alternaterbac An alternate Role Based Access Control

  1. Documentation
  2. Change Log

This extension is an alternate role based access control system for the Yii. It meant to be more tied to the MVC in that sense that each permission is closely related to controller/action pair and access checking is being performed in controller filters.

It also features an yiic shell command which will allow you to fully manipulate permissions and roles, e.g. create/update/grant and revoke, search, etc.

At present this extension is in early stage and was only tested with MySQL 5 database

There is a small description available here:,905.0.html

All comments, bug reports and suggestions are welcome.



  • Yii 1.0 or above
  • MySQL 5.0 or above
  • put Rbac.php to /protected/components
  • put RbacFilter.php to /protected/filters
  • put RbacCommand.php to /protected/commands/shell
  • Configure 'rbac' component
          'rbac' => array(
  • import rbac.sql into your empty test(!) database
  • add some users to the database manually
  • tell your controllers to use RbacFilter: ~~~ php public function filters() { return array( array(


    ); } ~~~

  • start adding roles and permissions with the rbac shell command, e.g. run ./protected/yiic shell to enter running shell and then issue rbac command to get its help.

Change Log

February 25, 2009
  • Initial release.
February 28, 2009
  • version 1.1
  • AccessControlFilter renamed to RbacFilter (file and the class, don't forget to update filters() method)
  • Added application component Rbac
  • requires Yii v1.0.3
  • rbac component implements two methods for access validation
4 0
1 917 downloads
Yii Version: 1.1
License: BSD-2-Clause
Category: Auth
Developed by: oleksiy
Created on: Feb 25, 2009
Last updated: 13 years ago


show all