Hello,
I’ve created a yii basic project. I’m using DbManager to manage roles, permissions and rules. The first two of them works fine, but the rules are freaking me out. When I try to check the access (via “can” function) doesn’t work at all.
What do I’ve done:
I’ve created a class named “CompetencyRule”, inside a folder that i’ve created as well called “rbac”. So, the full path is the following: “app/rbac/CompetencyRule.php” (yes, “rbac” is in the same level that “models”, “controllers”, “config”, etc.)
here is the source:
namespace app\rbac;
use yii\rbac\Rule;
class CompetencyRule extends Rule
{
public $name = 'competencyRule';
public function execute($user, $item, $params)
{
return false;
}
}
As you can see, I’ve forced to return false no matter what, to verify that the function is called. But the function is never called!
here is the stract of code in where that function shoud be called:
public function actionUpdate( $id, $formationPlanId = null )
{
$model = $this->findModel( $id );
if( !Yii::$app->user->can('update-comp', ['comp' => $model]) ){
return $this->redirect( ['view', 'id' => $model->id] );
}
//more unusefull code bellow...
The idea is that the user can update this model, only if certain logic occurs. According to the code above, the flow should enter inside that “if” sentence, but it doesn’t.
The logged in user has a “Director” role, i’ve already loaded the code below:
$rule = new CompetencyRule();
$auth->add($rule);
$editOwnCompetency = $auth->createPermission('editOwnCompetency');
$editOwnCompetency->description = 'Edita su propia competencia';
$editOwnCompetency->ruleName = $rule->name;
$auth->add($editOwnCompetency);
$editCompetency = $auth->getPermission(Permissions::$COMPETENCY_UPDATE);
$auth->addChild($editOwnCompetency, $editCompetency);
$dir = $auth->getRole('Director');
$auth->addChild($dir, $editOwnCompetency);
Any Idea?
I hope you can help me please, if you need more information, please tell me and I’ll provide it.
Thanks in advance