PhpManager
extends BaseManager
in package
PhpManager represents an authorization manager that stores authorization information in terms of a PHP script file.
The authorization data will be saved to and loaded from three files specified by [[itemFile]], [[assignmentFile]] and [[ruleFile]].
PhpManager is mainly suitable for authorization data that is not too big (for example, the authorization data for a personal blog system). Use [[DbManager]] for more complex authorization data.
Note that PhpManager is not compatible with facebooks HHVM because it relies on writing php files and including them afterwards which is not supported by HHVM.
For more details and usage information on PhpManager, see the guide article on security authorization.
Tags
Table of Contents
Properties
- $assignmentFile : string
- $behaviors : array<string|int, Behavior>
- $defaultRoleInstances : array<string|int, Role>
- $defaultRoles : array<string|int, string>
- $itemFile : string
- $ruleFile : string
- $assignments : array<string|int, mixed>
- $children : array<string|int, mixed>
- $defaultRoles : array<string|int, mixed>
- $items : array<string|int, Item>
- $rules : array<string|int, Rule>
- $_behaviors : array<string|int, Behavior>|null
- $_events : array<string|int, mixed>
- $_eventWildcards : array<string|int, mixed>
Methods
- __call() : mixed
- Calls the named method which is not a class method.
- __clone() : mixed
- This method is called after the object is created by cloning an existing one.
- __construct() : mixed
- Constructor.
- __get() : mixed
- Returns the value of a component property.
- __isset() : bool
- Checks if a property is set, i.e. defined and not null.
- __set() : mixed
- Sets the value of a component property.
- __unset() : mixed
- Sets a component property to be null.
- add() : bool
- Adds a role, permission or rule to the RBAC system.
- addChild() : bool
- Adds an item as a child of another item.
- assign() : Assignment
- Assigns a role to a user.
- attachBehavior() : Behavior
- Attaches a behavior to this component.
- attachBehaviors() : mixed
- Attaches a list of behaviors to the component.
- behaviors() : array<string|int, mixed>
- Returns a list of behaviors that this component should behave as.
- canAddChild() : bool
- Checks the possibility of adding a child to parent.
- canGetProperty() : bool
- Returns a value indicating whether a property can be read.
- canSetProperty() : bool
- Returns a value indicating whether a property can be set.
- checkAccess() : bool
- Checks if the user has the specified permission.
- className() : string
- Returns the fully qualified name of this class.
- createPermission() : Permission
- Creates a new Permission object.
- createRole() : Role
- Creates a new Role object.
- detachBehavior() : Behavior|null
- Detaches a behavior from the component.
- detachBehaviors() : mixed
- Detaches all behaviors from the component.
- ensureBehaviors() : mixed
- Makes sure that the behaviors declared in [[behaviors()]] are attached to this component.
- getAssignment() : Assignment|null
- Returns the assignment information regarding a role and a user.
- getAssignments() : array<string|int, Assignment>
- Returns all role assignment information for the specified user.
- getBehavior() : Behavior|null
- Returns the named behavior object.
- getBehaviors() : array<string|int, Behavior>
- Returns all behaviors attached to this component.
- getChildren() : array<string|int, Item>
- Returns the child permissions and/or roles.
- getChildRoles() : array<string|int, Role>
- Returns child roles of the role specified. Depth isn't limited.
- getDefaultRoleInstances() : array<string|int, Role>
- Returns defaultRoles as array of Role objects.
- getDefaultRoles() : array<string|int, string>
- Get default roles
- getItem() : Item|null
- Returns the named auth item.
- getItems() : array<string|int, Item>
- Returns the items of the specified type.
- getPermission() : Permission|null
- Returns the named permission.
- getPermissions() : array<string|int, Permission>
- Returns all permissions in the system.
- getPermissionsByRole() : array<string|int, Permission>
- Returns all permissions that the specified role represents.
- getPermissionsByUser() : array<string|int, Permission>
- Returns all permissions that the user has.
- getRole() : Role|null
- Returns the named role.
- getRoles() : array<string|int, Role>
- Returns all roles in the system.
- getRolesByUser() : array<string|int, Role>
- {@inheritdoc} The roles returned by this method include the roles assigned via [[$defaultRoles]].
- getRule() : Rule|null
- Returns the rule of the specified name.
- getRules() : array<string|int, Rule>
- Returns all rules available in the system.
- getUserIdsByRole() : array<string|int, mixed>
- Returns all user IDs assigned to the role specified.
- hasChild() : bool
- Returns a value indicating whether the child already exists for the parent.
- hasEventHandlers() : bool
- Returns a value indicating whether there is any handler attached to the named event.
- hasMethod() : bool
- Returns a value indicating whether a method is defined.
- hasProperty() : bool
- Returns a value indicating whether a property is defined for this component.
- init() : mixed
- Initializes the application component.
- off() : bool
- Detaches an existing event handler from this component.
- on() : mixed
- Attaches an event handler to an event.
- remove() : bool
- Removes a role, permission or rule from the RBAC system.
- removeAll() : mixed
- Removes all authorization data, including roles, permissions, rules, and assignments.
- removeAllAssignments() : mixed
- Removes all role assignments.
- removeAllPermissions() : mixed
- Removes all permissions.
- removeAllRoles() : mixed
- Removes all roles.
- removeAllRules() : mixed
- Removes all rules.
- removeChild() : bool
- Removes a child from its parent.
- removeChildren() : bool
- Removed all children form their parent.
- removeItem() : bool
- Removes an auth item from the RBAC system.
- revoke() : bool
- Revokes a role from a user.
- revokeAll() : bool
- Revokes all roles from a user.
- setDefaultRoles() : mixed
- Set default roles
- trigger() : mixed
- Triggers an event.
- update() : bool
- Updates the specified role, permission or rule in the system.
- updateRule() : bool
- Updates a rule to the RBAC system.
- addItem() : bool
- Adds an auth item to the RBAC system.
- addRule() : bool
- Adds a rule to the RBAC system.
- checkAccessRecursive() : bool
- Performs access check for the specified user.
- detectLoop() : bool
- Checks whether there is a loop in the authorization item hierarchy.
- executeRule() : bool
- Executes the rule associated with the specified auth item.
- getChildrenRecursive() : mixed
- Recursively finds all children and grand children of the specified item.
- getDirectPermissionsByUser() : array<string|int, Permission>
- Returns all permissions that are directly assigned to user.
- getInheritedPermissionsByUser() : array<string|int, Permission>
- Returns all permissions that the user inherits from the roles assigned to him.
- hasNoAssignments() : bool
- Checks whether array of $assignments is empty and [[defaultRoles]] property is empty as well.
- invalidateScriptCache() : mixed
- Invalidates precompiled script cache (such as OPCache or APC) for the given file.
- load() : mixed
- Loads authorization data from persistent storage.
- loadFromFile() : array<string|int, mixed>
- Loads the authorization data from a PHP script file.
- removeAllItems() : mixed
- Removes all auth items of the specified type.
- removeRule() : bool
- Removes a rule from the RBAC system.
- save() : mixed
- Saves authorization data into persistent storage.
- saveAssignments() : mixed
- Saves assignments data into persistent storage.
- saveItems() : mixed
- Saves items data into persistent storage.
- saveRules() : mixed
- Saves rules data into persistent storage.
- saveToFile() : mixed
- Saves the authorization data to a PHP script file.
- updateItem() : bool
- Updates an auth item in the RBAC system.
- attachBehaviorInternal() : Behavior
- Attaches a behavior to this component.
Properties
$assignmentFile
public
string
$assignmentFile
= '@app/rbac/assignments.php'
the path of the PHP script that contains the authorization assignments. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.
Tags
$behaviors read-only
public
array<string|int, Behavior>
$behaviors
List of behaviors attached to this component.
$defaultRoleInstances read-only
public
array<string|int, Role>
$defaultRoleInstances
Default roles. The array is indexed by the role names.
$defaultRoles
public
array<string|int, string>
$defaultRoles
Default roles. Note that the type of this property differs in getter and setter. See [[getDefaultRoles()]] and [[setDefaultRoles()]] for details.
$itemFile
public
string
$itemFile
= '@app/rbac/items.php'
the path of the PHP script that contains the authorization items. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.
Tags
$ruleFile
public
string
$ruleFile
= '@app/rbac/rules.php'
the path of the PHP script that contains the authorization rules. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.
Tags
$assignments
protected
array<string|int, mixed>
$assignments
= []
$children
protected
array<string|int, mixed>
$children
= []
$defaultRoles
protected
array<string|int, mixed>
$defaultRoles
= []
a list of role names that are assigned to every user automatically without calling [[assign()]]. Note that these roles are applied to users, regardless of their state of authentication.
$items
protected
array<string|int, Item>
$items
= []
$rules
protected
array<string|int, Rule>
$rules
= []
$_behaviors
private
array<string|int, Behavior>|null
$_behaviors
the attached behaviors (behavior name => behavior). This is null when not initialized.
$_events
private
array<string|int, mixed>
$_events
= []
the attached event handlers (event name => handlers)
$_eventWildcards
private
array<string|int, mixed>
$_eventWildcards
= []
the event handlers attached for wildcard patterns (event name wildcard => handlers)
Tags
Methods
__call()
Calls the named method which is not a class method.
public
__call(string $name, array<string|int, mixed> $params) : mixed
This method will check if any attached behavior has the named method and will execute it if available.
Do not call this method directly as it is a PHP magic method that will be implicitly called when an unknown method is being invoked.
Parameters
- $name : string
-
the method name
- $params : array<string|int, mixed>
-
method parameters
Tags
Return values
mixed —the method return value
__clone()
This method is called after the object is created by cloning an existing one.
public
__clone() : mixed
It removes all behaviors because they are attached to the old object.
__construct()
Constructor.
public
__construct([array<string|int, mixed> $config = [] ]) : mixed
The default implementation does two things:
- Initializes the object with the given configuration
$config. - Call [[init()]].
If this method is overridden in a child class, it is recommended that
- the last parameter of the constructor is a configuration array, like
$confighere. - call the parent implementation at the end of the constructor.
Parameters
- $config : array<string|int, mixed> = []
-
name-value pairs that will be used to initialize the object properties
__get()
Returns the value of a component property.
public
__get(string $name) : mixed
This method will check in the following order and act accordingly:
- a property defined by a getter: return the getter result
- a property of a behavior: return the behavior property value
Do not call this method directly as it is a PHP magic method that
will be implicitly called when executing $value = $component->property;.
Parameters
- $name : string
-
the property name
Tags
Return values
mixed —the property value or the value of a behavior's property
__isset()
Checks if a property is set, i.e. defined and not null.
public
__isset(string $name) : bool
This method will check in the following order and act accordingly:
- a property defined by a setter: return whether the property is set
- a property of a behavior: return whether the property is set
- return
falsefor non existing properties
Do not call this method directly as it is a PHP magic method that
will be implicitly called when executing isset($component->property).
Parameters
- $name : string
-
the property name or the event name
Tags
Return values
bool —whether the named property is set
__set()
Sets the value of a component property.
public
__set(string $name, mixed $value) : mixed
This method will check in the following order and act accordingly:
- a property defined by a setter: set the property value
- an event in the format of "on xyz": attach the handler to the event "xyz"
- a behavior in the format of "as xyz": attach the behavior named as "xyz"
- a property of a behavior: set the behavior property value
Do not call this method directly as it is a PHP magic method that
will be implicitly called when executing $component->property = $value;.
Parameters
- $name : string
-
the property name or the event name
- $value : mixed
-
the property value
Tags
__unset()
Sets a component property to be null.
public
__unset(string $name) : mixed
This method will check in the following order and act accordingly:
- a property defined by a setter: set the property value to be null
- a property of a behavior: set the property value to be null
Do not call this method directly as it is a PHP magic method that
will be implicitly called when executing unset($component->property).
Parameters
- $name : string
-
the property name
Tags
add()
Adds a role, permission or rule to the RBAC system.
public
add(mixed $object) : bool
Parameters
- $object : mixed
Return values
bool —whether the role, permission or rule is successfully added to the system
addChild()
Adds an item as a child of another item.
public
addChild(mixed $parent, mixed $child) : bool
Parameters
- $parent : mixed
- $child : mixed
Return values
bool —whether the child successfully added
assign()
Assigns a role to a user.
public
assign(mixed $role, mixed $userId) : Assignment
Parameters
- $role : mixed
- $userId : mixed
-
the user ID (see [[\yii\web\User::id]])
Return values
Assignment —the role assignment information.
attachBehavior()
Attaches a behavior to this component.
public
attachBehavior(string $name, string|array<string|int, mixed>|Behavior $behavior) : Behavior
This method will create the behavior object based on the given configuration. After that, the behavior object will be attached to this component by calling the [[Behavior::attach()]] method.
Parameters
- $name : string
-
the name of the behavior.
- $behavior : string|array<string|int, mixed>|Behavior
-
the behavior configuration. This can be one of the following:
- a [[Behavior]] object
- a string specifying the behavior class
- an object configuration array that will be passed to [[Yii::createObject()]] to create the behavior object.
Tags
Return values
Behavior —the behavior object
attachBehaviors()
Attaches a list of behaviors to the component.
public
attachBehaviors(array<string|int, mixed> $behaviors) : mixed
Each behavior is indexed by its name and should be a [[Behavior]] object, a string specifying the behavior class, or an configuration array for creating the behavior.
Parameters
- $behaviors : array<string|int, mixed>
-
list of behaviors to be attached to the component
Tags
behaviors()
Returns a list of behaviors that this component should behave as.
public
behaviors() : array<string|int, mixed>
Child classes may override this method to specify the behaviors they want to behave as.
The return value of this method should be an array of behavior objects or configurations indexed by behavior names. A behavior configuration can be either a string specifying the behavior class or an array of the following structure:
'behaviorName' => [
'class' => 'BehaviorClass',
'property1' => 'value1',
'property2' => 'value2',
]
Note that a behavior class must extend from [[Behavior]]. Behaviors can be attached using a name or anonymously. When a name is used as the array key, using this name, the behavior can later be retrieved using [[getBehavior()]] or be detached using [[detachBehavior()]]. Anonymous behaviors can not be retrieved or detached.
Behaviors declared in this method will be attached to the component automatically (on demand).
Return values
array<string|int, mixed> —the behavior configurations.
canAddChild()
Checks the possibility of adding a child to parent.
public
canAddChild(mixed $parent, mixed $child) : bool
Parameters
- $parent : mixed
-
the parent item
- $child : mixed
-
the child item to be added to the hierarchy
Tags
Return values
bool —possibility of adding
canGetProperty()
Returns a value indicating whether a property can be read.
public
canGetProperty(string $name[, bool $checkVars = true ][, bool $checkBehaviors = true ]) : bool
A property can be read if:
- the class has a getter method associated with the specified name (in this case, property name is case-insensitive);
- the class has a member variable with the specified name (when
$checkVarsis true); - an attached behavior has a readable property of the given name (when
$checkBehaviorsis true).
Parameters
- $name : string
-
the property name
- $checkVars : bool = true
-
whether to treat member variables as properties
- $checkBehaviors : bool = true
-
whether to treat behaviors' properties as properties of this component
Tags
Return values
bool —whether the property can be read
canSetProperty()
Returns a value indicating whether a property can be set.
public
canSetProperty(string $name[, bool $checkVars = true ][, bool $checkBehaviors = true ]) : bool
A property can be written if:
- the class has a setter method associated with the specified name (in this case, property name is case-insensitive);
- the class has a member variable with the specified name (when
$checkVarsis true); - an attached behavior has a writable property of the given name (when
$checkBehaviorsis true).
Parameters
- $name : string
-
the property name
- $checkVars : bool = true
-
whether to treat member variables as properties
- $checkBehaviors : bool = true
-
whether to treat behaviors' properties as properties of this component
Tags
Return values
bool —whether the property can be written
checkAccess()
Checks if the user has the specified permission.
public
checkAccess(mixed $userId, mixed $permissionName[, mixed $params = [] ]) : bool
Parameters
- $userId : mixed
-
the user ID. This should be either an integer or a string representing the unique identifier of a user. See [[\yii\web\User::id]].
- $permissionName : mixed
-
the name of the permission to be checked against
- $params : mixed = []
-
name-value pairs that will be passed to the rules associated with the roles and permissions assigned to the user.
Return values
bool —whether the user has the specified permission.
className()
Returns the fully qualified name of this class.
public
static className() : string
Tags
Return values
string —the fully qualified name of this class.
createPermission()
Creates a new Permission object.
public
createPermission(mixed $name) : Permission
Parameters
- $name : mixed
-
the permission name
Return values
Permission —the new Permission object
createRole()
Creates a new Role object.
public
createRole(mixed $name) : Role
Parameters
- $name : mixed
-
the role name
Return values
Role —the new Role object
detachBehavior()
Detaches a behavior from the component.
public
detachBehavior(string $name) : Behavior|null
The behavior's [[Behavior::detach()]] method will be invoked.
Parameters
- $name : string
-
the behavior's name.
Return values
Behavior|null —the detached behavior. Null if the behavior does not exist.
detachBehaviors()
Detaches all behaviors from the component.
public
detachBehaviors() : mixed
ensureBehaviors()
Makes sure that the behaviors declared in [[behaviors()]] are attached to this component.
public
ensureBehaviors() : mixed
getAssignment()
Returns the assignment information regarding a role and a user.
public
getAssignment(mixed $roleName, mixed $userId) : Assignment|null
Parameters
- $roleName : mixed
-
the role name
- $userId : mixed
-
the user ID (see [[\yii\web\User::id]])
Return values
Assignment|null —the assignment information. Null is returned if the role is not assigned to the user.
getAssignments()
Returns all role assignment information for the specified user.
public
getAssignments(mixed $userId) : array<string|int, Assignment>
Parameters
- $userId : mixed
-
the user ID (see [[\yii\web\User::id]])
Return values
array<string|int, Assignment> —the assignments indexed by role names. An empty array will be returned if there is no role assigned to the user.
getBehavior()
Returns the named behavior object.
public
getBehavior(string $name) : Behavior|null
Parameters
- $name : string
-
the behavior name
Return values
Behavior|null —the behavior object, or null if the behavior does not exist
getBehaviors()
Returns all behaviors attached to this component.
public
getBehaviors() : array<string|int, Behavior>
Return values
array<string|int, Behavior> —list of behaviors attached to this component
getChildren()
Returns the child permissions and/or roles.
public
getChildren(mixed $name) : array<string|int, Item>
Parameters
- $name : mixed
-
the parent name
Return values
array<string|int, Item> —the child permissions and/or roles
getChildRoles()
Returns child roles of the role specified. Depth isn't limited.
public
getChildRoles(mixed $roleName) : array<string|int, Role>
Parameters
- $roleName : mixed
-
name of the role to file child roles for
Return values
array<string|int, Role> —Child roles. The array is indexed by the role names. First element is an instance of the parent Role itself.
getDefaultRoleInstances()
Returns defaultRoles as array of Role objects.
public
getDefaultRoleInstances() : array<string|int, Role>
Tags
Return values
array<string|int, Role> —default roles. The array is indexed by the role names
getDefaultRoles()
Get default roles
public
getDefaultRoles() : array<string|int, string>
Tags
Return values
array<string|int, string> —default roles
getItem()
Returns the named auth item.
public
getItem(mixed $name) : Item|null
Parameters
- $name : mixed
-
the auth item name.
Return values
Item|null —the auth item corresponding to the specified name. Null is returned if no such item.
getItems()
Returns the items of the specified type.
public
getItems(mixed $type) : array<string|int, Item>
Parameters
- $type : mixed
-
the auth item type (either [[Item::TYPE_ROLE]] or [[Item::TYPE_PERMISSION]]
Return values
array<string|int, Item> —the auth items of the specified type.
getPermission()
Returns the named permission.
public
getPermission(mixed $name) : Permission|null
Parameters
- $name : mixed
-
the permission name.
Return values
Permission|null —the permission corresponding to the specified name. Null is returned if no such permission.
getPermissions()
Returns all permissions in the system.
public
getPermissions() : array<string|int, Permission>
Return values
array<string|int, Permission> —all permissions in the system. The array is indexed by the permission names.
getPermissionsByRole()
Returns all permissions that the specified role represents.
public
getPermissionsByRole(mixed $roleName) : array<string|int, Permission>
Parameters
- $roleName : mixed
-
the role name
Return values
array<string|int, Permission> —all permissions that the role represents. The array is indexed by the permission names.
getPermissionsByUser()
Returns all permissions that the user has.
public
getPermissionsByUser(mixed $userId) : array<string|int, Permission>
Parameters
- $userId : mixed
-
the user ID (see [[\yii\web\User::id]])
Return values
array<string|int, Permission> —all permissions that the user has. The array is indexed by the permission names.
getRole()
Returns the named role.
public
getRole(mixed $name) : Role|null
Parameters
- $name : mixed
-
the role name.
Return values
Role|null —the role corresponding to the specified name. Null is returned if no such role.
getRoles()
Returns all roles in the system.
public
getRoles() : array<string|int, Role>
Return values
array<string|int, Role> —all roles in the system. The array is indexed by the role names.
getRolesByUser()
{@inheritdoc} The roles returned by this method include the roles assigned via [[$defaultRoles]].
public
getRolesByUser(mixed $userId) : array<string|int, Role>
Parameters
- $userId : mixed
-
the user ID (see [[\yii\web\User::id]])
Return values
array<string|int, Role> —all roles directly assigned to the user. The array is indexed by the role names.
getRule()
Returns the rule of the specified name.
public
getRule(mixed $name) : Rule|null
Parameters
- $name : mixed
-
the rule name
Return values
Rule|null —the rule object, or null if the specified name does not correspond to a rule.
getRules()
Returns all rules available in the system.
public
getRules() : array<string|int, Rule>
Return values
array<string|int, Rule> —the rules indexed by the rule names
getUserIdsByRole()
Returns all user IDs assigned to the role specified.
public
getUserIdsByRole(mixed $roleName) : array<string|int, mixed>
Parameters
- $roleName : mixed
Tags
Return values
array<string|int, mixed> —array of user ID strings
hasChild()
Returns a value indicating whether the child already exists for the parent.
public
hasChild(mixed $parent, mixed $child) : bool
Parameters
- $parent : mixed
- $child : mixed
Return values
bool —whether $child is already a child of $parent
hasEventHandlers()
Returns a value indicating whether there is any handler attached to the named event.
public
hasEventHandlers(string $name) : bool
Parameters
- $name : string
-
the event name
Return values
bool —whether there is any handler attached to the event.
hasMethod()
Returns a value indicating whether a method is defined.
public
hasMethod(string $name[, bool $checkBehaviors = true ]) : bool
A method is defined if:
- the class has a method with the specified name
- an attached behavior has a method with the given name (when
$checkBehaviorsis true).
Parameters
- $name : string
-
the property name
- $checkBehaviors : bool = true
-
whether to treat behaviors' methods as methods of this component
Return values
bool —whether the method is defined
hasProperty()
Returns a value indicating whether a property is defined for this component.
public
hasProperty(string $name[, bool $checkVars = true ][, bool $checkBehaviors = true ]) : bool
A property is defined if:
- the class has a getter or setter method associated with the specified name (in this case, property name is case-insensitive);
- the class has a member variable with the specified name (when
$checkVarsis true); - an attached behavior has a property of the given name (when
$checkBehaviorsis true).
Parameters
- $name : string
-
the property name
- $checkVars : bool = true
-
whether to treat member variables as properties
- $checkBehaviors : bool = true
-
whether to treat behaviors' properties as properties of this component
Tags
Return values
bool —whether the property is defined
init()
Initializes the application component.
public
init() : mixed
This method overrides parent implementation by loading the authorization data from PHP script.
off()
Detaches an existing event handler from this component.
public
off(string $name[, callable|null $handler = null ]) : bool
This method is the opposite of [[on()]].
Note: in case wildcard pattern is passed for event name, only the handlers registered with this wildcard will be removed, while handlers registered with plain names matching this wildcard will remain.
Parameters
- $name : string
-
event name
- $handler : callable|null = null
-
the event handler to be removed. If it is null, all handlers attached to the named event will be removed.
Tags
Return values
bool —if a handler is found and detached
on()
Attaches an event handler to an event.
public
on(string $name, callable $handler[, mixed $data = null ][, bool $append = true ]) : mixed
The event handler must be a valid PHP callback. The following are some examples:
function ($event) { ... } // anonymous function
[$object, 'handleClick'] // $object->handleClick()
['Page', 'handleClick'] // Page::handleClick()
'handleClick' // global function handleClick()
The event handler must be defined with the following signature,
function ($event)
where $event is an [[Event]] object which includes parameters associated with the event.
Since 2.0.14 you can specify event name as a wildcard pattern:
$component->on('event.group.*', function ($event) {
Yii::trace($event->name . ' is triggered.');
});
Parameters
- $name : string
-
the event name
- $handler : callable
-
the event handler
- $data : mixed = null
-
the data to be passed to the event handler when the event is triggered. When the event handler is invoked, this data can be accessed via [[Event::data]].
- $append : bool = true
-
whether to append new event handler to the end of the existing handler list. If false, the new handler will be inserted at the beginning of the existing handler list.
Tags
remove()
Removes a role, permission or rule from the RBAC system.
public
remove(mixed $object) : bool
Parameters
- $object : mixed
Return values
bool —whether the role, permission or rule is successfully removed
removeAll()
Removes all authorization data, including roles, permissions, rules, and assignments.
public
removeAll() : mixed
removeAllAssignments()
Removes all role assignments.
public
removeAllAssignments() : mixed
removeAllPermissions()
Removes all permissions.
public
removeAllPermissions() : mixed
removeAllRoles()
Removes all roles.
public
removeAllRoles() : mixed
removeAllRules()
Removes all rules.
public
removeAllRules() : mixed
removeChild()
Removes a child from its parent.
public
removeChild(mixed $parent, mixed $child) : bool
Parameters
- $parent : mixed
- $child : mixed
Return values
bool —whether the removal is successful
removeChildren()
Removed all children form their parent.
public
removeChildren(mixed $parent) : bool
Parameters
- $parent : mixed
Return values
bool —whether the removal is successful
removeItem()
Removes an auth item from the RBAC system.
public
removeItem(mixed $item) : bool
Parameters
- $item : mixed
-
the item to remove
Return values
bool —whether the role or permission is successfully removed
revoke()
Revokes a role from a user.
public
revoke(mixed $role, mixed $userId) : bool
Parameters
- $role : mixed
- $userId : mixed
-
the user ID (see [[\yii\web\User::id]])
Return values
bool —whether the revoking is successful
revokeAll()
Revokes all roles from a user.
public
revokeAll(mixed $userId) : bool
Parameters
- $userId : mixed
-
the user ID (see [[\yii\web\User::id]])
Return values
bool —whether the revoking is successful
setDefaultRoles()
Set default roles
public
setDefaultRoles(array<string|int, string>|Closure $roles) : mixed
Parameters
- $roles : array<string|int, string>|Closure
-
either array of roles or a callable returning it
Tags
trigger()
Triggers an event.
public
trigger(string $name[, Event|null $event = null ]) : mixed
This method represents the happening of an event. It invokes all attached handlers for the event including class-level handlers.
Parameters
- $name : string
-
the event name
- $event : Event|null = null
-
the event instance. If not set, a default [[Event]] object will be created.
update()
Updates the specified role, permission or rule in the system.
public
update(mixed $name, mixed $object) : bool
Parameters
- $name : mixed
-
the old name of the role, permission or rule
- $object : mixed
Return values
bool —whether the update is successful
updateRule()
Updates a rule to the RBAC system.
public
updateRule(mixed $name, mixed $rule) : bool
Parameters
- $name : mixed
-
the name of the rule being updated
- $rule : mixed
-
the updated rule
Return values
bool —whether the rule is successfully updated
addItem()
Adds an auth item to the RBAC system.
protected
addItem(mixed $item) : bool
Parameters
- $item : mixed
-
the item to add
Return values
bool —whether the auth item is successfully added to the system
addRule()
Adds a rule to the RBAC system.
protected
addRule(mixed $rule) : bool
Parameters
- $rule : mixed
-
the rule to add
Return values
bool —whether the rule is successfully added to the system
checkAccessRecursive()
Performs access check for the specified user.
protected
checkAccessRecursive(string|int $user, string $itemName, array<string|int, mixed> $params, array<string|int, Assignment> $assignments) : bool
This method is internally called by [[checkAccess()]].
Parameters
- $user : string|int
-
the user ID. This should can be either an integer or a string representing the unique identifier of a user. See [[\yii\web\User::id]].
- $itemName : string
-
the name of the operation that need access check
- $params : array<string|int, mixed>
-
name-value pairs that would be passed to rules associated with the tasks and roles assigned to the user. A param with name 'user' is added to this array, which holds the value of
$userId. - $assignments : array<string|int, Assignment>
-
the assignments to the specified user
Return values
bool —whether the operations can be performed by the user.
detectLoop()
Checks whether there is a loop in the authorization item hierarchy.
protected
detectLoop(Item $parent, Item $child) : bool
Parameters
Return values
bool —whether a loop exists
executeRule()
Executes the rule associated with the specified auth item.
protected
executeRule(string|int $user, Item $item, array<string|int, mixed> $params) : bool
If the item does not specify a rule, this method will return true. Otherwise, it will return the value of [[Rule::execute()]].
Parameters
- $user : string|int
-
the user ID. This should be either an integer or a string representing the unique identifier of a user. See [[\yii\web\User::id]].
- $item : Item
-
the auth item that needs to execute its rule
- $params : array<string|int, mixed>
-
parameters passed to [[CheckAccessInterface::checkAccess()]] and will be passed to the rule
Tags
Return values
bool —the return value of [[Rule::execute()]]. If the auth item does not specify a rule, true will be returned.
getChildrenRecursive()
Recursively finds all children and grand children of the specified item.
protected
getChildrenRecursive(string $name, array<string|int, mixed> &$result) : mixed
Parameters
- $name : string
-
the name of the item whose children are to be looked for.
- $result : array<string|int, mixed>
-
the children and grand children (in array keys)
getDirectPermissionsByUser()
Returns all permissions that are directly assigned to user.
protected
getDirectPermissionsByUser(string|int $userId) : array<string|int, Permission>
Parameters
- $userId : string|int
-
the user ID (see [[\yii\web\User::id]])
Tags
Return values
array<string|int, Permission> —all direct permissions that the user has. The array is indexed by the permission names.
getInheritedPermissionsByUser()
Returns all permissions that the user inherits from the roles assigned to him.
protected
getInheritedPermissionsByUser(string|int $userId) : array<string|int, Permission>
Parameters
- $userId : string|int
-
the user ID (see [[\yii\web\User::id]])
Tags
Return values
array<string|int, Permission> —all inherited permissions that the user has. The array is indexed by the permission names.
hasNoAssignments()
Checks whether array of $assignments is empty and [[defaultRoles]] property is empty as well.
protected
hasNoAssignments(array<string|int, Assignment> $assignments) : bool
Parameters
- $assignments : array<string|int, Assignment>
-
array of user's assignments
Tags
Return values
bool —whether array of $assignments is empty and [[defaultRoles]] property is empty as well
invalidateScriptCache()
Invalidates precompiled script cache (such as OPCache or APC) for the given file.
protected
invalidateScriptCache(string $file) : mixed
Parameters
- $file : string
-
the file path.
Tags
load()
Loads authorization data from persistent storage.
protected
load() : mixed
loadFromFile()
Loads the authorization data from a PHP script file.
protected
loadFromFile(string $file) : array<string|int, mixed>
Parameters
- $file : string
-
the file path.
Tags
Return values
array<string|int, mixed> —the authorization data
removeAllItems()
Removes all auth items of the specified type.
protected
removeAllItems(int $type) : mixed
Parameters
- $type : int
-
the auth item type (either Item::TYPE_PERMISSION or Item::TYPE_ROLE)
removeRule()
Removes a rule from the RBAC system.
protected
removeRule(mixed $rule) : bool
Parameters
- $rule : mixed
-
the rule to remove
Return values
bool —whether the rule is successfully removed
save()
Saves authorization data into persistent storage.
protected
save() : mixed
saveAssignments()
Saves assignments data into persistent storage.
protected
saveAssignments() : mixed
saveItems()
Saves items data into persistent storage.
protected
saveItems() : mixed
saveRules()
Saves rules data into persistent storage.
protected
saveRules() : mixed
saveToFile()
Saves the authorization data to a PHP script file.
protected
saveToFile(array<string|int, mixed> $data, string $file) : mixed
Parameters
- $data : array<string|int, mixed>
-
the authorization data
- $file : string
-
the file path.
Tags
updateItem()
Updates an auth item in the RBAC system.
protected
updateItem(mixed $name, mixed $item) : bool
Parameters
- $name : mixed
-
the name of the item being updated
- $item : mixed
-
the updated item
Return values
bool —whether the auth item is successfully updated
attachBehaviorInternal()
Attaches a behavior to this component.
private
attachBehaviorInternal(string|int $name, string|array<string|int, mixed>|Behavior $behavior) : Behavior
Parameters
- $name : string|int
-
the name of the behavior. If this is an integer, it means the behavior is an anonymous one. Otherwise, the behavior is a named one and any existing behavior with the same name will be detached first.
- $behavior : string|array<string|int, mixed>|Behavior
-
the behavior to be attached
Return values
Behavior —the attached behavior.