skeeks-cms
diff --git a/‎src/console/controllers/InitController.php‎
Lines changed: 192 additions & 26 deletions b/‎src/console/controllers/InitController.php‎
Lines changed: 192 additions & 26 deletions
diff --git a/‎src/controllers/AdminPermissionController.php‎
Lines changed: 2 additions & 8 deletions b/‎src/controllers/AdminPermissionController.php‎
Lines changed: 2 additions & 8 deletions
@@ -11,9 +11,11 @@
 use skeeks\cms\admin\AdminComponent;
 use skeeks\cms\backend\IBackendComponent;
 use skeeks\cms\IHasPermissions;
+use skeeks\cms\models\CmsContent;
 use skeeks\cms\models\User;
 use skeeks\cms\modules\admin\controllers\AdminController;
 use skeeks\cms\rbac\CmsManager;
+use skeeks\cms\rbac\models\CmsAuthItem;
 use Yii;
 use yii\base\Exception;
 use yii\console\Controller;
@@ -25,32 +27,63 @@
 use yii\rbac\Rule;
 
 /**
- * Setting permissions
- *
- * @author Semenov Alexander <[email protected]>
+ * Работа с правами доступа и ролями
  */
 class InitController extends Controller
 {
+    /**
+     * @var bool Перезагрузить все привелегии
+     *      0 - нет
+     *      1 - да
+     */
+    public $reload_perrmions = 0;
+
     /**
      * @var string the default command action.
      */
     public $defaultAction = 'init';
 
+    public function options($actionID)
+    {
+        // $actionId might be used in subclasses to provide options specific to action id
+        return ArrayHelper::merge(parent::options($actionID), [
+            'reload_perrmions',
+        ]);
+    }
+
     /**
-     * Загрузка конфига и применение правил
+     * Применить все привилегии и роли
      */
     public function actionInit()
     {
-        $this->initRbacModules();
-        $this->initBackendData();
-        $this->initRootAssigning();
-        $this->initRootUser();
+        if ($this->reload_perrmions == 1) {
+            $this->actionClearPermissions();
+        }
+
+        $this->actionInitBackendData();
+
+        $this->actionInitRbacModules();
+
+        $this->actionInitRootAssigning();
+
+        $this->actionInitRootUser();
+    }
+
+    /**
+     * Удаление всех привилегий
+     * @return void
+     */
+    public function actionClearPermissions()
+    {
+        $this->stdout("Удаление привилегий\n", Console::FG_YELLOW);
+        $deleted = CmsAuthItem::deleteAll(['type' => 2]);
+        $this->stdout("\tУдалено: {$deleted}\n");
     }
 
     /**
      * Получение rules, permissions and data по всем расширениям и модулям
      */
-    public function initRbacModules()
+    public function actionInitRbacModules()
     {
         $this->stdout("Init rules, permissions adn data from all modules and extensions\n", Console::BOLD);
         $this->stdout("\t1) Loading config\n", Console::FG_YELLOW);
@@ -72,6 +105,36 @@ public function loadConfig()
     {
         $config = \Yii::$app->authManager->config;
 
+        /*$q = CmsContent::find()->andWhere(['base_role' != CmsContent::ROLE_PRODUCTS]);
+        foreach ($q->each(10) as $cmsContent)
+        {
+            $permissionName = $cmsContent->adminPermissionName;
+            $permissions = [
+                [
+                    [
+                        'name'        => $permissionName . "/index",
+                        'description' => $cmsContent->name . " | Список",
+                        'child' => [
+                            'permissions' => [
+                                \skeeks\crm\components\CrmComponent::CRM_PROJECT_VIEW_PERMISSION,
+                            ],
+                        ],
+                        'ruleName' => \skeeks\crm\rbac\rules\CrmViewProjectRule::class
+                    ],
+                    [
+                        'name'        => $permissionName . "/create",
+                        'description' => $cmsContent->name . " | Список",
+                        'child' => [
+                            'permissions' => [
+                                \skeeks\crm\components\CrmComponent::CRM_PROJECT_VIEW_PERMISSION,
+                            ],
+                        ],
+                        'ruleName' => \skeeks\crm\rbac\rules\CrmViewProjectRule::class
+                    ],
+                ]
+            ];
+        }*/
+
         $this->stdout("\tAll config is ready: ", Console::FG_GREEN);
         $this->stdout(" (rules: " . count(ArrayHelper::getValue($config, 'rules', [])) . ';');
         $this->stdout(" roles: " . count(ArrayHelper::getValue($config, 'roles', [])) . ';');
@@ -162,13 +225,20 @@ protected function _applyRole($config)
         if (!$name = ArrayHelper::getValue($config, 'name')) {
             return false;
         }
+        
         $description = ArrayHelper::getValue($config, 'description');
+        $description = is_array($description) ? \Yii::t($description[0], $description[1]): $description;
+        
         if ($role = \Yii::$app->authManager->getRole($name)) {
+            if ($role->description != $description) {
+                $role->description = $description;
+                \Yii::$app->authManager->updateRole($name, $role);
+            }
             return $role;
         }
         //Менеджер который может управлять только своими данными
         $role = \Yii::$app->authManager->createRole($name);
-        $role->description = is_array($description) ? \Yii::t($description[0], $description[1]): $description;
+        $role->description = $description;
         if (\Yii::$app->authManager->add($role)) {
             return $role;
         }
@@ -189,14 +259,22 @@ protected function _applyPermission($config)
             return false;
         }
         $description = ArrayHelper::getValue($config, 'description');
+        $description = is_array($description) ? \Yii::t($description[0], $description[1]): $description;
+        
         $ruleName = ArrayHelper::getValue($config, 'ruleName', '');
         if ($role = \Yii::$app->authManager->getPermission($name)) {
+            
+            if ($role->description != $description) {
+                $role->description = $description;
+                \Yii::$app->authManager->updatePermission($name, $role);
+            }
+            
             return $role;
         }
         //Менеджер который может управлять только своими данными
         $role = \Yii::$app->authManager->createPermission($name);
         if ($description) {
-            $role->description = is_array($description) ? \Yii::t($description[0], $description[1]): $description;
+            $role->description = $description;
         }
         if ($ruleName) {
             $role->ruleName = $ruleName;
@@ -329,9 +407,14 @@ protected function _assignPermission($config)
         return $permission;
     }
 
-    public function initBackendData()
+    /**
+     * Сбор и настройка нужных привелегий из контроллеров
+     * @return void
+     * @throws \yii\base\InvalidConfigException
+     */
+    public function actionInitBackendData()
     {
-        $this->stdout("\t3)Init backend data\n", Console::FG_YELLOW);
+        $this->stdout("Сбор и настройка нужных привелегий из контроллеров\n", Console::FG_YELLOW);
 
         $auth = Yii::$app->authManager;
         //print_r(\Yii::getAlias('@vendor/skeeks/cms/app-web-create.php'));die;
@@ -347,31 +430,65 @@ public function initBackendData()
         $webApplication = include_once \Yii::getAlias('@vendor/skeeks/cms/app-web-create.php');
         var_dump($webApplication);die;*/
 
-        foreach (Yii::$app->getComponents(true) as $id => $component) {
-            $component = \Yii::$app->get($id);
+        $webApplication = $this->_getWebApplication();
+
+        foreach ($webApplication->getComponents(true) as $id => $component) {
+            $component = $webApplication->get($id);
 
             if ($component instanceof IBackendComponent) {
-                $this->stdout("\t\tInit backend {$id}\n");
+                $this->stdout("Init backend {$id}\n");
+
                 foreach ($component->getMenu()->data as $itemData) {
                     $this->_initMenuItem($itemData);
                 }
 
             }
         }
 
-        return $this;
     }
 
+    protected $_web_application = null;
+    
+    protected function _getWebApplication() {
+        if ($this->_web_application === null) {
+            $config = new \Yiisoft\Config\Config(
+                new \Yiisoft\Config\ConfigPaths(ROOT_DIR, "config"),
+                null,
+                [
+                    \Yiisoft\Config\Modifier\RecursiveMerge::groups('web', 'web-prod', 'params', "params-web-prod"),
+                ],
+                "params-web-prod"
+            );
+    
+            if ($config->has('web-prod')) {
+                $configData = $config->get('web-prod');
+            } else {
+                $configData = $config->get('web');
+            }
+    
+            ArrayHelper::remove($configData, "components.log.targets");
+            ArrayHelper::remove($configData, "bootstrap");
+            $this->_web_application = new \yii\web\Application($configData);
+        }
+        
+        return $this->_web_application;
+    }
+    
     protected function _initMenuItem($itemData = null)
     {
         if (!is_array($itemData)) {
             return false;
         }
 
+        
+        $applicationWeb = $this->_getWebApplication();
+        
+
         if ($url = ArrayHelper::getValue($itemData, 'url')) {
 
             if (is_array($url)) {
 
+                
                 $url = $url[0];
                 if (!$url || !is_string($url)) {
                     return false;
@@ -381,25 +498,68 @@ protected function _initMenuItem($itemData = null)
                     /**
                      * @var $controller \yii\web\Controller|IHasPermissions
                      */
-                    if ($result = \Yii::$app->createController($url)) {
-                        list($controller, $route) = $result;
 
-                        $this->stdout("\t\tcreated: {$url}\n", Console::FG_GREEN);
+                    /*if (in_array($url, ['shop/admin-cms-content-element', 'cms/admin-cms-content-element'])) {
+                        return false;
+                    }*/
+                    
+
+                    if ($result = $applicationWeb->createController($url)) {
+                        [$controller, $route] = $result;
+
+                        
 
                         if ($controller) {
+                            
+                            
+                            
                             if ($controller instanceof IHasPermissions) {
+                                
                                 $controller->isAllow;
+
+                                if ($controller->generateAccessActions) {
+
+
+                                    $this->stdout("\t Controller {$url}\n");
+                                    
+                                    $actions = $controller->actions();
+                                    $totalActions = count($actions);
+                                    $this->stdout("\t\t Has genereted actions\n");
+                                    $this->stdout("\t\t actions: {$totalActions}\n");
+                                    foreach ($actions as $key => $action)
+                                    {
+                                        $action = $controller->createAction($key);
+                                        $action->getIsAllow();
+                                    }
+                                    /*
+                                    if (method_exists($controller, 'getModelActions')) {
+                                        $this->stdout("\t\t Has getModelActions\n");
+                                        if ($controller->modelActions) {
+                                            foreach ($controller->modelActions as $key => $action)
+                                            {
+                                                $rf = new \ReflectionClass($action);
+                                                $this->stdout("\t\t\tAction: {$key}\n", Console::FG_GREEN);
+                                                $this->stdout("\t\t\tAction: {$rf->getName()}\n", Console::FG_GREEN);
+                                                $action->getIsAllow();
+                                            }
+                                        }
+                                        
+                                    }*/
+                                        
+                                }
                             }
                         }
                     } else {
                         //$this->stdout("\t\tnot create: {$url}\n", Console::FG_RED);
                     }
                 } catch (\Exception $e) {
-                    //$this->stdout("\t\t{$e->getMessage()}\n", Console::FG_RED);
+                    $this->stdout("\t\t{$e->getMessage()}\n", Console::FG_RED);
+                    //die;
                 }
 
             }
         }
+        
 
         if ($items = ArrayHelper::getValue($itemData, 'items')) {
             if (is_array($items)) {
@@ -412,9 +572,13 @@ protected function _initMenuItem($itemData = null)
         return $this;
     }
 
-    public function initRootAssigning()
+    /**
+     * Настройка роли суперадминистратор
+     * @return void
+     */
+    public function actionInitRootAssigning()
     {
-        $this->stdout("\t5) Init root assigning \n", Console::FG_YELLOW);
+        $this->stdout("Настройка роли суперадминистратор \n", Console::FG_YELLOW);
         $roleRoot = \Yii::$app->authManager->getRole(CmsManager::ROLE_ROOT);
         foreach (\Yii::$app->authManager->getPermissions() as $permission) {
             //$this->stdout("\t\tassign root permisssion: " . $permission->name);
@@ -438,12 +602,12 @@ public function initRootAssigning()
     }
 
     /**
-     * Автоматическая генерация
+     * Насктройка пользователя - суперадминистратор
      * @return $this
      */
-    protected function initRootUser()
+    protected function actionInitRootUser()
     {
-        $this->stdout("\t6) Init root user \n", Console::FG_YELLOW);
+        $this->stdout("Насктройка пользователя - суперадминистратор \n", Console::FG_YELLOW);
         $root = User::findByUsername('root');
         $aManager = \Yii::$app->authManager;
         if ($root && $aManager->getRole(CmsManager::ROLE_ROOT)) {
@@ -460,5 +624,7 @@ protected function initRootUser()
     public function actionViewConfig()
     {
         $this->loadConfig();
+        $config = \Yii::$app->authManager->config;
+        print_r($config);
     }
 }
@@ -46,13 +46,7 @@ public function init()
         $this->modelClassName = CmsAuthItem::class;
 
         $this->generateAccessActions = false;
-        //$this->permissionName = CmsManager::PERMISSION_ROOT_ACCESS;
-        $this->accessCallback = function () {
-            if (!\Yii::$app->skeeks->site->is_default) {
-                return false;
-            }
-            return \Yii::$app->user->can(CmsManager::PERMISSION_ROOT_ACCESS);
-        };
+        $this->permissionName = CmsManager::PERMISSION_ROOT_ACCESS;
 
         parent::init();
     }
@@ -205,7 +199,7 @@ public function actionUpdateData()
 
             $cmd = "php yii rbac/init";
 
-            $process = new \Symfony\Component\Process\Process($cmd, \Yii::getAlias('@root'));
+            $process = new \Symfony\Component\Process\Process([$cmd], \Yii::getAlias('@root'));
             $process->run();
 
             /*foreach (\Yii::$app->getComponents(true) as $id => $component) {