there is one catch - assigning user to role is done i authManager and is persistent (you called save()). So next time this user logs in - even if you revoke him this role, authManager will have this assignement. You have to use only authManager to store authorization or synchronize every change every time user logs in (if he is still logged in changes won’t be visible untile he re-login).
Thank you for your answer, but I don’t think that it really is what I want to do. I wish the roles could be assgined automatically, that I could define a role with its name and an assertion like :
‘roleA’ => ‘Yii::app()->user->model->role == “A”’, and all users with the attribute role = A would be in the roleA role. (That would be in the case that my user model is stored in the CWebUser).
Is there a way to do that ? (I thought I saw that once, but I can’t remember…)
Thank you !
EDIT : Or maybe I understand what you mean. But I would just need to understand where I need to create the role. I understand that I assign the role to the user when he logs in, but should I create the role in my UserIdentity too, or is there a better place to create the roles.
If I create the role in my UserIdentity, it would look like :
$auth = Yii::app()->authManager;
$auth->createRole($model->role);
if (!$auth->isAssigned($model->role, $this->_id)) {
if ($auth->assign($model->role, $this->_id)) {
yii::app()->authmanager->save();
}
}