Created
September 25, 2012 02:40
-
-
Save jeffwinesett/3779677 to your computer and use it in GitHub Desktop.
Yii Web Dev Book, Chapter 7, section: Writing a console application command
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| class RbacCommand extends CConsoleCommand | |
| { | |
| private $_authManager; | |
| public function getHelp() | |
| { | |
| $description = "DESCRIPTION\n"; | |
| $description .= ' '."This command generates an initial RBAC authorization hierarchy.\n"; | |
| return parent::getHelp() . $description; | |
| } | |
| /** | |
| * The default action - create the RBAC structure. | |
| */ | |
| public function actionIndex() | |
| { | |
| $this->ensureAuthManagerDefined(); | |
| //provide the oportunity for the use to abort the request | |
| $message = "This command will create three roles: Owner, Member, and Reader\n"; | |
| $message .= " and the following permissions:\n"; | |
| $message .= "create, read, update and delete user\n"; | |
| $message .= "create, read, update and delete project\n"; | |
| $message .= "create, read, update and delete issue\n"; | |
| $message .= "Would you like to continue?"; | |
| //check the input from the user and continue if | |
| //they indicated yes to the above question | |
| if($this->confirm($message)) | |
| { | |
| //first we need to remove all operations, | |
| //roles, child relationship and assignments | |
| $this->_authManager->clearAll(); | |
| //create the lowest level operations for users | |
| $this->_authManager->createOperation( | |
| "createUser", | |
| "create a new user"); | |
| $this->_authManager->createOperation( | |
| "readUser", | |
| "read user profile information"); | |
| $this->_authManager->createOperation( | |
| "updateUser", | |
| "update a users in-formation"); | |
| $this->_authManager->createOperation( | |
| "deleteUser", | |
| "remove a user from a project"); | |
| //create the lowest level operations for projects | |
| $this->_authManager->createOperation( | |
| "createProject", | |
| "create a new project"); | |
| $this->_authManager->createOperation( | |
| "readProject", | |
| "read project information"); | |
| $this->_authManager->createOperation( | |
| "updateProject", | |
| "update project information"); | |
| $this->_authManager->createOperation( | |
| "deleteProject", | |
| "delete a project"); | |
| //create the lowest level operations for issues | |
| $this->_authManager->createOperation( | |
| "createIssue", | |
| "create a new issue"); | |
| $this->_authManager->createOperation( | |
| "readIssue", | |
| "read issue information"); | |
| $this->_authManager->createOperation( | |
| "updateIssue", | |
| "update issue information"); | |
| $this->_authManager->createOperation( | |
| "deleteIssue", | |
| "delete an issue from a project"); | |
| //create the reader role and add the appropriate | |
| //permissions as children to this role | |
| $role=$this->_authManager->createRole("reader"); | |
| $role->addChild("readUser"); | |
| $role->addChild("readProject"); | |
| $role->addChild("readIssue"); | |
| //create the member role, and add the appropriate | |
| //permissions, as well as the reader role itself, as children | |
| $role=$this->_authManager->createRole("member"); | |
| $role->addChild("reader"); | |
| $role->addChild("createIssue"); | |
| $role->addChild("updateIssue"); | |
| $role->addChild("deleteIssue"); | |
| //create the owner role, and add the appropriate permissions, | |
| //as well as both the reader and member roles as children | |
| $role=$this->_authManager->createRole("owner"); | |
| $role->addChild("reader"); | |
| $role->addChild("member"); | |
| $role->addChild("createUser"); | |
| $role->addChild("updateUser"); | |
| $role->addChild("deleteUser"); | |
| $role->addChild("createProject"); | |
| $role->addChild("updateProject"); | |
| $role->addChild("deleteProject"); | |
| //provide a message indicating success | |
| echo "Authorization hierarchy successfully generated.\n"; | |
| } | |
| else | |
| echo "Operation cancelled.\n"; | |
| } | |
| public function actionDelete() | |
| { | |
| $this->ensureAuthManagerDefined(); | |
| $message = "This command will clear all RBAC definitions.\n"; | |
| $message .= "Would you like to continue?"; | |
| //check the input from the user and continue if they indicated | |
| //yes to the above question | |
| if($this->confirm($message)) | |
| { | |
| $this->_authManager->clearAll(); | |
| echo "Authorization hierarchy removed.\n"; | |
| } | |
| else | |
| echo "Delete operation cancelled.\n"; | |
| } | |
| protected function ensureAuthManagerDefined() | |
| { | |
| //ensure that an authManager is defined as this is mandatory for creating an auth heirarchy | |
| if(($this->_authManager=Yii::app()->authManager)===null) | |
| { | |
| $message = "Error: an authorization manager, named 'authManager' must be con-figured to use this command."; | |
| $this->usageError($message); | |
| } | |
| } | |
| } |
Your book is incredible. And it makes me feel incredible too
Thank you very much
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Love your book - so far all example work (which is not always the case)!