Is it possible to apply rules programmatically?
So in one of the examples
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'allow' => true,
'actions' => ['index'],
'roles' => ['managePost'],
],
[
'allow' => true,
'actions' => ['view'],
'roles' => ['viewPost'],
],
[
'allow' => true,
'actions' => ['create'],
'roles' => ['createPost'],
],
[
'allow' => true,
'actions' => ['update'],
'roles' => ['updatePost'],
],
[
'allow' => true,
'actions' => ['delete'],
'roles' => ['deletePost'],
],
],
],
];
}
Would it be possible to query the rules from the database, but do so at a higher level than for each individual controller?
softark
(Softark)
January 12, 2018, 11:54am
2
Probably you will find this extension very interesting:
mdmsoft/yii2-admin (https://github.com/mdmsoft/yii2-admin )
This is my favorite RBAC manager for Yii2. Among other things, I love the following features:
[list=1]
[*] It supports a special kind of ‘permission’ - ‘route’ and an ACF component. You can manage RBAC and ACF in a unified way with this extension.
[*] It allows you to develop your own user management system. It doesn’t force you to use something integrated in this extension.
[/list]
softark:
Probably you will find this extension very interesting:
mdmsoft/yii2-admin (https://github.com/mdmsoft/yii2-admin )
This is my favorite RBAC manager for Yii2. Among other things, I love the following features:
[list=1]
[*] It supports a special kind of ‘permission’ - ‘route’ and an ACF component. You can manage RBAC and ACF in a unified way with this extension.
[*] It allows you to develop your own user management system. It doesn’t force you to use something integrated in this extension.
[/list]
Is it relatively easy to integrate? I’m working on an admin panel/CMS for my system. So having it exist within it’s own interface is not ideal.
softark
(Softark)
January 12, 2018, 11:35pm
4
Basic Configuration (https://github.com/mdmsoft/yii2-admin/blob/master/docs/guide/configuration.md )
It has a set of pages that manage RBAC hierarchy (routes, permissions and roles). As I said, ‘route’ is used for ACF.
It also has a page that assign roles to the users. But it doesn’t force you to use a specific User model. You can use your own User model that implements the IdentityInterface.
You may or may not use these pages for RBAC management and role assignment.
I prefer to use migrations for RBAC management, and want to have a custom page for role assignment within my own User management module.