Hello from Yii newb)
I’m planning the authorization system for my web site. So far there will be three types of users: just typical authenticated users, moderators and administrator.
Is it ok to use controller filters for just users, and file based rbac for moders and admin? what would be your implementation?
And second thing, will it work if I just create operation items with business rules without creating any role, and use those operations with Yii::app()->user->checkAccess()?