertTrue($auth instanceof Assignment);
$this->assertTrue($this->auth->revoke('author B', 'author'));
$this->assertFalse($this->auth->isAssigned('author B', 'author'));
$this->assertFalse($this->auth->revoke('author B', 'author'));
}
public function testRevokeAll()
{
$this->assertTrue($this->auth->revokeAll('reader E'));
$this->assertFalse($this->auth->isAssigned('reader E', 'reader'));
}
public function testGetAssignments()
{
$this->auth->assign('author B', 'deletePost');
$auths = $this->auth->getAssignments('author B');
$this->assertEquals(2, count($auths));
$this->assertTrue(reset($auths) instanceof Assignment);
}
public function testGetItems()
{
$this->assertEquals(count($this->auth->getRoles()), 4);
$this->assertEquals(count($this->auth->getOperations()), 4);
$this->assertEquals(count($this->auth->getTasks()), 1);
$this->assertEquals(count($this->auth->getItems()), 9);
$this->assertEquals(count($this->auth->getItems('author B', null)), 1);
$this->assertEquals(count($this->auth->getItems('author C', null)), 0);
$this->assertEquals(count($this->auth->getItems('author B', Item::TYPE_ROLE)), 1);
$this->assertEquals(count($this->auth->getItems('author B', Item::TYPE_OPERATION)), 0);
}
public function testClearAll()
{
$this->auth->clearAll();
$this->assertEquals(count($this->auth->getRoles()), 0);
$this->assertEquals(count($this->auth->getOperations()), 0);
$this->assertEquals(count($this->auth->getTasks()), 0);
$this->assertEquals(count($this->auth->getItems()), 0);
$this->assertEquals(count($this->auth->getAssignments('author B')), 0);
}
public function testClearAssignments()
{
$this->auth->clearAssignments();
$this->assertEquals(count($this->auth->getAssignments('author B')), 0);
}
public function testDetectLoop()
{
$this->setExpectedException('\yii\base\Exception');
$this->auth->addItemChild('readPost', 'readPost');
}
*/
public function testGetRule()
{
......
tests/unit/framework/rbac/PhpManagerTest.php
......@@ -3,38 +3,74 @@
namespace yiiunit\framework\rbac;
use Yii;
use yii\rbac\PhpManager;
/**
* @group rbac
* @property \yii\rbac\PhpManager $auth
* @property ExposedPhpManager $auth
*/
class PhpManagerTest extends ManagerTestCase
{
protected function getItemFile()
{
return Yii::$app->getRuntimePath() . '/rbac-items.php';
}
protected function getAssignmentFile()
{
return Yii::$app->getRuntimePath() . '/rbac-assignments.php';
}
protected function getRuleFile()
{
return Yii::$app->getRuntimePath() . '/rbac-rules.php';
}
protected function removeDataFiles()
{
@unlink($this->getItemFile());
@unlink($this->getAssignmentFile());
@unlink($this->getRuleFile());
}
protected function createManager()
{
return new ExposedPhpManager([
'itemFile' => $this->getItemFile(),
'assignmentFile' => $this->getAssignmentFile(),
'ruleFile' => $this->getRuleFile(),
]);
}
protected function setUp()
{
parent::setUp();
$this->mockApplication();
$authFile = Yii::$app->getRuntimePath() . '/rbac.php';
@unlink($authFile);
$this->auth = new PhpManager();
$this->auth->authFile = $authFile;
$this->auth->init();
$this->removeDataFiles();
$this->auth = $this->createManager();
}
protected function tearDown()
{
$this->removeDataFiles();
parent::tearDown();
@unlink($this->auth->authFile);
}
public function testSaveLoad()
{
$this->prepareData();
$items = $this->auth->items;
$children = $this->auth->children;
$assignments = $this->auth->assignments;
$rules = $this->auth->rules;
$this->auth->save();
$this->auth->removeAll();
$this->auth = $this->createManager();
$this->auth->load();
// TODO : Check if loaded and saved data are the same.
}
$this->assertEquals($items, $this->auth->items);
$this->assertEquals($children, $this->auth->children);
$this->assertEquals($assignments, $this->auth->assignments);
$this->assertEquals($rules, $this->auth->rules);
}
}
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment