没有命名空间的类 yii yii\base yii\behaviors yii\caching yii\captcha yii\console yii\console\controllers yii\console\widgets yii\data yii\db yii\db\conditions yii\db\cubrid yii\db\cubrid\conditions yii\db\mssql yii\db\mssql\conditions yii\db\mysql yii\db\oci yii\db\oci\conditions yii\db\pgsql yii\db\sqlite yii\db\sqlite\conditions yii\di yii\filters yii\filters\auth yii\grid yii\helpers yii\i18n yii\log yii\mail yii\mutex yii\rbac yii\rest yii\test yii\validators yii\web yii\widgets

Class yii\rbac\DbManager

继承yii\rbac\DbManager » yii\rbac\BaseManager » yii\base\Component » yii\base\BaseObject
实现yii\base\Configurable, yii\rbac\ManagerInterface
可用版本自2.0
源码 https://github.com/yiichina/yii2/blob/api/framework/rbac/DbManager.php

DbManager represents an authorization manager that stores authorization information in database.

The database connection is specified by $db. The database schema could be initialized by applying migration:

yii migrate --migrationPath=@yii/rbac/migrations/

If you don't want to use migration and need SQL instead, files for all databases are in migrations directory.

You may change the names of the tables used to store the authorization and rule data by setting $itemTable, $itemChildTable, $assignmentTable and $ruleTable.

For more details and usage information on DbManager, see the guide article on security authorization.

公共属性

隐藏继承的属性

属性类型描述被定义在
$assignmentTable string The name of the table storing authorization item assignments. yii\rbac\DbManager
$behaviors yii\base\Behavior[] List of behaviors attached to this component yii\base\Component
$cache yii\caching\CacheInterface|array|string The cache used to improve RBAC performance. yii\rbac\DbManager
$cacheKey string The key used to store RBAC data in cache yii\rbac\DbManager
$db yii\db\Connection|array|string The DB connection object or the application component ID of the DB connection. yii\rbac\DbManager
$defaultRoleInstances yii\rbac\Role[] 默认角色。该数组由角色名称索引 yii\rbac\BaseManager
$itemChildTable string The name of the table storing authorization item hierarchy. yii\rbac\DbManager
$itemTable string The name of the table storing authorization items. yii\rbac\DbManager
$permissions yii\rbac\Permission[] All permissions in the system. yii\rbac\BaseManager
$roles yii\rbac\Role[] All roles in the system. yii\rbac\BaseManager
$ruleTable string The name of the table storing rules. yii\rbac\DbManager

受保护的属性

隐藏继承的属性

属性类型描述被定义在
$defaultRoles array 在不调用 assign() 的情况下自动分配给每个用户的角色名称列表。 请注意,无论身份验证的状态如何,这些角色都将应用于用户。 yii\rbac\BaseManager
$items yii\rbac\Item[] All auth items (name => Item) yii\rbac\DbManager
$parents array Auth item parent-child relationships (childName => list of parents) yii\rbac\DbManager
$rules yii\rbac\Rule[] All auth rules (name => Rule) yii\rbac\DbManager

公共方法

隐藏继承的方法

方法描述被定义在
__call() Calls the named method which is not a class method. yii\base\Component
__clone() This method is called after the object is created by cloning an existing one. yii\base\Component
__construct() Constructor. yii\base\BaseObject
__get() Returns the value of a component property. yii\base\Component
__isset() Checks if a property is set, i.e. defined and not null. yii\base\Component
__set() Sets the value of a component property. yii\base\Component
__unset() Sets a component property to be null. yii\base\Component
add() Adds a role, permission or rule to the RBAC system. yii\rbac\BaseManager
addChild() Adds an item as a child of another item. yii\rbac\DbManager
assign() Assigns a role to a user. yii\rbac\DbManager
attachBehavior() Attaches a behavior to this component. yii\base\Component
attachBehaviors() Attaches a list of behaviors to the component. yii\base\Component
behaviors() Returns a list of behaviors that this component should behave as. yii\base\Component
canAddChild() Checks the possibility of adding a child to parent. yii\rbac\DbManager
canGetProperty() Returns a value indicating whether a property can be read. yii\base\Component
canSetProperty() Returns a value indicating whether a property can be set. yii\base\Component
checkAccess() yii\rbac\DbManager
className() Returns the fully qualified name of this class. yii\base\BaseObject
createPermission() Creates a new Permission object. yii\rbac\BaseManager
createRole() Creates a new Role object. yii\rbac\BaseManager
detachBehavior() Detaches a behavior from the component. yii\base\Component
detachBehaviors() Detaches all behaviors from the component. yii\base\Component
ensureBehaviors() Makes sure that the behaviors declared in behaviors() are attached to this component. yii\base\Component
getAssignment() Returns the assignment information regarding a role and a user. yii\rbac\DbManager
getAssignments() Returns all role assignment information for the specified user. yii\rbac\DbManager
getBehavior() Returns the named behavior object. yii\base\Component
getBehaviors() Returns all behaviors attached to this component. yii\base\Component
getChildRoles() Returns child roles of the role specified. Depth isn't limited. yii\rbac\DbManager
getChildren() Returns the child permissions and/or roles. yii\rbac\DbManager
getDefaultRoleInstances() 将 defaultRoles 作为 Role 对象的数组返回。 yii\rbac\BaseManager
getDefaultRoles() 获取默认角色 yii\rbac\BaseManager
getPermission() Returns the named permission. yii\rbac\BaseManager
getPermissions() Returns all permissions in the system. yii\rbac\BaseManager
getPermissionsByRole() Returns all permissions that the specified role represents. yii\rbac\DbManager
getPermissionsByUser() Returns all permissions that the user has. yii\rbac\DbManager
getRole() Returns the named role. yii\rbac\BaseManager
getRoles() Returns all roles in the system. yii\rbac\BaseManager
getRolesByUser() {@inheritdoc} The roles returned by this method include the roles assigned via $defaultRoles. yii\rbac\DbManager
getRule() Returns the rule of the specified name. yii\rbac\DbManager
getRules() Returns all rules available in the system. yii\rbac\DbManager
getUserIdsByRole() Returns all role assignment information for the specified role. yii\rbac\DbManager
hasChild() Returns a value indicating whether the child already exists for the parent. yii\rbac\DbManager
hasEventHandlers() Returns a value indicating whether there is any handler attached to the named event. yii\base\Component
hasMethod() Returns a value indicating whether a method is defined. yii\base\Component
hasProperty() Returns a value indicating whether a property is defined for this component. yii\base\Component
init() Initializes the application component. yii\rbac\DbManager
invalidateCache() yii\rbac\DbManager
loadFromCache() yii\rbac\DbManager
off() Detaches an existing event handler from this component. yii\base\Component
on() Attaches an event handler to an event. yii\base\Component
remove() Removes a role, permission or rule from the RBAC system. yii\rbac\BaseManager
removeAll() Removes all authorization data, including roles, permissions, rules, and assignments. yii\rbac\DbManager
removeAllAssignments() Removes all role assignments. yii\rbac\DbManager
removeAllPermissions() Removes all permissions. yii\rbac\DbManager
removeAllRoles() Removes all roles. yii\rbac\DbManager
removeAllRules() Removes all rules. yii\rbac\DbManager
removeChild() Removes a child from its parent. yii\rbac\DbManager
removeChildren() Removed all children form their parent. yii\rbac\DbManager
revoke() Revokes a role from a user. yii\rbac\DbManager
revokeAll() Revokes all roles from a user. yii\rbac\DbManager
setDefaultRoles() 设置默认角色 yii\rbac\BaseManager
trigger() Triggers an event. yii\base\Component
update() Updates the specified role, permission or rule in the system. yii\rbac\BaseManager

受保护的方法

隐藏继承的方法

方法描述被定义在
addItem() 将一个 auth 项添加到 RBAC 系统。 yii\rbac\DbManager
addRule() 向 RBAC 系统添加规则。 yii\rbac\DbManager
checkAccessFromCache() Performs access check for the specified user based on the data loaded from cache. yii\rbac\DbManager
checkAccessRecursive() Performs access check for the specified user. yii\rbac\DbManager
detectLoop() Checks whether there is a loop in the authorization item hierarchy. yii\rbac\DbManager
executeRule() 执行与指定 auth 项关联的规则。 yii\rbac\BaseManager
getChildrenList() Returns the children for every parent. yii\rbac\DbManager
getChildrenRecursive() Recursively finds all children and grand children of the specified item. yii\rbac\DbManager
getDirectPermissionsByUser() Returns all permissions that are directly assigned to user. yii\rbac\DbManager
getInheritedPermissionsByUser() Returns all permissions that the user inherits from the roles assigned to him. yii\rbac\DbManager
getItem() 返回指定的 auth 项。 yii\rbac\DbManager
getItems() 返回指定类型的项。 yii\rbac\DbManager
hasNoAssignments() 检查 $assignment 和 $defaultRoles 数组是否都为空。 yii\rbac\BaseManager
populateItem() Populates an auth item with the data fetched from database. yii\rbac\DbManager
removeAllItems() Removes all auth items of the specified type. yii\rbac\DbManager
removeItem() 从 RBAC 系统中删除 auth 项。 yii\rbac\DbManager
removeRule() 从 RBAC 系统中删除规则。 yii\rbac\DbManager
supportsCascadeUpdate() Returns a value indicating whether the database supports cascading update and delete. yii\rbac\DbManager
updateItem() 更新 RBAC 系统中的 auth 项。 yii\rbac\DbManager
updateRule() 更新 RBAC 系统中的规则。 yii\rbac\DbManager

属性详情

$assignmentTable 公共 属性

The name of the table storing authorization item assignments. Defaults to "auth_assignment".

public string $assignmentTable '{{%auth_assignment}}'
$cache 公共 属性 (自版本 2.0.3 可用)

The cache used to improve RBAC performance. This can be one of the following:

  • an application component ID (e.g. cache)
  • a configuration array
  • a yii\caching\Cache object

When this is not set, it means caching is not enabled.

Note that by enabling RBAC cache, all auth items, rules and auth item parent-child relationships will be cached and loaded into memory. This will improve the performance of RBAC permission check. However, it does require extra memory and as a result may not be appropriate if your RBAC system contains too many auth items. You should seek other RBAC implementations (e.g. RBAC based on Redis storage) in this case.

Also note that if you modify RBAC items, rules or parent-child relationships from outside of this component, you have to manually call invalidateCache() to ensure data consistency.

$cacheKey 公共 属性 (自版本 2.0.3 可用)

The key used to store RBAC data in cache

参见 $cache.

public string $cacheKey 'rbac'
$db 公共 属性

The DB connection object or the application component ID of the DB connection. After the DbManager object is created, if you want to change this property, you should only assign it with a DB connection object. Starting from version 2.0.2, this can also be a configuration array for creating the object.

$itemChildTable 公共 属性

The name of the table storing authorization item hierarchy. Defaults to "auth_item_child".

public string $itemChildTable '{{%auth_item_child}}'
$itemTable 公共 属性

The name of the table storing authorization items. Defaults to "auth_item".

public string $itemTable '{{%auth_item}}'
$items 受保护 属性

All auth items (name => Item)

protected yii\rbac\Item[] $items null
$parents 受保护 属性

Auth item parent-child relationships (childName => list of parents)

protected array $parents null
$ruleTable 公共 属性

The name of the table storing rules. Defaults to "auth_rule".

public string $ruleTable '{{%auth_rule}}'
$rules 受保护 只读 属性

All auth rules (name => Rule)

public yii\rbac\Rule[] getRules ( )

方法详情

addChild() 公共 方法

Adds an item as a child of another item.

public boolean addChild($parent, $child)
$parent yii\rbac\Item
$child yii\rbac\Item
return boolean

Whether the child successfully added

throws yii\base\Exception

if the parent-child relationship already exists or if a loop has been detected.

addItem() 受保护 方法

将一个 auth 项添加到 RBAC 系统。

protected boolean addItem($item)
$item yii\rbac\Item

要添加的项目

return boolean

是否已成功将 auth 项添加到系统中

throws Exception

如果数据验证或保存失败(例如角色名称或权限不唯一)

addRule() 受保护 方法

向 RBAC 系统添加规则。

protected boolean addRule($rule)
$rule yii\rbac\Rule

要添加的规则

return boolean

规则是否已成功添加到系统中

throws Exception

如果数据验证或保存失败(例如规则名称不唯一)

assign() 公共 方法

Assigns a role to a user.

public yii\rbac\Assignment assign($role, $userId)
$role yii\rbac\Role|yii\rbac\Permission
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Assignment

The role assignment information.

throws Exception

if the role has already been assigned to the user

canAddChild() 公共 方法 (自版本 2.0.8 可用)

Checks the possibility of adding a child to parent.

public boolean canAddChild($parent, $child)
$parent yii\rbac\Item

The parent item

$child yii\rbac\Item

The child item to be added to the hierarchy

return boolean

Possibility of adding

checkAccess() 公共 方法

public void checkAccess($userId, $permissionName, $params = [])
$userId
$permissionName
$params
checkAccessFromCache() 受保护 方法 (自版本 2.0.3 可用)

Performs access check for the specified user based on the data loaded from cache.

This method is internally called by checkAccess() when $cache is enabled.

protected boolean checkAccessFromCache($user, $itemName, $params, $assignments)
$user string|integer

The user ID. This should can be either an integer or a string representing the unique identifier of a user. See yii\web\User::$id.

$itemName string

The name of the operation that need access check

$params array

Name-value pairs that would be passed to rules associated with the tasks and roles assigned to the user. A param with name 'user' is added to this array, which holds the value of $userId.

$assignments yii\rbac\Assignment[]

The assignments to the specified user

return boolean

Whether the operations can be performed by the user.

checkAccessRecursive() 受保护 方法

Performs access check for the specified user.

This method is internally called by checkAccess().

protected boolean checkAccessRecursive($user, $itemName, $params, $assignments)
$user string|integer

The user ID. This should can be either an integer or a string representing the unique identifier of a user. See yii\web\User::$id.

$itemName string

The name of the operation that need access check

$params array

Name-value pairs that would be passed to rules associated with the tasks and roles assigned to the user. A param with name 'user' is added to this array, which holds the value of $userId.

$assignments yii\rbac\Assignment[]

The assignments to the specified user

return boolean

Whether the operations can be performed by the user.

detectLoop() 受保护 方法

Checks whether there is a loop in the authorization item hierarchy.

protected boolean detectLoop($parent, $child)
$parent yii\rbac\Item

The parent item

$child yii\rbac\Item

The child item to be added to the hierarchy

return boolean

Whether a loop exists

getAssignment() 公共 方法

Returns the assignment information regarding a role and a user.

public null|yii\rbac\Assignment getAssignment($roleName, $userId)
$roleName string

The role name

$userId string|integer

The user ID (see yii\web\User::$id)

return null|yii\rbac\Assignment

The assignment information. Null is returned if the role is not assigned to the user.

getAssignments() 公共 方法

Returns all role assignment information for the specified user.

public yii\rbac\Assignment[] getAssignments($userId)
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Assignment[]

The assignments indexed by role names. An empty array will be returned if there is no role assigned to the user.

getChildRoles() 公共 方法

Returns child roles of the role specified. Depth isn't limited.

public yii\rbac\Role[] getChildRoles($roleName)
$roleName string

Name of the role to file child roles for

return yii\rbac\Role[]

Child roles. The array is indexed by the role names. First element is an instance of the parent Role itself.

throws yii\base\InvalidParamException

if Role was not found that are getting by $roleName

getChildren() 公共 方法

Returns the child permissions and/or roles.

public yii\rbac\Item[] getChildren($name)
$name string

The parent name

return yii\rbac\Item[]

The child permissions and/or roles

getChildrenList() 受保护 方法

Returns the children for every parent.

protected array getChildrenList()
return array

The children list. Each array key is a parent item name, and the corresponding array value is a list of child item names.

getChildrenRecursive() 受保护 方法

Recursively finds all children and grand children of the specified item.

protected void getChildrenRecursive($name, $childrenList, &$result)
$name string

The name of the item whose children are to be looked for.

$childrenList array

The child list built via getChildrenList()

$result array

The children and grand children (in array keys)

getDirectPermissionsByUser() 受保护 方法 (自版本 2.0.7 可用)

Returns all permissions that are directly assigned to user.

protected yii\rbac\Permission[] getDirectPermissionsByUser($userId)
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Permission[]

All direct permissions that the user has. The array is indexed by the permission names.

getInheritedPermissionsByUser() 受保护 方法 (自版本 2.0.7 可用)

Returns all permissions that the user inherits from the roles assigned to him.

protected yii\rbac\Permission[] getInheritedPermissionsByUser($userId)
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Permission[]

All inherited permissions that the user has. The array is indexed by the permission names.

getItem() 受保护 方法

返回指定的 auth 项。

protected yii\rbac\Item getItem($name)
$name string

Auth 项的名称。

return yii\rbac\Item

与指定名称对应的 auth 项。如果没有这样的项目,则返回 Null。

getItems() 受保护 方法

返回指定类型的项。

protected yii\rbac\Item[] getItems($type)
$type integer

Auth 项类型(yii\rbac\Item::TYPE_ROLEyii\rbac\Item::TYPE_PERMISSION

return yii\rbac\Item[]

指定类型的 auth 项。

getPermissionsByRole() 公共 方法

Returns all permissions that the specified role represents.

public yii\rbac\Permission[] getPermissionsByRole($roleName)
$roleName string

The role name

return yii\rbac\Permission[]

All permissions that the role represents. The array is indexed by the permission names.

getPermissionsByUser() 公共 方法

Returns all permissions that the user has.

public yii\rbac\Permission[] getPermissionsByUser($userId)
$userId string|integer

The user ID (see yii\web\User::$id)

return yii\rbac\Permission[]

All permissions that the user has. The array is indexed by the permission names.

getRolesByUser() 公共 方法

{@inheritdoc} The roles returned by this method include the roles assigned via $defaultRoles.

public void getRolesByUser($userId)
$userId
getRule() 公共 方法

Returns the rule of the specified name.

public null|yii\rbac\Rule getRule($name)
$name string

The rule name

return null|yii\rbac\Rule

The rule object, or null if the specified name does not correspond to a rule.

getRules() 公共 方法

Returns all rules available in the system.

public yii\rbac\Rule[] getRules()
return yii\rbac\Rule[]

The rules indexed by the rule names

getUserIdsByRole() 公共 方法 (自版本 2.0.7 可用)

Returns all role assignment information for the specified role.

public string[] getUserIdsByRole($roleName)
$roleName string
return string[]

The ids. An empty array will be returned if role is not assigned to any user.

hasChild() 公共 方法

Returns a value indicating whether the child already exists for the parent.

public boolean hasChild($parent, $child)
$parent yii\rbac\Item
$child yii\rbac\Item
return boolean

Whether $child is already a child of $parent

init() 公共 方法

Initializes the application component.

This method overrides the parent implementation by establishing the database connection.

public void init()
invalidateCache() 公共 方法

public void invalidateCache()
loadFromCache() 公共 方法

public void loadFromCache()
populateItem() 受保护 方法

Populates an auth item with the data fetched from database.

protected yii\rbac\Item populateItem($row)
$row array

The data from the auth item table

return yii\rbac\Item

The populated auth item instance (either Role or Permission)

removeAll() 公共 方法

Removes all authorization data, including roles, permissions, rules, and assignments.

public void removeAll()
removeAllAssignments() 公共 方法

Removes all role assignments.

public void removeAllAssignments()
removeAllItems() 受保护 方法

Removes all auth items of the specified type.

protected void removeAllItems($type)
$type integer

The auth item type (either Item::TYPE_PERMISSION or Item::TYPE_ROLE)

removeAllPermissions() 公共 方法

Removes all permissions.

All parent child relations will be adjusted accordingly.

public void removeAllPermissions()
removeAllRoles() 公共 方法

Removes all roles.

All parent child relations will be adjusted accordingly.

public void removeAllRoles()
removeAllRules() 公共 方法

Removes all rules.

All roles and permissions which have rules will be adjusted accordingly.

public void removeAllRules()
removeChild() 公共 方法

Removes a child from its parent.

Note, the child item is not deleted. Only the parent-child relationship is removed.

public boolean removeChild($parent, $child)
$parent yii\rbac\Item
$child yii\rbac\Item
return boolean

Whether the removal is successful

removeChildren() 公共 方法

Removed all children form their parent.

Note, the children items are not deleted. Only the parent-child relationships are removed.

public boolean removeChildren($parent)
$parent yii\rbac\Item
return boolean

Whether the removal is successful

removeItem() 受保护 方法

从 RBAC 系统中删除 auth 项。

protected boolean removeItem($item)
$item yii\rbac\Item

要删除的项目

return boolean

是否成功删除了角色或权限

throws Exception

如果数据验证或保存失败(例如角色名称或权限不唯一)

removeRule() 受保护 方法

从 RBAC 系统中删除规则。

protected boolean removeRule($rule)
$rule yii\rbac\Rule

要删除的规则

return boolean

是否成功删除了规则

throws Exception

如果数据验证或保存失败(例如规则名称不唯一)

revoke() 公共 方法

Revokes a role from a user.

public boolean revoke($role, $userId)
$role yii\rbac\Role|yii\rbac\Permission
$userId string|integer

The user ID (see yii\web\User::$id)

return boolean

Whether the revoking is successful

revokeAll() 公共 方法

Revokes all roles from a user.

public boolean revokeAll($userId)
$userId mixed

The user ID (see yii\web\User::$id)

return boolean

Whether the revoking is successful

supportsCascadeUpdate() 受保护 方法

Returns a value indicating whether the database supports cascading update and delete.

The default implementation will return false for SQLite database and true for all other databases.

protected boolean supportsCascadeUpdate()
return boolean

Whether the database supports cascading update and delete.

updateItem() 受保护 方法

更新 RBAC 系统中的 auth 项。

protected boolean updateItem($name, $item)
$name string

要更新的项目名称

$item yii\rbac\Item

更新的项目

return boolean

是否已成功更新 auth 项

throws Exception

如果数据验证或保存失败(例如角色名称或权限不唯一)

updateRule() 受保护 方法

更新 RBAC 系统中的规则。

protected boolean updateRule($name, $rule)
$name string

要更新的规则的名称

$rule yii\rbac\Rule

更新的规则

return boolean

规则是否已成功更新

throws Exception

如果数据验证或保存失败(例如规则名称不唯一)