File size: 3.72Kb
<?php
/**
* Users module command
*/
class UsersCommand extends ConsoleCommand {
/**
* Creates admin account
*/
public function actionInitAdmin($newPassword = false) {
if (empty(Yii::app()->getParams()->adminEmail)) {
echo '[!] Configure adminEmail in your config/main.php'.PHP_EOL;
return 1;
}
if (($user = User::model()->findByAttributes(array('email' => Yii::app()->getParams()->adminEmail))) !== null && !$newPassword) {
echo '[!] Current adminEmail already used'.PHP_EOL;
return 1;
}
// create admin user
if (Yii::app()->authManager->getAuthItem('administrator') === null)
Yii::app()->authManager->createRole('administrator');
$password = rand(100000, 999999);
if ($user === null) {
$user = new User('registration');
$user->setAttributes(array(
'email' => Yii::app()->getParams()->adminEmail,
'password' => $password,
));
$user = $user->registrate();
} else {
$user->password_hash = crypt($password, User::blowfishSalt());
$user->save();
}
if (!Yii::app()->authManager->isAssigned('administrator', $user->id))
Yii::app()->authManager->assign('administrator', $user->id);
echo 'Admin account created;'.PHP_EOL;
echo 'Email:'."\t".Yii::app()->getParams()->adminEmail.PHP_EOL;
echo 'Password:'."\t".$password.PHP_EOL;
}
/**
* Inits RBAC items
*/
public function actionInitRbac() {
$au = Yii::app()->authManager;
$data = require Yii::getPathOfAlias('application.data').'/accessrights.php';
// Delete extra data
$authItems = $au->getAuthItems();
foreach (array_diff_key($authItems, $data['roles'] + $data['tasks'] + $data['operations']) as $authItem) {
$au->removeAuthItem($authItem->name);
echo 'Removed '.$authItem->name.PHP_EOL;
}
foreach (array('roles' => CAuthItem::TYPE_ROLE, 'tasks' => CAuthItem::TYPE_TASK, 'operations' => CAuthItem::TYPE_OPERATION) as $typeName => $typeId) {
foreach ($data[$typeName] as $itemName => $options) {
if (($item = $au->getAuthItem($itemName)) === null) {
$item = ($authItems[$itemName] = $au->createAuthItem($itemName, $typeId, null, null, null));
if (isset($options['description']))
$item->setDescription($options['description']);
if (isset($options['bizrule']))
$item->setBizRule($options['bizrule']);
if (isset($options['data']))
$item->setData($options['data']);
echo 'Created '.$itemName.PHP_EOL;
} else {
$this->updateAuthItemFieldIfNeeds($item, $options, 'description');
$this->updateAuthItemFieldIfNeeds($item, $options, 'bizrule');
$this->updateAuthItemFieldIfNeeds($item, $options, 'data');
}
if (isset($options[0])) {
$au->db->createCommand()->delete($au->itemChildTable, array('and', 'child=:child', array('not in', 'parent', $options[0])), array(':child' => $itemName));
foreach ($options[0] as $parentItemName) {
if (!$authItems[$parentItemName]->hasChild($itemName)) {
$au->addItemChild($parentItemName, $itemName);
echo 'Added '.$itemName.' as a child to '.$parentItemName.PHP_EOL;
}
}
} else
$au->db->createCommand()->delete($au->itemChildTable, 'child=:child', array(':child' => $itemName));
}
}
}
/**
* Updates field of auth item if needs.
* @param CAuthItem $authItem Item to update
* @param array $source Source of update
* @param string $field Field name
*/
private function updateAuthItemFieldIfNeeds(CAuthItem $authItem, array $source, $field) {
if ((isset($source[$field]) && $source[$field] != $authItem->{$field})) {
$authItem->{$field} = $source[$field];
echo 'Updated '.$field.' of '.$authItem->name.PHP_EOL;
} else if (!isset($source[$field]) && $authItem->{$field} !== null) {
$authItem->{$field} = null;
echo 'Deleted '.$field.' of '.$authItem->name.PHP_EOL;
}
}
}