Renamed `yii\web\User::checkAccess()` to `yii\web\User::can()`

build/build

@@ -14,10 +14,20 @@ defined('STDOUT') or define('STDOUT', fopen('php://stdout', 'w'));
 
 define('YII_DEBUG', true);
 
-$vendor = __DIR__ . '/../vendor/autoload.php';
-if (file_exists($vendor)) {
-	require($vendor);
-} else {
+$composerAutoload = [
+    __DIR__ . '/../vendor/autoload.php', // yii2 as the root package
+    __DIR__ . '/../../../autoload.php', // yii2-basic or yii2-advanced as the root package
+];
+
+foreach ($composerAutoload as $autoload) {
+    if (file_exists($autoload)) {
+        require($autoload);
+        $vendorPath = dirname($autoload);
+        break;
+    }
+}
+
+if (!isset($vendorPath)) {
 	echo "composer autoloader could not be found.\nYou should run `composer install` in repo root directory.\n";
 	exit(1);
 }

framework/CHANGELOG.md

@@ -283,6 +283,7 @@ Yii Framework 2 Change Log
 - Chg: Moved all filter classes to namespace `yii\filters` (qiangxue)
 - Chg: Removed `Application::preload` in favor of `Application::bootstrap` (qiangxue)
 - Chg: Re-implemented RBAC by following more closely to the original NIST RBAC model. Dropped `yii\rbac\PhpManager`. (qiangxue)
+- Chg: Renamed `yii\web\User::checkAccess()` to `yii\web\User::can()` (qiangxue)
 - New #66: [Auth client library](https://github.com/yiisoft/yii2-authclient) OpenId, OAuth1, OAuth2 clients (klimov-paul)
 - New #303: Added built-in support for REST API (qiangxue)
 - New #503: Added `yii\di\Container` and `yii\di\ServiceLocator` (qiangxue)

framework/base/Application.php

@@ -13,7 +13,7 @@ use Yii;
  * Application is the base class for all application classes.
  *
  * @property \yii\web\AssetManager $assetManager The asset manager component. This property is read-only.
- * @property \yii\rbac\Manager $authManager The auth manager for this application. Null is returned if auth
+ * @property \yii\rbac\ManagerInterface $authManager The auth manager for this application. Null is returned if auth
  * manager is not configured. This property is read-only.
  * @property string $basePath The root directory of the application.
  * @property \yii\caching\Cache $cache The cache application component. Null if the component is not enabled.
@@ -559,7 +559,7 @@ abstract class Application extends Module
 
     /**
      * Returns the auth manager for this application.
-     * @return \yii\rbac\Manager the auth manager for this application.
+     * @return \yii\rbac\ManagerInterface the auth manager for this application.
      * Null is returned if auth manager is not configured.
      */
     public function getAuthManager()

framework/classes.php

@@ -195,17 +195,18 @@ return [
   'yii\mutex\Mutex' => YII_PATH . '/mutex/Mutex.php',
   'yii\mutex\MysqlMutex' => YII_PATH . '/mutex/MysqlMutex.php',
   'yii\rbac\Assignment' => YII_PATH . '/rbac/Assignment.php',
+  'yii\rbac\BaseManager' => YII_PATH . '/rbac/BaseManager.php',
   'yii\rbac\DbManager' => YII_PATH . '/rbac/DbManager.php',
   'yii\rbac\Item' => YII_PATH . '/rbac/Item.php',
-  'yii\rbac\Manager' => YII_PATH . '/rbac/Manager.php',
-  'yii\rbac\PhpManager' => YII_PATH . '/rbac/PhpManager.php',
+  'yii\rbac\ManagerInterface' => YII_PATH . '/rbac/ManagerInterface.php',
+  'yii\rbac\Permission' => YII_PATH . '/rbac/Permission.php',
+  'yii\rbac\Role' => YII_PATH . '/rbac/Role.php',
   'yii\rbac\Rule' => YII_PATH . '/rbac/Rule.php',
   'yii\requirements\YiiRequirementChecker' => YII_PATH . '/requirements/YiiRequirementChecker.php',
   'yii\rest\Action' => YII_PATH . '/rest/Action.php',
   'yii\rest\ActiveController' => YII_PATH . '/rest/ActiveController.php',
   'yii\rest\Controller' => YII_PATH . '/rest/Controller.php',
   'yii\rest\CreateAction' => YII_PATH . '/rest/CreateAction.php',
-  'yii\rest\DataExporter' => YII_PATH . '/rest/DataExporter.php',
   'yii\rest\DeleteAction' => YII_PATH . '/rest/DeleteAction.php',
   'yii\rest\IndexAction' => YII_PATH . '/rest/IndexAction.php',
   'yii\rest\OptionsAction' => YII_PATH . '/rest/OptionsAction.php',

framework/filters/AccessRule.php

@@ -42,8 +42,8 @@ class AccessRule extends Component
      * - `?`: matches a guest user (not authenticated yet)
      * - `@`: matches an authenticated user
      *
-     * Using additional role names requires RBAC (Role-Based Access Control), and
-     * [[User::checkAccess()]] will be called.
+     * Using other role names requires RBAC (Role-Based Access Control), and
+     * [[User::can()]] will be called.
      *
      * If this property is not set or empty, it means this rule applies to all roles.
      */
@@ -148,7 +148,7 @@ class AccessRule extends Component
                 if (!$user->getIsGuest()) {
                     return true;
                 }
-            } elseif ($user->checkAccess($role)) {
+            } elseif ($user->can($role)) {
                 return true;
             }
         }

framework/web/User.php

@@ -570,33 +570,32 @@ class User extends Component
     }
 
     /**
-     * Performs access check for this user.
+     * Checks if the user can perform the operation as specified by the given permission.
      *
      * Note that you must configure "authManager" application component in order to use this method.
      * Otherwise an exception will be thrown.
      *
-     * @param string $operation the name of the operation that need access check.
-     * @param array $params name-value pairs that would be passed to business rules associated
-     * with the tasks and roles assigned to the user. A param with name 'userId' is added to
-     * this array, which holds the value of [[id]] when [[\yii\rbac\DbManager]] or
-     * [[\yii\rbac\PhpManager]] is used.
+     * @param string $permissionName the name of the permission (e.g. "edit post") that needs access check.
+     * @param array $params name-value pairs that would be passed to the rules associated
+     * with the roles and permissions assigned to the user. A param with name 'user' is added to
+     * this array, which holds the value of [[id]].
      * @param boolean $allowCaching whether to allow caching the result of access check.
      * When this parameter is true (default), if the access check of an operation was performed
      * before, its result will be directly returned when calling this method to check the same
      * operation. If this parameter is false, this method will always call
-     * [[\yii\rbac\Manager::checkAccess()]] to obtain the up-to-date access result. Note that this
+     * [[\yii\rbac\ManagerInterface::checkAccess()]] to obtain the up-to-date access result. Note that this
      * caching is effective only within the same request and only works when `$params = []`.
-     * @return boolean whether the operations can be performed by this user.
+     * @return boolean whether the user can perform the operation as specified by the given permission.
      */
-    public function checkAccess($operation, $params = [], $allowCaching = true)
+    public function can($permissionName, $params = [], $allowCaching = true)
     {
         $auth = Yii::$app->getAuthManager();
-        if ($allowCaching && empty($params) && isset($this->_access[$operation])) {
-            return $this->_access[$operation];
+        if ($allowCaching && empty($params) && isset($this->_access[$permissionName])) {
+            return $this->_access[$permissionName];
         }
-        $access = $auth->checkAccess($this->getId(), $operation, $params);
+        $access = $auth->checkAccess($this->getId(), $permissionName, $params);
         if ($allowCaching && empty($params)) {
-            $this->_access[$operation] = $access;
+            $this->_access[$permissionName] = $access;
         }
 
         return $access;