Installation guide: Yii-2 advanced template with RBAC system

Welcome, all of you !

Here I am giving the steps for an easy installation of yii2-advanced template with an RBAC(Role Based Access Control) system.

Installtion : Yii2 - advanced template

Here we are going to install yii2-advanced template using composer. So if you don't have composer in your machine, please download and install the latest version of it. After installing composer please check whether it is accessible from the CMD by running the command composer like:

C:\>composer

If the above command gives a +ve response, then it's okay. Now we can start.

Open a new CMD window and locate to your server root directory. I am using wamp server so myself would be like:

C:\>cd wamp\www
C:\wamp\www>

Then run the command composer create-project --prefer-dist yiisoft/yii2-app-advanced yii2-app for creating a new application named as yii2-app like:

C:\wamp\www>composer create-project --prefer-dist yiisoft/yii2-app-advanced yii2-app

The template will be downloaded from git repository. After the template is installed, locate to the newly created application directory C:\wamp\www\yii2-app in CMD like:

C:\wamp\www>cd yii2-app
C:\wamp\www\yii2-app>

Then you should initialize the application by running php init in CMD. The initialization will generate the entry scripts and config files for your application. Run the command like:

C:\wamp\www\yii2-app>php init

You can select the environment type from the given options:

Which environment do you want the application to be initialized in?

  [0] Development
  [1] Production

  Your choice [0-1, or "q" to quit]

Now the installation of yii2-advanced template is completed, but still there is no database. So we want to create and use a database too. First of all we should install an RBAC module. Here I am using yii2-admin for RBAC. Take a look at the following steps:

Installation: RBAC system into your application

From the CMD window run the command composer require mdmsoft/yii2-admin "~2.0" for installing yii2-admin into your newly created application like:

C:\wamp\www\yii2-app>composer require mdmsoft/yii2-admin "~2.0"

It will be downloaded from git. After installation, the package (yii2-admin) will be located in the yii2-app/vendor/mdmsoft directory.

Then you should add some parameters to the configuration file yii2-app/common/config/main.php to access the yii2-admin and authManager as:

'modules' => [
    'admin' => [
        'class' => 'mdm\admin\Module',
        ...
    ]
    ...
],
...
'components' => [
    ...
    'authManager' => [
        'class' => 'yii\rbac\PhpManager', // or use 'yii\rbac\DbManager'
    ]
],

Create a database in MySql and configure your yii2-app/common/config/main-local.php file by adding the database credentials. Currently, there is no user table in your database. So you need to create user table for user management. For this yii2 provides an option for database migration. Run the command yii migrate --migrationPath=@mdm/admin/migrations in CMD for creating a proper user table for the user management. In CMD,

C:\wamp\www\yii2-app>yii migrate --migrationPath=@mdm/admin/migrations

The above command will create user and menu tables for your application.

Then change the user component properties in config file yii2-app/common/config/main.php as:

'components' => [
    ...
    'user' => [
        'identityClass' => 'mdm\admin\models\User',
        'loginUrl' => ['admin/user/login'],
    ]
]

Populate the user table by adding users. Use this link to register users to your application:
http://localhost/yii2-app/backend/web/index.php?r=admin/user/signup

You can use authManager class 'yii\rbac\DbManager' to authorize users using database. For that you should execute a database migration using the command yii migrate --migrationPath=@yii/rbac/migrations. Before that add 'class' => 'mdm\admin\models\User' and change the authManager class in the config file yii2-app/common/config/main.php like :

'components' => [
    ...
    'authManager' => [
        'class' => 'yii\rbac\DbManager', // or use 'yii\rbac\PhpManager'
    ],
    'user' => [
        'class' => 'mdm\admin\models\User',
        'identityClass' => 'mdm\admin\models\User',
        'loginUrl' => ['admin/user/login'],
    ]
]

and remove 'class' => 'mdm\admin\models\User' from the config file after migration. Execute the migration as:

C:\wamp\www\yii2-app>yii migrate --migrationPath=@yii/rbac/migrations

Don't forget to remove 'class' => 'mdm\admin\models\User' from the config file yii2-app/common/config/main.php.

You can use the following RBAC URLs to create and manage permissions/roles to the users:

http://localhost/yii2-app/backend/web/index.php?r=admin
http://localhost/yii2-app/backend/web/index.php?r=admin/route
http://localhost/yii2-app/backend/web/index.php?r=admin/permission
http://localhost/yii2-app/backend/web/index.php?r=admin/menu
http://localhost/yii2-app/backend/web/index.php?r=admin/role
http://localhost/yii2-app/backend/web/index.php?r=admin/assignment
http://localhost/yii2-app/backend/web/index.php?r=admin/user

Then you can create and manage routes/permissions/roles and assign them to the existing users using this interface. After setting the routes/permissions/roles, for checking whether a user has access to a particular action in a controller you need to add access control configuration parameters to the yii2-app/common/config/main.php file.

return [
    'modules' => [
        ....
    ],
    ....
    'as access' => [
        'class' => 'mdm\admin\components\AccessControl',
        'allowActions' => [
            'site/*',
            'admin/*',
        ]
    ]
]

You can add the public actions in allowActions array. The other actions will be checked by the AccessControl class for authorization.

Use the following github links for more instructions about yii2-advanced and yii2-admin:
https://github.com/yiisoft/yii2-app-advanced
https://github.com/mdmsoft/yii2-admin

Hope this article will help you to install yii2 and RBAC easily. Thanks for reading.

Happy coding :)