Class CDbAuthManager

CDbAuthManager represents an authorization manager that stores authorization information in database.

The database connection is specified by CDbAuthManager::$connectionID. And the database schema should be as described in "framework/web/auth/*.sql". You may change the names of the three tables used to store the authorization data by setting CDbAuthManager::$itemTable, CDbAuthManager::$itemChildTable and CDbAuthManager::$assignmentTable.

CComponent

CApplicationComponent implements IApplicationComponent

CAuthManager implements IAuthManager

CDbAuthManager

Direct known subclasses

X2AuthManager

Package: system\web\auth
Copyright: 2008-2013 Yii Software LLC
License: http://www.yiiframework.com/license/
Author: Qiang Xue <qiang.xue@gmail.com>
Since: 1.0
Located at x2engine/framework/web/auth/CDbAuthManager.php

Methods summary
`public`	# `init( )` Initializes the application component. This method overrides the parent implementation by establishing the database connection. Initializes the application component. This method overrides the parent implementation by establishing the database connection. Overrides `CApplicationComponent::init()`
`public boolean`	# `checkAccess( string $itemName, mixed $userId, array $params = array() )` Performs access check for the specified user. Performs access check for the specified user. Parameters `$itemName` `string` $itemName the name of the operation that need access check `$userId` `mixed` $userId the user ID. This should can be either an integer and a string representing the unique identifier of a user. See `IWebUser::getId()`. `$params` `array` $params name-value pairs that would be passed to biz rules associated with the tasks and roles assigned to the user. Since version 1.1.11 a param with name 'userId' is added to this array, which holds the value of `<span class="php-var">$userId</span>`. Returns `boolean` whether the operations can be performed by the user.
`protected boolean`	# `checkAccessRecursive( string $itemName, mixed $userId, array $params, array $assignments )` Performs access check for the specified user. This method is internally called by `CDbAuthManager::checkAccess()`. Performs access check for the specified user. This method is internally called by `CDbAuthManager::checkAccess()`. Parameters `$itemName` `string` $itemName the name of the operation that need access check `$userId` `mixed` $userId the user ID. This should can be either an integer and a string representing the unique identifier of a user. See `IWebUser::getId()`. `$params` `array` $params name-value pairs that would be passed to biz rules associated with the tasks and roles assigned to the user. Since version 1.1.11 a param with name 'userId' is added to this array, which holds the value of `<span class="php-var">$userId</span>`. `$assignments` `array` $assignments the assignments to the specified user Returns `boolean` whether the operations can be performed by the user. Since 1.1.3
`public boolean`	# `addItemChild( string $itemName, string $childName )` Adds an item as a child of another item. Adds an item as a child of another item. Parameters `$itemName` `string` $itemName the parent item name `$childName` `string` $childName the child item name Returns `boolean` whether the item is added successfully Throws `CException` if either parent or child doesn't exist or if a loop has been detected.
`public boolean`	# `removeItemChild( string $itemName, string $childName )` Removes a child from its parent. Note, the child item is not deleted. Only the parent-child relationship is removed. Removes a child from its parent. Note, the child item is not deleted. Only the parent-child relationship is removed. Parameters `$itemName` `string` $itemName the parent item name `$childName` `string` $childName the child item name Returns `boolean` whether the removal is successful
`public boolean`	# `hasItemChild( string $itemName, string $childName )` Returns a value indicating whether a child exists within a parent. Returns a value indicating whether a child exists within a parent. Parameters `$itemName` `string` $itemName the parent item name `$childName` `string` $childName the child item name Returns `boolean` whether the child exists
`public array`	# `getItemChildren( mixed $names )` Returns the children of the specified item. Returns the children of the specified item. Parameters `$names` `mixed` $names the parent item name. This can be either a string or an array. The latter represents a list of item names. Returns `array` all child items of the parent
`public CAuthAssignment`	# `assign( string $itemName, mixed $userId, string $bizRule = null, mixed $data = null )` Assigns an authorization item to a user. Assigns an authorization item to a user. Parameters `$itemName` `string` $itemName the item name `$userId` `mixed` $userId the user ID (see `IWebUser::getId()`) `$bizRule` `string` $bizRule the business rule to be executed when `CDbAuthManager::checkAccess()` is called for this particular authorization item. `$data` `mixed` $data additional data associated with this assignment Returns `CAuthAssignment` the authorization assignment information. Throws `CException` if the item does not exist or if the item has already been assigned to the user
`public boolean`	# `revoke( string $itemName, mixed $userId )` Revokes an authorization assignment from a user. Revokes an authorization assignment from a user. Parameters `$itemName` `string` $itemName the item name `$userId` `mixed` $userId the user ID (see `IWebUser::getId()`) Returns `boolean` whether removal is successful
`public boolean`	# `isAssigned( string $itemName, mixed $userId )` Returns a value indicating whether the item has been assigned to the user. Returns a value indicating whether the item has been assigned to the user. Parameters `$itemName` `string` $itemName the item name `$userId` `mixed` $userId the user ID (see `IWebUser::getId()`) Returns `boolean` whether the item has been assigned to the user.
`public CAuthAssignment`	# `getAuthAssignment( string $itemName, mixed $userId )` Returns the item assignment information. Returns the item assignment information. Parameters `$itemName` `string` $itemName the item name `$userId` `mixed` $userId the user ID (see `IWebUser::getId()`) Returns `CAuthAssignment` the item assignment information. Null is returned if the item is not assigned to the user.
`public array`	# `getAuthAssignments( mixed $userId )` Returns the item assignments for the specified user. Returns the item assignments for the specified user. Parameters `$userId` `mixed` $userId the user ID (see `IWebUser::getId()`) Returns `array` the item assignment information for the user. An empty array will be returned if there is no item assigned to the user.
`public`	# `saveAuthAssignment( CAuthAssignment $assignment )` Saves the changes to an authorization assignment. Saves the changes to an authorization assignment. Parameters `$assignment` `CAuthAssignment` $assignment the assignment that has been changed.
`public array`	# `getAuthItems( integer $type = null, mixed $userId = null )` Returns the authorization items of the specific type and user. Returns the authorization items of the specific type and user. Parameters `$type` `integer` $type the item type (0: operation, 1: task, 2: role). Defaults to null, meaning returning all items regardless of their type. `$userId` `mixed` $userId the user ID. Defaults to null, meaning returning all items even if they are not assigned to a user. Returns `array` the authorization items of the specific type.
`public CAuthItem`	# `createAuthItem( string $name, integer $type, string $description = '', string $bizRule = null, mixed $data = null )` Creates an authorization item. An authorization item represents an action permission (e.g. creating a post). It has three types: operation, task and role. Authorization items form a hierarchy. Higher level items inherit permissions representing by lower level items. Creates an authorization item. An authorization item represents an action permission (e.g. creating a post). It has three types: operation, task and role. Authorization items form a hierarchy. Higher level items inherit permissions representing by lower level items. Parameters `$name` `string` $name the item name. This must be a unique identifier. `$type` `integer` $type the item type (0: operation, 1: task, 2: role). `$description` `string` $description description of the item `$bizRule` `string` $bizRule business rule associated with the item. This is a piece of PHP code that will be executed when `CDbAuthManager::checkAccess()` is called for the item. `$data` `mixed` $data additional data associated with the item. Returns `CAuthItem` the authorization item Throws `CException` if an item with the same name already exists
`public boolean`	# `removeAuthItem( string $name )` Removes the specified authorization item. Removes the specified authorization item. Parameters `$name` `string` $name the name of the item to be removed Returns `boolean` whether the item exists in the storage and has been removed
`public CAuthItem`	# `getAuthItem( string $name )` Returns the authorization item with the specified name. Returns the authorization item with the specified name. Parameters `$name` `string` $name the name of the item Returns `CAuthItem` the authorization item. Null if the item cannot be found.
`public`	# `saveAuthItem( CAuthItem $item, string $oldName = null )` Saves an authorization item to persistent storage. Saves an authorization item to persistent storage. Parameters `$item` `CAuthItem` $item the item to be saved. `$oldName` `string` $oldName the old item name. If null, it means the item name is not changed.
`public`	# `save( )` Saves the authorization data to persistent storage. Saves the authorization data to persistent storage.
`public`	# `clearAll( )` Removes all authorization data. Removes all authorization data.
`public`	# `clearAuthAssignments( )` Removes all authorization assignments. Removes all authorization assignments.
`protected boolean`	# `detectLoop( string $itemName, string $childName )` Checks whether there is a loop in the authorization item hierarchy. Checks whether there is a loop in the authorization item hierarchy. Parameters `$itemName` `string` $itemName parent item name `$childName` `string` $childName the name of the child item that is to be added to the hierarchy Returns `boolean` whether a loop exists
`protected CDbConnection`	# `getDbConnection( )` Returns `CDbConnection` the DB connection instance Throws `CException` if `CDbAuthManager::$connectionID` does not point to a valid application component.
`protected boolean`	# `usingSqlite( )` Returns `boolean` whether the database is a SQLite database

Methods inherited from CAuthManager
`checkItemChildType(), createOperation(), createRole(), createTask(), executeBizRule(), getOperations(), getRoles(), getTasks()`

Methods inherited from CApplicationComponent
`getIsInitialized()`

Methods inherited from CComponent
`__call(), __get(), __isset(), __set(), __unset(), asa(), attachBehavior(), attachBehaviors(), attachEventHandler(), canGetProperty(), canSetProperty(), detachBehavior(), detachBehaviors(), detachEventHandler(), disableBehavior(), disableBehaviors(), enableBehavior(), enableBehaviors(), evaluateExpression(), getEventHandlers(), hasEvent(), hasEventHandler(), hasProperty(), raiseEvent()`

Properties summary
`public string`	`$connectionID`	`'db'`	# the ID of the `CDbConnection` application component. Defaults to 'db'. The database must have the tables as declared in "framework/web/auth/.sql". the ID of the `CDbConnection` application component. Defaults to 'db'. The database must have the tables as declared in "framework/web/auth/.sql".
`public string`	`$itemTable`	`'AuthItem'`	# the name of the table storing authorization items. Defaults to 'AuthItem'. the name of the table storing authorization items. Defaults to 'AuthItem'.
`public string`	`$itemChildTable`	`'AuthItemChild'`	# the name of the table storing authorization item hierarchy. Defaults to 'AuthItemChild'. the name of the table storing authorization item hierarchy. Defaults to 'AuthItemChild'.
`public string`	`$assignmentTable`	`'AuthAssignment'`	# the name of the table storing authorization item assignments. Defaults to 'AuthAssignment'. the name of the table storing authorization item assignments. Defaults to 'AuthAssignment'.
`public CDbConnection`	`$db`		# the database connection. By default, this is initialized automatically as the application component whose ID is indicated as `CDbAuthManager::$connectionID`. the database connection. By default, this is initialized automatically as the application component whose ID is indicated as `CDbAuthManager::$connectionID`.

Properties inherited from CAuthManager
`$defaultRoles, $showErrors`

Properties inherited from CApplicationComponent
`$behaviors`

Magic properties summary
`public array`	`$authItems`	# The authorization items of the specific type. The authorization items of the specific type.

Magic properties inherited from CAuthManager
`$operations, $roles, $tasks`

Magic properties inherited from CApplicationComponent
`$isInitialized`

Packages

Classes

Class CDbAuthManager

Direct known subclasses

Overrides

Parameters

Returns

Parameters

Returns

Since

Parameters

Returns

Throws

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Returns

Throws

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Returns

Parameters

Parameters

Returns

Parameters

Returns

Throws

Parameters

Returns

Parameters

Returns

Parameters

Parameters

Returns

Returns

Throws

Returns