Class yii\rbac\PhpManager

Inheritanceyii\rbac\PhpManager » yii\rbac\BaseManager » yii\base\Component » yii\base\BaseObject
Implementsyii\base\Configurable, yii\rbac\ManagerInterface
Available since version2.0
Source Code https://github.com/yiisoft/yii2/blob/master/framework/rbac/PhpManager.php

PhpManager represents an authorization manager that stores authorization information in terms of a PHP script file.

The authorization data will be saved to and loaded from three files specified by $itemFile, $assignmentFile and $ruleFile.

PhpManager is mainly suitable for authorization data that is not too big (for example, the authorization data for a personal blog system). Use yii\rbac\DbManager for more complex authorization data.

Note that PhpManager is not compatible with facebooks HHVM because it relies on writing php files and including them afterwards which is not supported by HHVM.

For more details and usage information on PhpManager, see the guide article on security authorization.

Public Properties

Hide inherited properties

Property Type Description Defined By
$assignmentFile string The path of the PHP script that contains the authorization assignments. yii\rbac\PhpManager
$assignments array yii\rbac\PhpManager
$behaviors yii\base\Behavior[] List of behaviors attached to this component. yii\base\Component
$children array yii\rbac\PhpManager
$defaultRoleInstances yii\rbac\Role[] Default roles. yii\rbac\BaseManager
$defaultRoles array A list of role names that are assigned to every user automatically without calling assign(). yii\rbac\BaseManager
$itemFile string The path of the PHP script that contains the authorization items. yii\rbac\PhpManager
$items yii\rbac\Item[] yii\rbac\PhpManager
$permissions yii\rbac\Permission[] All permissions in the system. yii\rbac\BaseManager
$roles yii\rbac\Role[] All roles in the system. yii\rbac\BaseManager
$ruleFile string The path of the PHP script that contains the authorization rules. yii\rbac\PhpManager
$rules yii\rbac\Rule[] yii\rbac\PhpManager

Protected Properties

Hide inherited properties

Property Type Description Defined By

Public Methods

Hide inherited methods

Method Description Defined By
__call() Calls the named method which is not a class method. yii\base\Component
__clone() This method is called after the object is created by cloning an existing one. yii\base\Component
__construct() Constructor. yii\base\BaseObject
__get() Returns the value of a component property. yii\base\Component
__isset() Checks if a property is set, i.e. defined and not null. yii\base\Component
__set() Sets the value of a component property. yii\base\Component
__unset() Sets a component property to be null. yii\base\Component
add() Adds a role, permission or rule to the RBAC system. yii\rbac\BaseManager
addChild() Adds an item as a child of another item. yii\rbac\PhpManager
assign() Assigns a role to a user. yii\rbac\PhpManager
attachBehavior() Attaches a behavior to this component. yii\base\Component
attachBehaviors() Attaches a list of behaviors to the component. yii\base\Component
behaviors() Returns a list of behaviors that this component should behave as. yii\base\Component
canAddChild() Checks the possibility of adding a child to parent. yii\rbac\PhpManager
canGetProperty() Returns a value indicating whether a property can be read. yii\base\Component
canSetProperty() Returns a value indicating whether a property can be set. yii\base\Component
checkAccess() yii\rbac\PhpManager
className() Returns the fully qualified name of this class. yii\base\BaseObject
createPermission() Creates a new Permission object. yii\rbac\BaseManager
createRole() Creates a new Role object. yii\rbac\BaseManager
detachBehavior() Detaches a behavior from the component. yii\base\Component
detachBehaviors() Detaches all behaviors from the component. yii\base\Component
ensureBehaviors() Makes sure that the behaviors declared in behaviors() are attached to this component. yii\base\Component
getAssignment() Returns the assignment information regarding a role and a user. yii\rbac\PhpManager
getAssignments() Returns all role assignment information for the specified user. yii\rbac\PhpManager
getBehavior() Returns the named behavior object. yii\base\Component
getBehaviors() Returns all behaviors attached to this component. yii\base\Component
getChildRoles() Returns child roles of the role specified. Depth isn't limited. yii\rbac\PhpManager
getChildren() Returns the child permissions and/or roles. yii\rbac\PhpManager
getDefaultRoleInstances() Returns defaultRoles as array of Role objects. yii\rbac\BaseManager
getDefaultRoles() Get default roles yii\rbac\BaseManager
getItem() Returns the named auth item. yii\rbac\PhpManager
getItems() Returns the items of the specified type. yii\rbac\PhpManager
getPermission() Returns the named permission. yii\rbac\BaseManager
getPermissions() Returns all permissions in the system. yii\rbac\BaseManager
getPermissionsByRole() Returns all permissions that the specified role represents. yii\rbac\PhpManager
getPermissionsByUser() Returns all permissions that the user has. yii\rbac\PhpManager
getRole() Returns the named role. yii\rbac\BaseManager
getRoles() Returns all roles in the system. yii\rbac\BaseManager
getRolesByUser() {@inheritdoc} The roles returned by this method include the roles assigned via $defaultRoles. yii\rbac\PhpManager
getRule() Returns the rule of the specified name. yii\rbac\PhpManager
getRules() Returns all rules available in the system. yii\rbac\PhpManager
getUserIdsByRole() Returns all user IDs assigned to the role specified. yii\rbac\PhpManager
hasChild() Returns a value indicating whether the child already exists for the parent. yii\rbac\PhpManager
hasEventHandlers() Returns a value indicating whether there is any handler attached to the named event. yii\base\Component
hasMethod() Returns a value indicating whether a method is defined. yii\base\Component
hasProperty() Returns a value indicating whether a property is defined for this component. yii\base\Component
init() Initializes the application component. yii\rbac\PhpManager
off() Detaches an existing event handler from this component. yii\base\Component
on() Attaches an event handler to an event. yii\base\Component
remove() Removes a role, permission or rule from the RBAC system. yii\rbac\BaseManager
removeAll() Removes all authorization data, including roles, permissions, rules, and assignments. yii\rbac\PhpManager
removeAllAssignments() Removes all role assignments. yii\rbac\PhpManager
removeAllPermissions() Removes all permissions. yii\rbac\PhpManager
removeAllRoles() Removes all roles. yii\rbac\PhpManager
removeAllRules() Removes all rules. yii\rbac\PhpManager
removeChild() Removes a child from its parent. yii\rbac\PhpManager
removeChildren() Removed all children form their parent. yii\rbac\PhpManager
removeItem() Removes an auth item from the RBAC system. yii\rbac\PhpManager
revoke() Revokes a role from a user. yii\rbac\PhpManager
revokeAll() Revokes all roles from a user. yii\rbac\PhpManager
setDefaultRoles() Set default roles yii\rbac\BaseManager
trigger() Triggers an event. yii\base\Component
update() Updates the specified role, permission or rule in the system. yii\rbac\BaseManager
updateRule() Updates a rule to the RBAC system. yii\rbac\PhpManager

Protected Methods

Hide inherited methods

Method Description Defined By
addItem() Adds an auth item to the RBAC system. yii\rbac\PhpManager
addRule() Adds a rule to the RBAC system. yii\rbac\PhpManager
checkAccessRecursive() Performs access check for the specified user. yii\rbac\PhpManager
detectLoop() Checks whether there is a loop in the authorization item hierarchy. yii\rbac\PhpManager
executeRule() Executes the rule associated with the specified auth item. yii\rbac\BaseManager
getChildrenRecursive() Recursively finds all children and grand children of the specified item. yii\rbac\PhpManager
getDirectPermissionsByUser() Returns all permissions that are directly assigned to user. yii\rbac\PhpManager
getInheritedPermissionsByUser() Returns all permissions that the user inherits from the roles assigned to him. yii\rbac\PhpManager
hasNoAssignments() Checks whether array of $assignments is empty and $defaultRoles property is empty as well. yii\rbac\BaseManager
invalidateScriptCache() Invalidates precompiled script cache (such as OPCache or APC) for the given file. yii\rbac\PhpManager
load() Loads authorization data from persistent storage. yii\rbac\PhpManager
loadFromFile() Loads the authorization data from a PHP script file. yii\rbac\PhpManager
removeAllItems() Removes all auth items of the specified type. yii\rbac\PhpManager
removeRule() Removes a rule from the RBAC system. yii\rbac\PhpManager
save() Saves authorization data into persistent storage. yii\rbac\PhpManager
saveAssignments() Saves assignments data into persistent storage. yii\rbac\PhpManager
saveItems() Saves items data into persistent storage. yii\rbac\PhpManager
saveRules() Saves rules data into persistent storage. yii\rbac\PhpManager
saveToFile() Saves the authorization data to a PHP script file. yii\rbac\PhpManager
updateItem() Updates an auth item in the RBAC system. yii\rbac\PhpManager

Property Details

Hide inherited properties

$assignmentFile public property

The path of the PHP script that contains the authorization assignments. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.

See also:

public string $assignmentFile '@app/rbac/assignments.php'
$assignments protected property
protected array $assignments = []
$children protected property
protected array $children = []
$itemFile public property

The path of the PHP script that contains the authorization items. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.

See also:

public string $itemFile '@app/rbac/items.php'
$items protected property
protected yii\rbac\Item[] $items = []
$ruleFile public property

The path of the PHP script that contains the authorization rules. This can be either a file path or a path alias to the file. Make sure this file is writable by the Web server process if the authorization needs to be changed online.

See also:

public string $ruleFile '@app/rbac/rules.php'
$rules protected property
protected yii\rbac\Rule[] $rules = []

Method Details

Hide inherited methods

__call() public method

Defined in: yii\base\Component::__call()

Calls the named method which is not a class method.

This method will check if any attached behavior has the named method and will execute it if available.

Do not call this method directly as it is a PHP magic method that will be implicitly called when an unknown method is being invoked.

public mixed __call ( $name, $params )
$name string

The method name

$params array

Method parameters

return mixed

The method return value

throws yii\base\UnknownMethodException

when calling unknown method

                public function __call($name, $params)
{
    $this->ensureBehaviors();
    foreach ($this->_behaviors as $object) {
        if ($object->hasMethod($name)) {
            return call_user_func_array([$object, $name], $params);
        }
    }
    throw new UnknownMethodException('Calling unknown method: ' . get_class($this) . "::$name()");
}

            
__clone() public method

Defined in: yii\base\Component::__clone()

This method is called after the object is created by cloning an existing one.

It removes all behaviors because they are attached to the old object.

public void __clone ( )

                public function __clone()
{
    $this->_events = [];
    $this->_eventWildcards = [];
    $this->_behaviors = null;
}

            
__construct() public method

Defined in: yii\base\BaseObject::__construct()

Constructor.

The default implementation does two things:

  • Initializes the object with the given configuration $config.
  • Call init().

If this method is overridden in a child class, it is recommended that

  • the last parameter of the constructor is a configuration array, like $config here.
  • call the parent implementation at the end of the constructor.
public void __construct ( $config = [] )
$config array

Name-value pairs that will be used to initialize the object properties

                public function __construct($config = [])
{
    if (!empty($config)) {
        Yii::configure($this, $config);
    }
    $this->init();
}

            
__get() public method

Defined in: yii\base\Component::__get()

Returns the value of a component property.

This method will check in the following order and act accordingly:

  • a property defined by a getter: return the getter result
  • a property of a behavior: return the behavior property value

Do not call this method directly as it is a PHP magic method that will be implicitly called when executing $value = $component->property;.

See also __set().

public mixed __get ( $name )
$name string

The property name

return mixed

The property value or the value of a behavior's property

throws yii\base\UnknownPropertyException

if the property is not defined

throws yii\base\InvalidCallException

if the property is write-only.

                public function __get($name)
{
    $getter = 'get' . $name;
    if (method_exists($this, $getter)) {
        // read property, e.g. getName()
        return $this->$getter();
    }
    // behavior property
    $this->ensureBehaviors();
    foreach ($this->_behaviors as $behavior) {
        if ($behavior->canGetProperty($name)) {
            return $behavior->$name;
        }
    }
    if (method_exists($this, 'set' . $name)) {
        throw new InvalidCallException('Getting write-only property: ' . get_class($this) . '::' . $name);
    }
    throw new UnknownPropertyException('Getting unknown property: ' . get_class($this) . '::' . $name);
}

            
__isset() public method

Defined in: yii\base\Component::__isset()

Checks if a property is set, i.e. defined and not null.

This method will check in the following order and act accordingly:

  • a property defined by a setter: return whether the property is set
  • a property of a behavior: return whether the property is set
  • return false for non existing properties

Do not call this method directly as it is a PHP magic method that will be implicitly called when executing isset($component->property).

See also https://www.php.net/manual/en/function.isset.php.

public boolean __isset ( $name )
$name string

The property name or the event name

return boolean

Whether the named property is set

                public function __isset($name)
{
    $getter = 'get' . $name;
    if (method_exists($this, $getter)) {
        return $this->$getter() !== null;
    }
    // behavior property
    $this->ensureBehaviors();
    foreach ($this->_behaviors as $behavior) {
        if ($behavior->canGetProperty($name)) {
            return $behavior->$name !== null;
        }
    }
    return false;
}

            
__set() public method

Defined in: yii\base\Component::__set()

Sets the value of a component property.

This method will check in the following order and act accordingly:

  • a property defined by a setter: set the property value
  • an event in the format of "on xyz": attach the handler to the event "xyz"
  • a behavior in the format of "as xyz": attach the behavior named as "xyz"
  • a property of a behavior: set the behavior property value

Do not call this method directly as it is a PHP magic method that will be implicitly called when executing $component->property = $value;.

See also __get().

public void __set ( $name, $value )
$name string

The property name or the event name

$value mixed

The property value

throws yii\base\UnknownPropertyException

if the property is not defined

throws yii\base\InvalidCallException

if the property is read-only.

                public function __set($name, $value)
{
    $setter = 'set' . $name;
    if (method_exists($this, $setter)) {
        // set property
        $this->$setter($value);
        return;
    } elseif (strncmp($name, 'on ', 3) === 0) {
        // on event: attach event handler
        $this->on(trim(substr($name, 3)), $value);
        return;
    } elseif (strncmp($name, 'as ', 3) === 0) {
        // as behavior: attach behavior
        $name = trim(substr($name, 3));
        $this->attachBehavior($name, $value instanceof Behavior ? $value : Yii::createObject($value));
        return;
    }
    // behavior property
    $this->ensureBehaviors();
    foreach ($this->_behaviors as $behavior) {
        if ($behavior->canSetProperty($name)) {
            $behavior->$name = $value;
            return;
        }
    }
    if (method_exists($this, 'get' . $name)) {
        throw new InvalidCallException('Setting read-only property: ' . get_class($this) . '::' . $name);
    }
    throw new UnknownPropertyException('Setting unknown property: ' . get_class($this) . '::' . $name);
}

            
__unset() public method

Defined in: yii\base\Component::__unset()

Sets a component property to be null.

This method will check in the following order and act accordingly:

  • a property defined by a setter: set the property value to be null
  • a property of a behavior: set the property value to be null

Do not call this method directly as it is a PHP magic method that will be implicitly called when executing unset($component->property).

See also https://www.php.net/manual/en/function.unset.php.

public void __unset ( $name )
$name string

The property name

throws yii\base\InvalidCallException

if the property is read only.

                public function __unset($name)
{
    $setter = 'set' . $name;
    if (method_exists($this, $setter)) {
        $this->$setter(null);
        return;
    }
    // behavior property
    $this->ensureBehaviors();
    foreach ($this->_behaviors as $behavior) {
        if ($behavior->canSetProperty($name)) {
            $behavior->$name = null;
            return;
        }
    }
    throw new InvalidCallException('Unsetting an unknown or read-only property: ' . get_class($this) . '::' . $name);
}

            
add() public method

Defined in: yii\rbac\BaseManager::add()

Adds a role, permission or rule to the RBAC system.

public boolean add ( $object )
$object yii\rbac\Role|yii\rbac\Permission|yii\rbac\Rule
return boolean

Whether the role, permission or rule is successfully added to the system

throws Exception

if data validation or saving fails (such as the name of the role or permission is not unique)

                public function add($object)
{
    if ($object instanceof Item) {
        if ($object->ruleName && $this->getRule($object->ruleName) === null) {
            $rule = \Yii::createObject($object->ruleName);
            $rule->name = $object->ruleName;
            $this->addRule($rule);
        }
        return $this->addItem($object);
    } elseif ($object instanceof Rule) {
        return $this->addRule($object);
    }
    throw new InvalidArgumentException('Adding unsupported object type.');
}

            
addChild() public method

Adds an item as a child of another item.

public boolean addChild ( $parent, $child )
$parent yii\rbac\Item
$child yii\rbac\Item
return boolean

Whether the child successfully added

throws yii\base\Exception

if the parent-child relationship already exists or if a loop has been detected.

                public function addChild($parent, $child)
{
    if (!isset($this->items[$parent->name], $this->items[$child->name])) {
        throw new InvalidArgumentException("Either '{$parent->name}' or '{$child->name}' does not exist.");
    }
    if ($parent->name === $child->name) {
        throw new InvalidArgumentException("Cannot add '{$parent->name} ' as a child of itself.");
    }
    if ($parent instanceof Permission && $child instanceof Role) {
        throw new InvalidArgumentException('Cannot add a role as a child of a permission.');
    }
    if ($this->detectLoop($parent, $child)) {
        throw new InvalidCallException("Cannot add '{$child->name}' as a child of '{$parent->name}'. A loop has been detected.");
    }
    if (isset($this->children[$parent->name][$child->name])) {
        throw new InvalidCallException("The item '{$parent->name}' already has a child '{$child->name}'.");
    }
    $this->children[$parent->name][$child->name] = $this->items[$child->name];
    $this->saveItems();
    return true;
}

            
addItem() protected method

Adds an auth item to the RBAC system.

protected boolean addItem ( $item )
$item yii\rbac\Item

The item to add

return boolean

Whether the auth item is successfully added to the system

throws Exception

if data validation or saving fails (such as the name of the role or permission is not unique)

                protected function addItem($item)
{
    $time = time();
    if ($item->createdAt === null) {
        $item->createdAt = $time;
    }
    if ($item->updatedAt === null) {
        $item->updatedAt = $time;
    }
    $this->items[$item->name] = $item;
    $this->saveItems();
    return true;
}

            
addRule() protected method

Adds a rule to the RBAC system.

protected boolean addRule ( $rule )
$rule yii\rbac\Rule

The rule to add

return boolean

Whether the rule is successfully added to the system

throws Exception

if data validation or saving fails (such as the name of the rule is not unique)

                protected function addRule($rule)
{
    $this->rules[$rule->name] = $rule;
    $this->saveRules();
    return true;
}

            
assign() public method

Assigns a role to a user.

public yii\rbac\Assignment assign ( $role, $userId )
$role yii\rbac\Role|yii\rbac\Permission
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Assignment

The role assignment information.

throws Exception

if the role has already been assigned to the user

                public function assign($role, $userId)
{
    if (!isset($this->items[$role->name])) {
        throw new InvalidArgumentException("Unknown role '{$role->name}'.");
    } elseif (isset($this->assignments[$userId][$role->name])) {
        throw new InvalidArgumentException("Authorization item '{$role->name}' has already been assigned to user '$userId'.");
    }
    $this->assignments[$userId][$role->name] = new Assignment([
        'userId' => $userId,
        'roleName' => $role->name,
        'createdAt' => time(),
    ]);
    $this->saveAssignments();
    return $this->assignments[$userId][$role->name];
}

            
attachBehavior() public method

Defined in: yii\base\Component::attachBehavior()

Attaches a behavior to this component.

This method will create the behavior object based on the given configuration. After that, the behavior object will be attached to this component by calling the yii\base\Behavior::attach() method.

See also detachBehavior().

public yii\base\Behavior attachBehavior ( $name, $behavior )
$name string

The name of the behavior.

$behavior string|array|yii\base\Behavior

The behavior configuration. This can be one of the following:

return yii\base\Behavior

The behavior object

                public function attachBehavior($name, $behavior)
{
    $this->ensureBehaviors();
    return $this->attachBehaviorInternal($name, $behavior);
}

            
attachBehaviors() public method

Defined in: yii\base\Component::attachBehaviors()

Attaches a list of behaviors to the component.

Each behavior is indexed by its name and should be a yii\base\Behavior object, a string specifying the behavior class, or an configuration array for creating the behavior.

See also attachBehavior().

public void attachBehaviors ( $behaviors )
$behaviors array

List of behaviors to be attached to the component

                public function attachBehaviors($behaviors)
{
    $this->ensureBehaviors();
    foreach ($behaviors as $name => $behavior) {
        $this->attachBehaviorInternal($name, $behavior);
    }
}

            
behaviors() public method

Defined in: yii\base\Component::behaviors()

Returns a list of behaviors that this component should behave as.

Child classes may override this method to specify the behaviors they want to behave as.

The return value of this method should be an array of behavior objects or configurations indexed by behavior names. A behavior configuration can be either a string specifying the behavior class or an array of the following structure:

'behaviorName' => [
    'class' => 'BehaviorClass',
    'property1' => 'value1',
    'property2' => 'value2',
]

Note that a behavior class must extend from yii\base\Behavior. Behaviors can be attached using a name or anonymously. When a name is used as the array key, using this name, the behavior can later be retrieved using getBehavior() or be detached using detachBehavior(). Anonymous behaviors can not be retrieved or detached.

Behaviors declared in this method will be attached to the component automatically (on demand).

public array behaviors ( )
return array

The behavior configurations.

                public function behaviors()
{
    return [];
}

            
canAddChild() public method (available since version 2.0.8)

Checks the possibility of adding a child to parent.

public boolean canAddChild ( $parent, $child )
$parent yii\rbac\Item

The parent item

$child yii\rbac\Item

The child item to be added to the hierarchy

return boolean

Possibility of adding

                public function canAddChild($parent, $child)
{
    return !$this->detectLoop($parent, $child);
}

            
canGetProperty() public method

Defined in: yii\base\Component::canGetProperty()

Returns a value indicating whether a property can be read.

A property can be read if:

  • the class has a getter method associated with the specified name (in this case, property name is case-insensitive);
  • the class has a member variable with the specified name (when $checkVars is true);
  • an attached behavior has a readable property of the given name (when $checkBehaviors is true).

See also canSetProperty().

public boolean canGetProperty ( $name, $checkVars true, $checkBehaviors true )
$name string

The property name

$checkVars boolean

Whether to treat member variables as properties

$checkBehaviors boolean

Whether to treat behaviors' properties as properties of this component

return boolean

Whether the property can be read

                public function canGetProperty($name, $checkVars = true, $checkBehaviors = true)
{
    if (method_exists($this, 'get' . $name) || $checkVars && property_exists($this, $name)) {
        return true;
    } elseif ($checkBehaviors) {
        $this->ensureBehaviors();
        foreach ($this->_behaviors as $behavior) {
            if ($behavior->canGetProperty($name, $checkVars)) {
                return true;
            }
        }
    }
    return false;
}

            
canSetProperty() public method

Defined in: yii\base\Component::canSetProperty()

Returns a value indicating whether a property can be set.

A property can be written if:

  • the class has a setter method associated with the specified name (in this case, property name is case-insensitive);
  • the class has a member variable with the specified name (when $checkVars is true);
  • an attached behavior has a writable property of the given name (when $checkBehaviors is true).

See also canGetProperty().

public boolean canSetProperty ( $name, $checkVars true, $checkBehaviors true )
$name string

The property name

$checkVars boolean

Whether to treat member variables as properties

$checkBehaviors boolean

Whether to treat behaviors' properties as properties of this component

return boolean

Whether the property can be written

                public function canSetProperty($name, $checkVars = true, $checkBehaviors = true)
{
    if (method_exists($this, 'set' . $name) || $checkVars && property_exists($this, $name)) {
        return true;
    } elseif ($checkBehaviors) {
        $this->ensureBehaviors();
        foreach ($this->_behaviors as $behavior) {
            if ($behavior->canSetProperty($name, $checkVars)) {
                return true;
            }
        }
    }
    return false;
}

            
checkAccess() public method

public void checkAccess ( $userId, $permissionName, $params = [] )
$userId
$permissionName
$params

                public function checkAccess($userId, $permissionName, $params = [])
{
    $assignments = $this->getAssignments($userId);
    if ($this->hasNoAssignments($assignments)) {
        return false;
    }
    return $this->checkAccessRecursive($userId, $permissionName, $params, $assignments);
}

            
checkAccessRecursive() protected method

Performs access check for the specified user.

This method is internally called by checkAccess().

protected boolean checkAccessRecursive ( $user, $itemName, $params, $assignments )
$user string|integer

The user ID. This should can be either an integer or a string representing the unique identifier of a user. See yii\web\User::$id.

$itemName string

The name of the operation that need access check

$params array

Name-value pairs that would be passed to rules associated with the tasks and roles assigned to the user. A param with name 'user' is added to this array, which holds the value of $userId.

$assignments yii\rbac\Assignment[]

The assignments to the specified user

return boolean

Whether the operations can be performed by the user.

                protected function checkAccessRecursive($user, $itemName, $params, $assignments)
{
    if (!isset($this->items[$itemName])) {
        return false;
    }
    /* @var $item Item */
    $item = $this->items[$itemName];
    Yii::debug($item instanceof Role ? "Checking role: $itemName" : "Checking permission : $itemName", __METHOD__);
    if (!$this->executeRule($user, $item, $params)) {
        return false;
    }
    if (isset($assignments[$itemName]) || in_array($itemName, $this->defaultRoles)) {
        return true;
    }
    foreach ($this->children as $parentName => $children) {
        if (isset($children[$itemName]) && $this->checkAccessRecursive($user, $parentName, $params, $assignments)) {
            return true;
        }
    }
    return false;
}

            
className() public static method
Deprecated since 2.0.14. On PHP >=5.5, use ::class instead.

Defined in: yii\base\BaseObject::className()

Returns the fully qualified name of this class.

public static string className ( )
return string

The fully qualified name of this class.

                public static function className()
{
    return get_called_class();
}

            
createPermission() public method

Defined in: yii\rbac\BaseManager::createPermission()

Creates a new Permission object.

Note that the newly created permission is not added to the RBAC system yet. You must fill in the needed data and call add() to add it to the system.

public yii\rbac\Permission createPermission ( $name )
$name string

The permission name

return yii\rbac\Permission

The new Permission object

                public function createPermission($name)
{
    $permission = new Permission();
    $permission->name = $name;
    return $permission;
}

            
createRole() public method

Defined in: yii\rbac\BaseManager::createRole()

Creates a new Role object.

Note that the newly created role is not added to the RBAC system yet. You must fill in the needed data and call add() to add it to the system.

public yii\rbac\Role createRole ( $name )
$name string

The role name

return yii\rbac\Role

The new Role object

                public function createRole($name)
{
    $role = new Role();
    $role->name = $name;
    return $role;
}

            
detachBehavior() public method

Defined in: yii\base\Component::detachBehavior()

Detaches a behavior from the component.

The behavior's yii\base\Behavior::detach() method will be invoked.

public yii\base\Behavior|null detachBehavior ( $name )
$name string

The behavior's name.

return yii\base\Behavior|null

The detached behavior. Null if the behavior does not exist.

                public function detachBehavior($name)
{
    $this->ensureBehaviors();
    if (isset($this->_behaviors[$name])) {
        $behavior = $this->_behaviors[$name];
        unset($this->_behaviors[$name]);
        $behavior->detach();
        return $behavior;
    }
    return null;
}

            
detachBehaviors() public method

Defined in: yii\base\Component::detachBehaviors()

Detaches all behaviors from the component.

public void detachBehaviors ( )

                public function detachBehaviors()
{
    $this->ensureBehaviors();
    foreach ($this->_behaviors as $name => $behavior) {
        $this->detachBehavior($name);
    }
}

            
detectLoop() protected method

Checks whether there is a loop in the authorization item hierarchy.

protected boolean detectLoop ( $parent, $child )
$parent yii\rbac\Item

Parent item

$child yii\rbac\Item

The child item that is to be added to the hierarchy

return boolean

Whether a loop exists

                protected function detectLoop($parent, $child)
{
    if ($child->name === $parent->name) {
        return true;
    }
    if (!isset($this->children[$child->name], $this->items[$parent->name])) {
        return false;
    }
    foreach ($this->children[$child->name] as $grandchild) {
        /* @var $grandchild Item */
        if ($this->detectLoop($parent, $grandchild)) {
            return true;
        }
    }
    return false;
}

            
ensureBehaviors() public method

Defined in: yii\base\Component::ensureBehaviors()

Makes sure that the behaviors declared in behaviors() are attached to this component.

public void ensureBehaviors ( )

                public function ensureBehaviors()
{
    if ($this->_behaviors === null) {
        $this->_behaviors = [];
        foreach ($this->behaviors() as $name => $behavior) {
            $this->attachBehaviorInternal($name, $behavior);
        }
    }
}

            
executeRule() protected method

Defined in: yii\rbac\BaseManager::executeRule()

Executes the rule associated with the specified auth item.

If the item does not specify a rule, this method will return true. Otherwise, it will return the value of yii\rbac\Rule::execute().

protected boolean executeRule ( $user, $item, $params )
$user string|integer

The user ID. This should be either an integer or a string representing the unique identifier of a user. See yii\web\User::$id.

$item yii\rbac\Item

The auth item that needs to execute its rule

$params array

Parameters passed to yii\rbac\CheckAccessInterface::checkAccess() and will be passed to the rule

return boolean

The return value of yii\rbac\Rule::execute(). If the auth item does not specify a rule, true will be returned.

throws yii\base\InvalidConfigException

if the auth item has an invalid rule.

                protected function executeRule($user, $item, $params)
{
    if ($item->ruleName === null) {
        return true;
    }
    $rule = $this->getRule($item->ruleName);
    if ($rule instanceof Rule) {
        return $rule->execute($user, $item, $params);
    }
    throw new InvalidConfigException("Rule not found: {$item->ruleName}");
}

            
getAssignment() public method

Returns the assignment information regarding a role and a user.

public yii\rbac\Assignment|null getAssignment ( $roleName, $userId )
$roleName string

The role name

$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Assignment|null

The assignment information. Null is returned if the role is not assigned to the user.

                public function getAssignment($roleName, $userId)
{
    return isset($this->assignments[$userId][$roleName]) ? $this->assignments[$userId][$roleName] : null;
}

            
getAssignments() public method

Returns all role assignment information for the specified user.

public yii\rbac\Assignment[] getAssignments ( $userId )
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Assignment[]

The assignments indexed by role names. An empty array will be returned if there is no role assigned to the user.

                public function getAssignments($userId)
{
    return isset($this->assignments[$userId]) ? $this->assignments[$userId] : [];
}

            
getBehavior() public method

Defined in: yii\base\Component::getBehavior()

Returns the named behavior object.

public yii\base\Behavior|null getBehavior ( $name )
$name string

The behavior name

return yii\base\Behavior|null

The behavior object, or null if the behavior does not exist

                public function getBehavior($name)
{
    $this->ensureBehaviors();
    return isset($this->_behaviors[$name]) ? $this->_behaviors[$name] : null;
}

            
getBehaviors() public method

Defined in: yii\base\Component::getBehaviors()

Returns all behaviors attached to this component.

public yii\base\Behavior[] getBehaviors ( )
return yii\base\Behavior[]

List of behaviors attached to this component

                public function getBehaviors()
{
    $this->ensureBehaviors();
    return $this->_behaviors;
}

            
getChildRoles() public method (available since version 2.0.10)

Returns child roles of the role specified. Depth isn't limited.

public yii\rbac\Role[] getChildRoles ( $roleName )
$roleName string

Name of the role to file child roles for

return yii\rbac\Role[]

Child roles. The array is indexed by the role names. First element is an instance of the parent Role itself.

throws yii\base\InvalidParamException

if Role was not found that are getting by $roleName

                public function getChildRoles($roleName)
{
    $role = $this->getRole($roleName);
    if ($role === null) {
        throw new InvalidArgumentException("Role \"$roleName\" not found.");
    }
    $result = [];
    $this->getChildrenRecursive($roleName, $result);
    $roles = [$roleName => $role];
    $roles += array_filter($this->getRoles(), function (Role $roleItem) use ($result) {
        return array_key_exists($roleItem->name, $result);
    });
    return $roles;
}

            
getChildren() public method

Returns the child permissions and/or roles.

public yii\rbac\Item[] getChildren ( $name )
$name string

The parent name

return yii\rbac\Item[]

The child permissions and/or roles

                public function getChildren($name)
{
    return isset($this->children[$name]) ? $this->children[$name] : [];
}

            
getChildrenRecursive() protected method

Recursively finds all children and grand children of the specified item.

protected void getChildrenRecursive ( $name, &$result )
$name string

The name of the item whose children are to be looked for.

$result array

The children and grand children (in array keys)

                protected function getChildrenRecursive($name, &$result)
{
    if (isset($this->children[$name])) {
        foreach ($this->children[$name] as $child) {
            $result[$child->name] = true;
            $this->getChildrenRecursive($child->name, $result);
        }
    }
}

            
getDefaultRoleInstances() public method (available since version 2.0.12)

Defined in: yii\rbac\BaseManager::getDefaultRoleInstances()

Returns defaultRoles as array of Role objects.

public yii\rbac\Role[] getDefaultRoleInstances ( )
return yii\rbac\Role[]

Default roles. The array is indexed by the role names

                public function getDefaultRoleInstances()
{
    $result = [];
    foreach ($this->defaultRoles as $roleName) {
        $result[$roleName] = $this->createRole($roleName);
    }
    return $result;
}

            
getDefaultRoles() public method (available since version 2.0.14)

Defined in: yii\rbac\BaseManager::getDefaultRoles()

Get default roles

public string[] getDefaultRoles ( )
return string[]

Default roles

                public function getDefaultRoles()
{
    return $this->defaultRoles;
}

            
getDirectPermissionsByUser() protected method (available since version 2.0.7)

Returns all permissions that are directly assigned to user.

protected yii\rbac\Permission[] getDirectPermissionsByUser ( $userId )
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Permission[]

All direct permissions that the user has. The array is indexed by the permission names.

                protected function getDirectPermissionsByUser($userId)
{
    $permissions = [];
    foreach ($this->getAssignments($userId) as $name => $assignment) {
        $permission = $this->items[$assignment->roleName];
        if ($permission->type === Item::TYPE_PERMISSION) {
            $permissions[$name] = $permission;
        }
    }
    return $permissions;
}

            
getInheritedPermissionsByUser() protected method (available since version 2.0.7)

Returns all permissions that the user inherits from the roles assigned to him.

protected yii\rbac\Permission[] getInheritedPermissionsByUser ( $userId )
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Permission[]

All inherited permissions that the user has. The array is indexed by the permission names.

                protected function getInheritedPermissionsByUser($userId)
{
    $assignments = $this->getAssignments($userId);
    $result = [];
    foreach (array_keys($assignments) as $roleName) {
        $this->getChildrenRecursive($roleName, $result);
    }
    if (empty($result)) {
        return [];
    }
    $permissions = [];
    foreach (array_keys($result) as $itemName) {
        if (isset($this->items[$itemName]) && $this->items[$itemName] instanceof Permission) {
            $permissions[$itemName] = $this->items[$itemName];
        }
    }
    return $permissions;
}

            
getItem() public method

Returns the named auth item.

public yii\rbac\Item|null getItem ( $name )
$name string

The auth item name.

return yii\rbac\Item|null

The auth item corresponding to the specified name. Null is returned if no such item.

                public function getItem($name)
{
    return isset($this->items[$name]) ? $this->items[$name] : null;
}

            
getItems() public method

Returns the items of the specified type.

public yii\rbac\Item[] getItems ( $type )
$type integer

The auth item type (either yii\rbac\Item::TYPE_ROLE or yii\rbac\Item::TYPE_PERMISSION

return yii\rbac\Item[]

The auth items of the specified type.

                public function getItems($type)
{
    $items = [];
    foreach ($this->items as $name => $item) {
        /* @var $item Item */
        if ($item->type == $type) {
            $items[$name] = $item;
        }
    }
    return $items;
}

            
getPermission() public method

Defined in: yii\rbac\BaseManager::getPermission()

Returns the named permission.

public yii\rbac\Permission|null getPermission ( $name )
$name string

The permission name.

return yii\rbac\Permission|null

The permission corresponding to the specified name. Null is returned if no such permission.

                public function getPermission($name)
{
    $item = $this->getItem($name);
    return $item instanceof Item && $item->type == Item::TYPE_PERMISSION ? $item : null;
}

            
getPermissions() public method

Defined in: yii\rbac\BaseManager::getPermissions()

Returns all permissions in the system.

public yii\rbac\Permission[] getPermissions ( )
return yii\rbac\Permission[]

All permissions in the system. The array is indexed by the permission names.

                public function getPermissions()
{
    return $this->getItems(Item::TYPE_PERMISSION);
}

            
getPermissionsByRole() public method

Returns all permissions that the specified role represents.

public yii\rbac\Permission[] getPermissionsByRole ( $roleName )
$roleName string

The role name

return yii\rbac\Permission[]

All permissions that the role represents. The array is indexed by the permission names.

                public function getPermissionsByRole($roleName)
{
    $result = [];
    $this->getChildrenRecursive($roleName, $result);
    if (empty($result)) {
        return [];
    }
    $permissions = [];
    foreach (array_keys($result) as $itemName) {
        if (isset($this->items[$itemName]) && $this->items[$itemName] instanceof Permission) {
            $permissions[$itemName] = $this->items[$itemName];
        }
    }
    return $permissions;
}

            
getPermissionsByUser() public method

Returns all permissions that the user has.

public yii\rbac\Permission[] getPermissionsByUser ( $userId )
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Permission[]

All permissions that the user has. The array is indexed by the permission names.

                public function getPermissionsByUser($userId)
{
    $directPermission = $this->getDirectPermissionsByUser($userId);
    $inheritedPermission = $this->getInheritedPermissionsByUser($userId);
    return array_merge($directPermission, $inheritedPermission);
}

            
getRole() public method

Defined in: yii\rbac\BaseManager::getRole()

Returns the named role.

public yii\rbac\Role|null getRole ( $name )
$name string

The role name.

return yii\rbac\Role|null

The role corresponding to the specified name. Null is returned if no such role.

                public function getRole($name)
{
    $item = $this->getItem($name);
    return $item instanceof Item && $item->type == Item::TYPE_ROLE ? $item : null;
}

            
getRoles() public method

Defined in: yii\rbac\BaseManager::getRoles()

Returns all roles in the system.

public yii\rbac\Role[] getRoles ( )
return yii\rbac\Role[]

All roles in the system. The array is indexed by the role names.

                public function getRoles()
{
    return $this->getItems(Item::TYPE_ROLE);
}

            
getRolesByUser() public method

{@inheritdoc} The roles returned by this method include the roles assigned via $defaultRoles.

public void getRolesByUser ( $userId )
$userId

                public function getRolesByUser($userId)
{
    $roles = $this->getDefaultRoleInstances();
    foreach ($this->getAssignments($userId) as $name => $assignment) {
        $role = $this->items[$assignment->roleName];
        if ($role->type === Item::TYPE_ROLE) {
            $roles[$name] = $role;
        }
    }
    return $roles;
}

            
getRule() public method

Returns the rule of the specified name.

public yii\rbac\Rule|null getRule ( $name )
$name string

The rule name

return yii\rbac\Rule|null

The rule object, or null if the specified name does not correspond to a rule.

                public function getRule($name)
{
    return isset($this->rules[$name]) ? $this->rules[$name] : null;
}

            
getRules() public method

Returns all rules available in the system.

public yii\rbac\Rule[] getRules ( )
return yii\rbac\Rule[]

The rules indexed by the rule names

                public function getRules()
{
    return $this->rules;
}

            
getUserIdsByRole() public method (available since version 2.0.7)

Returns all user IDs assigned to the role specified.

public array getUserIdsByRole ( $roleName )
$roleName string
return array

Array of user ID strings

                public function getUserIdsByRole($roleName)
{
    $result = [];
    foreach ($this->assignments as $userID => $assignments) {
        foreach ($assignments as $userAssignment) {
            if ($userAssignment->roleName === $roleName && $userAssignment->userId == $userID) {
                $result[] = (string) $userID;
            }
        }
    }
    return $result;
}

            
hasChild() public method

Returns a value indicating whether the child already exists for the parent.

public boolean hasChild ( $parent, $child )
$parent yii\rbac\Item
$child yii\rbac\Item
return boolean

Whether $child is already a child of $parent

                public function hasChild($parent, $child)
{
    return isset($this->children[$parent->name][$child->name]);
}

            
hasEventHandlers() public method

Defined in: yii\base\Component::hasEventHandlers()

Returns a value indicating whether there is any handler attached to the named event.

public boolean hasEventHandlers ( $name )
$name string

The event name

return boolean

Whether there is any handler attached to the event.

                public function hasEventHandlers($name)
{
    $this->ensureBehaviors();
    if (!empty($this->_events[$name])) {
        return true;
    }
    foreach ($this->_eventWildcards as $wildcard => $handlers) {
        if (!empty($handlers) && StringHelper::matchWildcard($wildcard, $name)) {
            return true;
        }
    }
    return Event::hasHandlers($this, $name);
}

            
hasMethod() public method

Defined in: yii\base\Component::hasMethod()

Returns a value indicating whether a method is defined.

A method is defined if:

  • the class has a method with the specified name
  • an attached behavior has a method with the given name (when $checkBehaviors is true).
public boolean hasMethod ( $name, $checkBehaviors true )
$name string

The property name

$checkBehaviors boolean

Whether to treat behaviors' methods as methods of this component

return boolean

Whether the method is defined

                public function hasMethod($name, $checkBehaviors = true)
{
    if (method_exists($this, $name)) {
        return true;
    } elseif ($checkBehaviors) {
        $this->ensureBehaviors();
        foreach ($this->_behaviors as $behavior) {
            if ($behavior->hasMethod($name)) {
                return true;
            }
        }
    }
    return false;
}

            
hasNoAssignments() protected method (available since version 2.0.11)

Defined in: yii\rbac\BaseManager::hasNoAssignments()

Checks whether array of $assignments is empty and $defaultRoles property is empty as well.

protected boolean hasNoAssignments ( array $assignments )
$assignments yii\rbac\Assignment[]

Array of user's assignments

return boolean

Whether array of $assignments is empty and $defaultRoles property is empty as well

                protected function hasNoAssignments(array $assignments)
{
    return empty($assignments) && empty($this->defaultRoles);
}

            
hasProperty() public method

Defined in: yii\base\Component::hasProperty()

Returns a value indicating whether a property is defined for this component.

A property is defined if:

  • the class has a getter or setter method associated with the specified name (in this case, property name is case-insensitive);
  • the class has a member variable with the specified name (when $checkVars is true);
  • an attached behavior has a property of the given name (when $checkBehaviors is true).

See also:

public boolean hasProperty ( $name, $checkVars true, $checkBehaviors true )
$name string

The property name

$checkVars boolean

Whether to treat member variables as properties

$checkBehaviors boolean

Whether to treat behaviors' properties as properties of this component

return boolean

Whether the property is defined

                public function hasProperty($name, $checkVars = true, $checkBehaviors = true)
{
    return $this->canGetProperty($name, $checkVars, $checkBehaviors) || $this->canSetProperty($name, false, $checkBehaviors);
}

            
init() public method

Initializes the application component.

This method overrides parent implementation by loading the authorization data from PHP script.

public void init ( )

                public function init()
{
    parent::init();
    $this->itemFile = Yii::getAlias($this->itemFile);
    $this->assignmentFile = Yii::getAlias($this->assignmentFile);
    $this->ruleFile = Yii::getAlias($this->ruleFile);
    $this->load();
}

            
invalidateScriptCache() protected method (available since version 2.0.9)

Invalidates precompiled script cache (such as OPCache or APC) for the given file.

protected void invalidateScriptCache ( $file )
$file string

The file path.

                protected function invalidateScriptCache($file)
{
    if (function_exists('opcache_invalidate')) {
        opcache_invalidate($file, true);
    }
    if (function_exists('apc_delete_file')) {
        @apc_delete_file($file);
    }
}

            
load() protected method

Loads authorization data from persistent storage.

protected void load ( )

                protected function load()
{
    $this->children = [];
    $this->rules = [];
    $this->assignments = [];
    $this->items = [];
    $items = $this->loadFromFile($this->itemFile);
    $itemsMtime = @filemtime($this->itemFile);
    $assignments = $this->loadFromFile($this->assignmentFile);
    $assignmentsMtime = @filemtime($this->assignmentFile);
    $rules = $this->loadFromFile($this->ruleFile);
    foreach ($items as $name => $item) {
        $class = $item['type'] == Item::TYPE_PERMISSION ? Permission::className() : Role::className();
        $this->items[$name] = new $class([
            'name' => $name,
            'description' => isset($item['description']) ? $item['description'] : null,
            'ruleName' => isset($item['ruleName']) ? $item['ruleName'] : null,
            'data' => isset($item['data']) ? $item['data'] : null,
            'createdAt' => $itemsMtime,
            'updatedAt' => $itemsMtime,
        ]);
    }
    foreach ($items as $name => $item) {
        if (isset($item['children'])) {
            foreach ($item['children'] as $childName) {
                if (isset($this->items[$childName])) {
                    $this->children[$name][$childName] = $this->items[$childName];
                }
            }
        }
    }
    foreach ($assignments as $userId => $roles) {
        foreach ($roles as $role) {
            $this->assignments[$userId][$role] = new Assignment([
                'userId' => $userId,
                'roleName' => $role,
                'createdAt' => $assignmentsMtime,
            ]);
        }
    }
    foreach ($rules as $name => $ruleData) {
        $this->rules[$name] = unserialize($ruleData);
    }
}

            
loadFromFile() protected method

Loads the authorization data from a PHP script file.

See also saveToFile().

protected array loadFromFile ( $file )
$file string

The file path.

return array

The authorization data

                protected function loadFromFile($file)
{
    if (is_file($file)) {
        return require $file;
    }
    return [];
}

            
off() public method

Defined in: yii\base\Component::off()

Detaches an existing event handler from this component.

This method is the opposite of on().

Note: in case wildcard pattern is passed for event name, only the handlers registered with this wildcard will be removed, while handlers registered with plain names matching this wildcard will remain.

See also on().

public boolean off ( $name, $handler null )
$name string

Event name

$handler callable|null

The event handler to be removed. If it is null, all handlers attached to the named event will be removed.

return boolean

If a handler is found and detached

                public function off($name, $handler = null)
{
    $this->ensureBehaviors();
    if (empty($this->_events[$name]) && empty($this->_eventWildcards[$name])) {
        return false;
    }
    if ($handler === null) {
        unset($this->_events[$name], $this->_eventWildcards[$name]);
        return true;
    }
    $removed = false;
    // plain event names
    if (isset($this->_events[$name])) {
        foreach ($this->_events[$name] as $i => $event) {
            if ($event[0] === $handler) {
                unset($this->_events[$name][$i]);
                $removed = true;
            }
        }
        if ($removed) {
            $this->_events[$name] = array_values($this->_events[$name]);
            return true;
        }
    }
    // wildcard event names
    if (isset($this->_eventWildcards[$name])) {
        foreach ($this->_eventWildcards[$name] as $i => $event) {
            if ($event[0] === $handler) {
                unset($this->_eventWildcards[$name][$i]);
                $removed = true;
            }
        }
        if ($removed) {
            $this->_eventWildcards[$name] = array_values($this->_eventWildcards[$name]);
            // remove empty wildcards to save future redundant regex checks:
            if (empty($this->_eventWildcards[$name])) {
                unset($this->_eventWildcards[$name]);
            }
        }
    }
    return $removed;
}

            
on() public method

Defined in: yii\base\Component::on()

Attaches an event handler to an event.

The event handler must be a valid PHP callback. The following are some examples:

function ($event) { ... }         // anonymous function
[$object, 'handleClick']          // $object->handleClick()
['Page', 'handleClick']           // Page::handleClick()
'handleClick'                     // global function handleClick()

The event handler must be defined with the following signature,

function ($event)

where $event is an yii\base\Event object which includes parameters associated with the event.

Since 2.0.14 you can specify event name as a wildcard pattern:

$component->on('event.group.*', function ($event) {
    Yii::trace($event->name . ' is triggered.');
});

See also off().

public void on ( $name, $handler, $data null, $append true )
$name string

The event name

$handler callable

The event handler

$data mixed

The data to be passed to the event handler when the event is triggered. When the event handler is invoked, this data can be accessed via yii\base\Event::$data.

$append boolean

Whether to append new event handler to the end of the existing handler list. If false, the new handler will be inserted at the beginning of the existing handler list.

                public function on($name, $handler, $data = null, $append = true)
{
    $this->ensureBehaviors();
    if (strpos($name, '*') !== false) {
        if ($append || empty($this->_eventWildcards[$name])) {
            $this->_eventWildcards[$name][] = [$handler, $data];
        } else {
            array_unshift($this->_eventWildcards[$name], [$handler, $data]);
        }
        return;
    }
    if ($append || empty($this->_events[$name])) {
        $this->_events[$name][] = [$handler, $data];
    } else {
        array_unshift($this->_events[$name], [$handler, $data]);
    }
}

            
remove() public method

Defined in: yii\rbac\BaseManager::remove()

Removes a role, permission or rule from the RBAC system.

public boolean remove ( $object )
$object yii\rbac\Role|yii\rbac\Permission|yii\rbac\Rule
return boolean

Whether the role, permission or rule is successfully removed

                public function remove($object)
{
    if ($object instanceof Item) {
        return $this->removeItem($object);
    } elseif ($object instanceof Rule) {
        return $this->removeRule($object);
    }
    throw new InvalidArgumentException('Removing unsupported object type.');
}

            
removeAll() public method

Removes all authorization data, including roles, permissions, rules, and assignments.

public void removeAll ( )

                public function removeAll()
{
    $this->children = [];
    $this->items = [];
    $this->assignments = [];
    $this->rules = [];
    $this->save();
}

            
removeAllAssignments() public method

Removes all role assignments.

public void removeAllAssignments ( )

                public function removeAllAssignments()
{
    $this->assignments = [];
    $this->saveAssignments();
}

            
removeAllItems() protected method

Removes all auth items of the specified type.

protected void removeAllItems ( $type )
$type integer

The auth item type (either Item::TYPE_PERMISSION or Item::TYPE_ROLE)

                protected function removeAllItems($type)
{
    $names = [];
    foreach ($this->items as $name => $item) {
        if ($item->type == $type) {
            unset($this->items[$name]);
            $names[$name] = true;
        }
    }
    if (empty($names)) {
        return;
    }
    foreach ($this->assignments as $i => $assignments) {
        foreach ($assignments as $n => $assignment) {
            if (isset($names[$assignment->roleName])) {
                unset($this->assignments[$i][$n]);
            }
        }
    }
    foreach ($this->children as $name => $children) {
        if (isset($names[$name])) {
            unset($this->children[$name]);
        } else {
            foreach ($children as $childName => $item) {
                if (isset($names[$childName])) {
                    unset($children[$childName]);
                }
            }
            $this->children[$name] = $children;
        }
    }
    $this->saveItems();
}

            
removeAllPermissions() public method

Removes all permissions.

All parent child relations will be adjusted accordingly.

public void removeAllPermissions ( )

                public function removeAllPermissions()
{
    $this->removeAllItems(Item::TYPE_PERMISSION);
}

            
removeAllRoles() public method

Removes all roles.

All parent child relations will be adjusted accordingly.

public void removeAllRoles ( )

                public function removeAllRoles()
{
    $this->removeAllItems(Item::TYPE_ROLE);
}

            
removeAllRules() public method

Removes all rules.

All roles and permissions which have rules will be adjusted accordingly.

public void removeAllRules ( )

                public function removeAllRules()
{
    foreach ($this->items as $item) {
        $item->ruleName = null;
    }
    $this->rules = [];
    $this->saveRules();
}

            
removeChild() public method

Removes a child from its parent.

Note, the child item is not deleted. Only the parent-child relationship is removed.

public boolean removeChild ( $parent, $child )
$parent yii\rbac\Item
$child yii\rbac\Item
return boolean

Whether the removal is successful

                public function removeChild($parent, $child)
{
    if (isset($this->children[$parent->name][$child->name])) {
        unset($this->children[$parent->name][$child->name]);
        $this->saveItems();
        return true;
    }
    return false;
}

            
removeChildren() public method

Removed all children form their parent.

Note, the children items are not deleted. Only the parent-child relationships are removed.

public boolean removeChildren ( $parent )
$parent yii\rbac\Item
return boolean

Whether the removal is successful

                public function removeChildren($parent)
{
    if (isset($this->children[$parent->name])) {
        unset($this->children[$parent->name]);
        $this->saveItems();
        return true;
    }
    return false;
}

            
removeItem() public method

Removes an auth item from the RBAC system.

public boolean removeItem ( $item )
$item yii\rbac\Item

The item to remove

return boolean

Whether the role or permission is successfully removed

throws Exception

if data validation or saving fails (such as the name of the role or permission is not unique)

                public function removeItem($item)
{
    if (isset($this->items[$item->name])) {
        foreach ($this->children as &$children) {
            unset($children[$item->name]);
        }
        foreach ($this->assignments as &$assignments) {
            unset($assignments[$item->name]);
        }
        unset($this->items[$item->name]);
        $this->saveItems();
        $this->saveAssignments();
        return true;
    }
    return false;
}

            
removeRule() protected method

Removes a rule from the RBAC system.

protected boolean removeRule ( $rule )
$rule yii\rbac\Rule

The rule to remove

return boolean

Whether the rule is successfully removed

throws Exception

if data validation or saving fails (such as the name of the rule is not unique)

                protected function removeRule($rule)
{
    if (isset($this->rules[$rule->name])) {
        unset($this->rules[$rule->name]);
        foreach ($this->items as $item) {
            if ($item->ruleName === $rule->name) {
                $item->ruleName = null;
            }
        }
        $this->saveRules();
        return true;
    }
    return false;
}

            
revoke() public method

Revokes a role from a user.

public boolean revoke ( $role, $userId )
$role yii\rbac\Role|yii\rbac\Permission
$userId string|integer

The user ID (see yii\web\User::$id)

return boolean

Whether the revoking is successful

                public function revoke($role, $userId)
{
    if (isset($this->assignments[$userId][$role->name])) {
        unset($this->assignments[$userId][$role->name]);
        $this->saveAssignments();
        return true;
    }
    return false;
}

            
revokeAll() public method

Revokes all roles from a user.

public boolean revokeAll ( $userId )
$userId mixed

The user ID (see yii\web\User::$id)

return boolean

Whether the revoking is successful

                public function revokeAll($userId)
{
    if (isset($this->assignments[$userId]) && is_array($this->assignments[$userId])) {
        foreach ($this->assignments[$userId] as $itemName => $value) {
            unset($this->assignments[$userId][$itemName]);
        }
        $this->saveAssignments();
        return true;
    }
    return false;
}

            
save() protected method

Saves authorization data into persistent storage.

protected void save ( )

                protected function save()
{
    $this->saveItems();
    $this->saveAssignments();
    $this->saveRules();
}

            
saveAssignments() protected method

Saves assignments data into persistent storage.

protected void saveAssignments ( )

                protected function saveAssignments()
{
    $assignmentData = [];
    foreach ($this->assignments as $userId => $assignments) {
        foreach ($assignments as $name => $assignment) {
            /* @var $assignment Assignment */
            $assignmentData[$userId][] = $assignment->roleName;
        }
    }
    $this->saveToFile($assignmentData, $this->assignmentFile);
}

            
saveItems() protected method

Saves items data into persistent storage.

protected void saveItems ( )

                protected function saveItems()
{
    $items = [];
    foreach ($this->items as $name => $item) {
        /* @var $item Item */
        $items[$name] = array_filter(
            [
                'type' => $item->type,
                'description' => $item->description,
                'ruleName' => $item->ruleName,
                'data' => $item->data,
            ]
        );
        if (isset($this->children[$name])) {
            foreach ($this->children[$name] as $child) {
                /* @var $child Item */
                $items[$name]['children'][] = $child->name;
            }
        }
    }
    $this->saveToFile($items, $this->itemFile);
}

            
saveRules() protected method

Saves rules data into persistent storage.

protected void saveRules ( )

                protected function saveRules()
{
    $rules = [];
    foreach ($this->rules as $name => $rule) {
        $rules[$name] = serialize($rule);
    }
    $this->saveToFile($rules, $this->ruleFile);
}

            
saveToFile() protected method

Saves the authorization data to a PHP script file.

See also loadFromFile().

protected void saveToFile ( $data, $file )
$data array

The authorization data

$file string

The file path.

                protected function saveToFile($data, $file)
{
    file_put_contents($file, "<?php\n\nreturn " . VarDumper::export($data) . ";\n", LOCK_EX);
    $this->invalidateScriptCache($file);
}

            
setDefaultRoles() public method (available since version 2.0.14)

Defined in: yii\rbac\BaseManager::setDefaultRoles()

Set default roles

public void setDefaultRoles ( $roles )
$roles string[]|Closure

Either array of roles or a callable returning it

throws yii\base\InvalidArgumentException

when $roles is neither array nor Closure

throws yii\base\InvalidValueException

when Closure return is not an array

                public function setDefaultRoles($roles)
{
    if (is_array($roles)) {
        $this->defaultRoles = $roles;
    } elseif ($roles instanceof \Closure) {
        $roles = call_user_func($roles);
        if (!is_array($roles)) {
            throw new InvalidValueException('Default roles closure must return an array');
        }
        $this->defaultRoles = $roles;
    } else {
        throw new InvalidArgumentException('Default roles must be either an array or a callable');
    }
}

            
trigger() public method

Defined in: yii\base\Component::trigger()

Triggers an event.

This method represents the happening of an event. It invokes all attached handlers for the event including class-level handlers.

public void trigger ( $name, yii\base\Event $event null )
$name string

The event name

$event yii\base\Event|null

The event instance. If not set, a default yii\base\Event object will be created.

                public function trigger($name, Event $event = null)
{
    $this->ensureBehaviors();
    $eventHandlers = [];
    foreach ($this->_eventWildcards as $wildcard => $handlers) {
        if (StringHelper::matchWildcard($wildcard, $name)) {
            $eventHandlers[] = $handlers;
        }
    }
    if (!empty($this->_events[$name])) {
        $eventHandlers[] = $this->_events[$name];
    }
    if (!empty($eventHandlers)) {
        $eventHandlers = call_user_func_array('array_merge', $eventHandlers);
        if ($event === null) {
            $event = new Event();
        }
        if ($event->sender === null) {
            $event->sender = $this;
        }
        $event->handled = false;
        $event->name = $name;
        foreach ($eventHandlers as $handler) {
            $event->data = $handler[1];
            call_user_func($handler[0], $event);
            // stop further handling if the event is handled
            if ($event->handled) {
                return;
            }
        }
    }
    // invoke class-level attached handlers
    Event::trigger($this, $name, $event);
}

            
update() public method

Defined in: yii\rbac\BaseManager::update()

Updates the specified role, permission or rule in the system.

public boolean update ( $name, $object )
$name string

The old name of the role, permission or rule

$object yii\rbac\Role|yii\rbac\Permission|yii\rbac\Rule
return boolean

Whether the update is successful

throws Exception

if data validation or saving fails (such as the name of the role or permission is not unique)

                public function update($name, $object)
{
    if ($object instanceof Item) {
        if ($object->ruleName && $this->getRule($object->ruleName) === null) {
            $rule = \Yii::createObject($object->ruleName);
            $rule->name = $object->ruleName;
            $this->addRule($rule);
        }
        return $this->updateItem($name, $object);
    } elseif ($object instanceof Rule) {
        return $this->updateRule($name, $object);
    }
    throw new InvalidArgumentException('Updating unsupported object type.');
}

            
updateItem() protected method

Updates an auth item in the RBAC system.

protected boolean updateItem ( $name, $item )
$name string

The name of the item being updated

$item yii\rbac\Item

The updated item

return boolean

Whether the auth item is successfully updated

throws Exception

if data validation or saving fails (such as the name of the role or permission is not unique)

                protected function updateItem($name, $item)
{
    if ($name !== $item->name) {
        if (isset($this->items[$item->name])) {
            throw new InvalidArgumentException("Unable to change the item name. The name '{$item->name}' is already used by another item.");
        }
        // Remove old item in case of renaming
        unset($this->items[$name]);
        if (isset($this->children[$name])) {
            $this->children[$item->name] = $this->children[$name];
            unset($this->children[$name]);
        }
        foreach ($this->children as &$children) {
            if (isset($children[$name])) {
                $children[$item->name] = $children[$name];
                unset($children[$name]);
            }
        }
        foreach ($this->assignments as &$assignments) {
            if (isset($assignments[$name])) {
                $assignments[$item->name] = $assignments[$name];
                $assignments[$item->name]->roleName = $item->name;
                unset($assignments[$name]);
            }
        }
        $this->saveAssignments();
    }
    $this->items[$item->name] = $item;
    $this->saveItems();
    return true;
}

            
updateRule() public method

Updates a rule to the RBAC system.

public boolean updateRule ( $name, $rule )
$name string

The name of the rule being updated

$rule yii\rbac\Rule

The updated rule

return boolean

Whether the rule is successfully updated

throws Exception

if data validation or saving fails (such as the name of the rule is not unique)

                public function updateRule($name, $rule)
{
    if ($rule->name !== $name) {
        unset($this->rules[$name]);
    }
    $this->rules[$rule->name] = $rule;
    $this->saveRules();
    return true;
}