Overview

Packages

  • application
    • commands
    • components
      • actions
      • filters
      • leftWidget
      • permissions
      • sortableWidget
      • util
      • webupdater
      • x2flow
        • actions
        • triggers
      • X2GridView
      • X2Settings
    • controllers
    • models
      • embedded
    • modules
      • accounts
        • controllers
        • models
      • actions
        • controllers
        • models
      • calendar
        • controllers
        • models
      • charts
        • models
      • contacts
        • controllers
        • models
      • docs
        • components
        • controllers
        • models
      • groups
        • controllers
        • models
      • marketing
        • components
        • controllers
        • models
      • media
        • controllers
        • models
      • mobile
        • components
      • opportunities
        • controllers
        • models
      • products
        • controllers
        • models
      • quotes
        • controllers
        • models
      • services
        • controllers
        • models
      • template
        • models
      • users
        • controllers
        • models
      • workflow
        • controllers
        • models
      • x2Leads
        • controllers
        • models
  • Net
  • None
  • PHP
  • system
    • base
    • caching
      • dependencies
    • collections
    • console
    • db
      • ar
      • schema
        • cubrid
        • mssql
        • mysql
        • oci
        • pgsql
        • sqlite
    • i18n
      • gettext
    • logging
    • test
    • utils
    • validators
    • web
      • actions
      • auth
      • filters
      • form
      • helpers
      • renderers
      • services
      • widgets
        • captcha
        • pagers
  • Text
    • Highlighter
  • zii
    • behaviors
    • widgets
      • grid
      • jui

Classes

  • CAccessControlFilter
  • CAccessRule
  • CAuthAssignment
  • CAuthItem
  • CAuthManager
  • CBaseUserIdentity
  • CDbAuthManager
  • CPhpAuthManager
  • CUserIdentity
  • CWebUser
  • X2WebUser
  • Overview
  • Package
  • Class
  • Tree 
  1: <?php
  2: /**
  3:  * CAuthItem class file.
  4:  *
  5:  * @author Qiang Xue <qiang.xue@gmail.com>
  6:  * @link http://www.yiiframework.com/
  7:  * @copyright 2008-2013 Yii Software LLC
  8:  * @license http://www.yiiframework.com/license/
  9:  */
 10: 
 11: /**
 12:  * CAuthItem represents an authorization item.
 13:  * An authorization item can be an operation, a task or a role.
 14:  * They form an authorization hierarchy. Items on higher levels of the hierarchy
 15:  * inherit the permissions represented by items on lower levels.
 16:  * A user may be assigned one or several authorization items (called {@link CAuthAssignment assignments}.
 17:  * He can perform an operation only when it is among his assigned items.
 18:  *
 19:  * @property IAuthManager $authManager The authorization manager.
 20:  * @property integer $type The authorization item type. This could be 0 (operation), 1 (task) or 2 (role).
 21:  * @property string $name The item name.
 22:  * @property string $description The item description.
 23:  * @property string $bizRule The business rule associated with this item.
 24:  * @property mixed $data The additional data associated with this item.
 25:  * @property array $children All child items of this item.
 26:  *
 27:  * @author Qiang Xue <qiang.xue@gmail.com>
 28:  * @package system.web.auth
 29:  * @since 1.0
 30:  */
 31: class CAuthItem extends CComponent
 32: {
 33:     const TYPE_OPERATION=0;
 34:     const TYPE_TASK=1;
 35:     const TYPE_ROLE=2;
 36: 
 37:     private $_auth;
 38:     private $_type;
 39:     private $_name;
 40:     private $_description;
 41:     private $_bizRule;
 42:     private $_data;
 43: 
 44:     /**
 45:      * Constructor.
 46:      * @param IAuthManager $auth authorization manager
 47:      * @param string $name authorization item name
 48:      * @param integer $type authorization item type. This can be 0 (operation), 1 (task) or 2 (role).
 49:      * @param string $description the description
 50:      * @param string $bizRule the business rule associated with this item
 51:      * @param mixed $data additional data for this item
 52:      */
 53:     public function __construct($auth,$name,$type,$description='',$bizRule=null,$data=null)
 54:     {
 55:         $this->_type=(int)$type;
 56:         $this->_auth=$auth;
 57:         $this->_name=$name;
 58:         $this->_description=$description;
 59:         $this->_bizRule=$bizRule;
 60:         $this->_data=$data;
 61:     }
 62: 
 63:     /**
 64:      * Checks to see if the specified item is within the hierarchy starting from this item.
 65:      * This method is expected to be internally used by the actual implementations
 66:      * of the {@link IAuthManager::checkAccess}.
 67:      * @param string $itemName the name of the item to be checked
 68:      * @param array $params the parameters to be passed to business rule evaluation
 69:      * @return boolean whether the specified item is within the hierarchy starting from this item.
 70:      */
 71:     public function checkAccess($itemName,$params=array())
 72:     {
 73:         Yii::trace('Checking permission "'.$this->_name.'"','system.web.auth.CAuthItem');
 74:         if($this->_auth->executeBizRule($this->_bizRule,$params,$this->_data))
 75:         {
 76:             if($this->_name==$itemName)
 77:                 return true;
 78:             foreach($this->_auth->getItemChildren($this->_name) as $item)
 79:             {
 80:                 if($item->checkAccess($itemName,$params))
 81:                     return true;
 82:             }
 83:         }
 84:         return false;
 85:     }
 86: 
 87:     /**
 88:      * @return IAuthManager the authorization manager
 89:      */
 90:     public function getAuthManager()
 91:     {
 92:         return $this->_auth;
 93:     }
 94: 
 95:     /**
 96:      * @return integer the authorization item type. This could be 0 (operation), 1 (task) or 2 (role).
 97:      */
 98:     public function getType()
 99:     {
100:         return $this->_type;
101:     }
102: 
103:     /**
104:      * @return string the item name
105:      */
106:     public function getName()
107:     {
108:         return $this->_name;
109:     }
110: 
111:     /**
112:      * @param string $value the item name
113:      */
114:     public function setName($value)
115:     {
116:         if($this->_name!==$value)
117:         {
118:             $oldName=$this->_name;
119:             $this->_name=$value;
120:             $this->_auth->saveAuthItem($this,$oldName);
121:         }
122:     }
123: 
124:     /**
125:      * @return string the item description
126:      */
127:     public function getDescription()
128:     {
129:         return $this->_description;
130:     }
131: 
132:     /**
133:      * @param string $value the item description
134:      */
135:     public function setDescription($value)
136:     {
137:         if($this->_description!==$value)
138:         {
139:             $this->_description=$value;
140:             $this->_auth->saveAuthItem($this);
141:         }
142:     }
143: 
144:     /**
145:      * @return string the business rule associated with this item
146:      */
147:     public function getBizRule()
148:     {
149:         return $this->_bizRule;
150:     }
151: 
152:     /**
153:      * @param string $value the business rule associated with this item
154:      */
155:     public function setBizRule($value)
156:     {
157:         if($this->_bizRule!==$value)
158:         {
159:             $this->_bizRule=$value;
160:             $this->_auth->saveAuthItem($this);
161:         }
162:     }
163: 
164:     /**
165:      * @return mixed the additional data associated with this item
166:      */
167:     public function getData()
168:     {
169:         return $this->_data;
170:     }
171: 
172:     /**
173:      * @param mixed $value the additional data associated with this item
174:      */
175:     public function setData($value)
176:     {
177:         if($this->_data!==$value)
178:         {
179:             $this->_data=$value;
180:             $this->_auth->saveAuthItem($this);
181:         }
182:     }
183: 
184:     /**
185:      * Adds a child item.
186:      * @param string $name the name of the child item
187:      * @return boolean whether the item is added successfully
188:      * @throws CException if either parent or child doesn't exist or if a loop has been detected.
189:      * @see IAuthManager::addItemChild
190:      */
191:     public function addChild($name)
192:     {
193:         return $this->_auth->addItemChild($this->_name,$name);
194:     }
195: 
196:     /**
197:      * Removes a child item.
198:      * Note, the child item is not deleted. Only the parent-child relationship is removed.
199:      * @param string $name the child item name
200:      * @return boolean whether the removal is successful
201:      * @see IAuthManager::removeItemChild
202:      */
203:     public function removeChild($name)
204:     {
205:         return $this->_auth->removeItemChild($this->_name,$name);
206:     }
207: 
208:     /**
209:      * Returns a value indicating whether a child exists
210:      * @param string $name the child item name
211:      * @return boolean whether the child exists
212:      * @see IAuthManager::hasItemChild
213:      */
214:     public function hasChild($name)
215:     {
216:         return $this->_auth->hasItemChild($this->_name,$name);
217:     }
218: 
219:     /**
220:      * Returns the children of this item.
221:      * @return array all child items of this item.
222:      * @see IAuthManager::getItemChildren
223:      */
224:     public function getChildren()
225:     {
226:         return $this->_auth->getItemChildren($this->_name);
227:     }
228: 
229:     /**
230:      * Assigns this item to a user.
231:      * @param mixed $userId the user ID (see {@link IWebUser::getId})
232:      * @param string $bizRule the business rule to be executed when {@link checkAccess} is called
233:      * for this particular authorization item.
234:      * @param mixed $data additional data associated with this assignment
235:      * @return CAuthAssignment the authorization assignment information.
236:      * @throws CException if the item has already been assigned to the user
237:      * @see IAuthManager::assign
238:      */
239:     public function assign($userId,$bizRule=null,$data=null)
240:     {
241:         return $this->_auth->assign($this->_name,$userId,$bizRule,$data);
242:     }
243: 
244:     /**
245:      * Revokes an authorization assignment from a user.
246:      * @param mixed $userId the user ID (see {@link IWebUser::getId})
247:      * @return boolean whether removal is successful
248:      * @see IAuthManager::revoke
249:      */
250:     public function revoke($userId)
251:     {
252:         return $this->_auth->revoke($this->_name,$userId);
253:     }
254: 
255:     /**
256:      * Returns a value indicating whether this item has been assigned to the user.
257:      * @param mixed $userId the user ID (see {@link IWebUser::getId})
258:      * @return boolean whether the item has been assigned to the user.
259:      * @see IAuthManager::isAssigned
260:      */
261:     public function isAssigned($userId)
262:     {
263:         return $this->_auth->isAssigned($this->_name,$userId);
264:     }
265: 
266:     /**
267:      * Returns the item assignment information.
268:      * @param mixed $userId the user ID (see {@link IWebUser::getId})
269:      * @return CAuthAssignment the item assignment information. Null is returned if
270:      * this item is not assigned to the user.
271:      * @see IAuthManager::getAuthAssignment
272:      */
273:     public function getAssignment($userId)
274:     {
275:         return $this->_auth->getAuthAssignment($this->_name,$userId);
276:     }
277: }
278:
API documentation generated by ApiGen 2.8.0