Please consider the following
Dear software engineers imagine I have a simple ISA hierarchy: parent A with
children B and C.
So let's say we have the corresponding tables named "a", "b", "c" and (created
with the help of the gii model creator) the classes A, B, C
The following is a screenshot from MySQL workbench:
I assume you are familiar with accessControl standard filter. It allows you to separate privileges to run some action from action code itself. There is however one problem with most common usage - you cannot use bizRules, at least based on some parameters passed to 'checkAccess' just because it is hard to pass them in accessRules() result.
In a nutshell, the task at hand is to mark (or render) a model attribute in the typical "_form.php" view file with the 'required' red asterisk while this attribute is not marked as required in the model's rule() method.
If you're interested only in the solution, jump ahead to the 'solution' section below.
In this wiki, I try to implement a simple authorization schema without putting much logic inside a file
or into database table. We are constructing authorization hierarchy inside the controller. We are getting
roles for the current user from database table and assigning only roles to user that are declared in the
particular controller. We have brought down the work of loading of auth data at main
application level to controller level. This way we have pulverised auth data for entire site into smaller
units. Finally we are going to look at couple of examples.
I found a standard Yii app's protected folder structure nearly perfect. With a few simple moves and a little bit change to the code, I managed to bring it to the level, which I found as fully perfect. I want to share my point of view, in case someone would like to use this structure as well.