public function addChild($parent, $child)
{
if ($parent->name === $child->name) {
throw new InvalidParamException("Cannot add '{$parent->name}' as a child of itself.");
}
if ($parent instanceof Permission && $child instanceof Role) {
throw new InvalidParamException('Cannot add a role as a child of a permission.');
}
if ($this->detectLoop($parent, $child)) {
throw new InvalidCallException("Cannot add '{$child->name}' as a child of '{$parent->name}'. A loop has been detected.");
}
$this->db->createCommand()->insert($this->itemChildTable, ['parent' => $parent->name, 'child' => $child->name])->execute();
$this->invalidateCache();
return true;
}
/** * Initial RBAC action * @param integer $id Superadmin ID */ public function actionInit($id = null) { $auth = new DbManager(); $auth->init(); $auth->removeAll(); //удаляем старые данные // Rules $groupRule = new GroupRule(); $auth->add($groupRule); // Roles $student = $auth->createRole('student'); $student->description = 'Student'; $student->ruleName = $groupRule->name; $auth->add($student); $teacher = $auth->createRole('teacher'); $teacher->description = 'Teacher'; $teacher->ruleName = $groupRule->name; $auth->add($teacher); $auth->addChild($teacher, $student); $admin = $auth->createRole('admin'); $admin->description = 'Admin'; $admin->ruleName = $groupRule->name; $auth->add($admin); $auth->addChild($admin, $teacher); $superadmin = $auth->createRole('superadmin'); $superadmin->description = 'Superadmin'; $superadmin->ruleName = $groupRule->name; $auth->add($superadmin); $auth->addChild($superadmin, $admin); // Superadmin assignments if ($id !== null) { $auth->assign($superadmin, $id); } }