i installed and configured rbac in yii2 with DBManager but i don’t get the “check” working with:
if (Yii::$app->user->can('waitAccess')) {
echo "yes it is pending.";
} else {
echo "nothing";
}
I made 3 users with my different roles but each of them is able to see the first line despite they don’t have the permission. “In my opinion”
This here is my rbacController
<?php
namespace console\controllers;
use Yii;
use yii\console\Controller;
class RbacController extends Controller
{
public function actionInit()
{
$auth = Yii::$app->authManager;
// add "user2View" permission
$user2View = $auth->createPermission('user2View');
$user2View->description = 'user2 view';
$auth->add($user2View);
// add "user1View" permission
$user1View = $auth->createPermission('user1View');
$user1View->description = 'user1 view';
$auth->add($user1View);
// add "waitAccess" permission
$waitAccess = $auth->createPermission('waitAccess');
$waitAccess->description = 'wait for Access';
$auth->add($waitAccess);
// add "seeConfig" permission
$seeConfig = $auth->createPermission('seeConfig');
$seeConfig->description = 'Access to the administrative Config';
$auth->add($seeConfig);
// add "user2" role and give this role the "user2View" permission
$user2 = $auth->createRole('user2');
$auth->add($user2);
$auth->addChild($user2, $user2View);
// add "user1" role and give this role the "user1View" permission
$user1 = $auth->createRole('user1');
$auth->add($user1);
$auth->addChild($user1, $user1View);
// add "pending" role and give this role the "waitAccess" permission
$pending = $auth->createRole('pending');
$auth->add($pending);
$auth->addChild($pending, $waitAccess);
// add "superadmin" role and give this role the "seeConfig" permission
$superadmin = $auth->createRole('superadmin');
$auth->add($superadmin);
$auth->addChild($superadmin, $seeConfig);
$auth->addChild($superadmin, $user2View);
$auth->addChild($superadmin, $user1View);
$auth->addChild($superadmin, $waitAccess);
}
}
Maybe anyone have a clue what I can look for.