Yii 1.1: Yii User and Rights Implementation


implementing some features of yii user and rights.

some tips..

After Installing Yii Users and Rights to Newly Created Yii app we have to assign dynamic roles to a user at the time of user creation .

Create a role manually

first we have to create a role manually and add some operations and/or tasks to the role according to the needs

assume the role created was 'clients'

Giving role

This is very simple , achieved by using two lines of code

save the user(assume $model->id is the user saved/created)

//assign role
$authorizer = Yii::app()->getModule("rights")->getAuthorizer();
$authorizer->authManager->assign('clients', $model->id);

Getting user role

This is also very simple

the signed user id will get using Yii::app()->user->Id

$roles=Rights::getAssignedRoles(Yii::app()->user->Id); // check for single role
foreach($roles as $role)
if($role->name == 'clients')
//some actions here ..

Making some actions public

this should be a common need of an app.

this is also very simple when using yii rights

just use a '-' (minus) operator like

public function filters()
        return array(
            'rights - publicprofile', // perform access control for CRUD operations

here the publicprofile action is public, all other actions in the same controller are under rights.

Getting all the roles

getting all the roles in the application

put this line in protected/config/main


get all roles as a dropdown

if (Yii::app()->user->isSuperuser) {
       $all_roles=new RAuthItemDataProvider('roles', array( 
        <label for="type_id">Type</label>
        <?php echo CHtml::dropDownList("Type",'',CHtml::listData($data,'name','name'));?> 

Thank you Chris for the awesome module. and thanks mishamx.

Total 12 comments

#18828 report it
Rajith R at 2015/01/19 05:13am


#18689 report it
Dhara at 2014/12/12 11:56pm
@Rajith R

No i want all users list created by loggedin user. for that i add created_by field in users table. so that i fetched data from user table created by logged in user. and that users displayed in Assignment form, Not all users. There are multiple admin thats why i have to modify it. :)

#18683 report it
Rajith R at 2014/12/12 05:56am

You need user list for a certain role?

#18682 report it
Dhara at 2014/12/12 05:40am
Getting the solution

In AssignmentController i have to pass only criteria like following.

public function actionView()
                $criteria=new CDbCriteria();
                // Create a data provider for listing the users
        $dataProvider = new RAssignmentDataProvider(array('criteria'=>$criteria,'pagination'=>array('pageSize'=>50,),));
        // Render the view
        $this->render('view', array(

And it will gives users created by logged in user

#18681 report it
Dhara at 2014/12/12 05:18am
@Rajith R

Thanx... i will try it. And your given link help me for other issues.

#18680 report it
Rajith R at 2014/12/12 05:10am

some more tips here


#18679 report it
Rajith R at 2014/12/12 05:08am

Try with this, I am not sure , add 'type'=>2,'your_attribute'=>$value

$all_roles=new RAuthItemDataProvider('roles', array( 

I am not sure about this.

#18678 report it
Dhara at 2014/12/12 04:53am
@ Rajith R

Ohk i will do it. but plz can you tell me at the time of data fetching how can i give criteria for data fetching? In RAssignmentDataProvider following function used for User data fetching. How to apply Condition?

public function __construct($config=array())
                $module = Rights::module();
                $userClass = $module->userClass;
                parent::__construct($userClass, $config);
                $this->_authorizer = $module->getAuthorizer();
                //echo '<pre>';

I want to display users as created by logged in user in Assignment form.

#18677 report it
Rajith R at 2014/12/12 04:05am

Please keep these type of identifiers with user table or user related tables company_id

if you need to add to authitem then find its dataprovider/model class

#18674 report it
Dhara at 2014/12/12 01:18am
Add extra field value in authitem table

I add company field in authitem. now i want to add current logged in company_id in authitem at the time of role creation.

How can i add extra field value in authitem table.?

#13838 report it
Rajith R at 2013/07/01 04:25am

i think user+rights is more secure and easy to implement than RABC, and they are error free built-in modules

#13836 report it
alexsergin at 2013/07/01 03:52am

Why you don't use RBAC?

Leave a comment

Please to leave your comment.

Write new article