leonardo/yii2-usuario
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #332 from CheckeredFlag/restrict-assignments

Browse Source 
Added option to restrict user assignments to roles only
This commit is contained in:
Antonio Ramirez
2019-08-21 09:17:34 +02:00
committed by GitHub
parent f9d8ebaaa7 b526cb9ccc
commit 4993f50c60
4 changed files with 24 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -10,6 +10,7 @@
- Fix #244: Fix forced inclusion of a suggested class (tonydspaniard) - Fix #244: Fix forced inclusion of a suggested class (tonydspaniard)
- Fix user event triggering in admin controller (maxxer) - Fix user event triggering in admin controller (maxxer)
- Enh #331: Added Ukrainian translations (kwazaro) - Enh #331: Added Ukrainian translations (kwazaro)
- Enh #324: Added option to restrict user assignments to roles only (CheckeredFlag)
## 1.5.0 April 19, 2019 ## 1.5.0 April 19, 2019
- Fix: Fix condition in EmailChangeService (it was always false) (borisaeric) - Fix: Fix condition in EmailChangeService (it was always false) (borisaeric)

5
docs/installation/configuration-options.md
View File

@ -199,6 +199,11 @@ Configures the root directory of the view files. See [overriding views](../enhan
Configures the name of the session key that will be used to hold the original admin identifier. Configures the name of the session key that will be used to hold the original admin identifier.
#### restrictUserPermissionAssignment (type: `boolean`, default: `false`)
If `false`, allow the assignment of both roles and permissions to users.
Set to `true` to restrict user assignments to roles only.
© [2amigos](http://www.2amigos.us/) 2013-2019 © [2amigos](http://www.2amigos.us/) 2013-2019

4
src/User/Module.php
View File

@ -181,4 +181,8 @@ class Module extends BaseModule
* @var integer If != NULL sets a max password age in days * @var integer If != NULL sets a max password age in days
*/ */
public $maxPasswordAge = null; public $maxPasswordAge = null;
/**
* @var boolean whether to restrict assignment of permissions to users
*/
public $restrictUserPermissionAssignment = false;
} }

19
src/User/Widget/AssignmentsWidget.php
View File

@ -15,10 +15,12 @@ use Da\User\Model\Assignment;
use Da\User\Service\UpdateAuthAssignmentsService; use Da\User\Service\UpdateAuthAssignmentsService;
use Da\User\Traits\AuthManagerAwareTrait; use Da\User\Traits\AuthManagerAwareTrait;
use Da\User\Traits\ContainerAwareTrait; use Da\User\Traits\ContainerAwareTrait;
use Yii;
use yii\base\InvalidConfigException; use yii\base\InvalidConfigException;
use yii\base\InvalidParamException; use yii\base\InvalidParamException;
use yii\base\Widget; use yii\base\Widget;
use yii\helpers\ArrayHelper; use yii\helpers\ArrayHelper;
use yii\rbac\Item;
class AssignmentsWidget extends Widget class AssignmentsWidget extends Widget
{ {
@ -61,24 +63,31 @@ class AssignmentsWidget extends Widget
$this->make(UpdateAuthAssignmentsService::class, [$model])->run(); $this->make(UpdateAuthAssignmentsService::class, [$model])->run();
} }
$items[Yii::t('usuario', 'Roles')] = $this->getAvailableItems(Item::TYPE_ROLE);
if (!Yii::$app->getModule('user')->restrictUserPermissionAssignment) {
$items[Yii::t('usuario', 'Permissions')] = $this->getAvailableItems(Item::TYPE_PERMISSION);
}
return $this->render( return $this->render(
'/widgets/assignments/form', '/widgets/assignments/form',
[ [
'model' => $model, 'model' => $model,
'availableItems' => $this->getAvailableItems(), 'availableItems' => $items,
] ]
); );
} }
/** /**
* Returns all available auth items to be attached to the user. * Returns available auth items to be attached to the user.
* *
* @param int|null type of auth items or null to return all
*
* @return array * @return array
*/ */
protected function getAvailableItems() protected function getAvailableItems($type = null)
{ {
return ArrayHelper::map( return ArrayHelper::map(
$this->getAuthManager()->getItems(), $this->getAuthManager()->getItems($type),
'name', 'name',
function ($item) { function ($item) {
return empty($item->description) return empty($item->description)