Yii Framework Forum: Accesscontrol And Roles - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Accesscontrol And Roles Avoiding too much RBAC

#1 User is offline   ORey 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,701
  • Joined: 20-April 09
  • Location:Moscow, Russia

Posted 19 November 2013 - 02:12 PM

Hi guys. Need some advice.

Suppose I want to create simple auth system, without using RBAC, but with a couple of roles besides built-in "?'" and "@", so that I can use

public function behaviors()
{
    return [
        'access' => [
            'class' => 'yii\web\AccessControl',
            'rules' => [
                [
                    'allow' => true,
                    'roles' => ['moderator', 'admin'],
                ],
            ],
        ],
    ];
}


The only thing I need is restricting access to some actions based on user roles.

Where's the best place to add a couple of code lines?
Should I extend user component, overriding checkAccess? should I create my own PhpManager? should I stick with default RBAC?

And where and how should I 'store' current user's role, aquired from DB? (example: in session, during user's init())
God is real unless declared as integer
0

#2 User is offline   qiang 

  • Yii Project Lead
  • Yii
  • Group: Yii Dev Team
  • Posts: 5,902
  • Joined: 04-October 08
  • Location:DC, USA

Posted 19 November 2013 - 02:15 PM

Override `AccessRule::matchRole()` and configure `AccessControl::ruleConfig`
1

#3 User is offline   ORey 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,701
  • Joined: 20-April 09
  • Location:Moscow, Russia

Posted 19 November 2013 - 02:18 PM

Oh. thanks for a fast answer.
God is real unless declared as integer
0

#4 User is offline   Arash26 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 113
  • Joined: 08-October 12

Posted 31 January 2014 - 06:47 PM

Is this right syntax?
public function behaviors()
        {
                return [
                    'access' => [
                        'class' => \yii\web\AccessControl::className(),
                        'ruleConfig' => [
                            'class' => 'app\components\AccessRule'
                        ],
                    ],
                ];
      }

0

#5 User is offline   ORey 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,701
  • Joined: 20-April 09
  • Location:Moscow, Russia

Posted 01 February 2014 - 04:03 AM

View Postseyyed, on 31 January 2014 - 06:47 PM, said:

Is this right syntax?
public function behaviors()
        {
                return [
                    'access' => [
                        'class' => \yii\web\AccessControl::className(),
                        'ruleConfig' => [
                            'class' => 'app\components\AccessRule'
                        ],
                    ],
                ];
      }



Yes. See this post for full example.
God is real unless declared as integer
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users