mirror of
https://github.com/elyby/accounts.git
synced 2024-12-11 16:09:25 +05:30
39 lines
1.0 KiB
PHP
39 lines
1.0 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
namespace api\rbac;
|
|
|
|
use Yii;
|
|
use yii\rbac\Assignment;
|
|
use yii\rbac\PhpManager;
|
|
|
|
class Manager extends PhpManager {
|
|
|
|
/**
|
|
* In our application the permissions are given not to users itself, but to tokens,
|
|
* so we extract them from the extended identity interface.
|
|
*
|
|
* In Yii2, the mechanism of recursive permissions checking requires that the array
|
|
* with permissions must be indexed by the keys of these permissions.
|
|
*
|
|
* @param string $accessToken
|
|
* @return string[]
|
|
*/
|
|
public function getAssignments($accessToken): array {
|
|
$identity = Yii::$app->user->getIdentity();
|
|
if ($identity === null) {
|
|
return [];
|
|
}
|
|
|
|
/** @noinspection NullPointerExceptionInspection */
|
|
$rawPermissions = $identity->getAssignedPermissions();
|
|
$result = [];
|
|
foreach ($rawPermissions as $name) {
|
|
$result[$name] = new Assignment(['roleName' => $name]);
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
}
|