Revision #10 has been created by François Gannaz on Nov 23, 2011, 11:04:57 PM with the memo:
(m) Fixed a few English mistakes
« previous (#9)
CPhpAuthManager - how it works, and when to use it
CPhpAuthManager, rbac, accessControl, roles, admin, moderator, guest, banned
iding this article, you should first learn this [How to setup RBAC with a php file](http://www.yiiframework.com/wiki/65/how-to-setup-rbac-with-a-php-file "")
It is actually mentioned in the documentation
[...]<quote>CPhpAuthManager is mainly suitable for authorization data that is not too big (for example, the authorization data for a personal blog system). Use CDbAuthManager for more complex authorization data.</quote>
So you maybe mistakenly thought it
s perfect and w
allow you to manage the roles of the next website with million users,
it doesn't ...
BUT there are ways to improve it actually, if your hierarchy structure is simple, so you can serve up to million users with it
Why CPhpAuthManager can be evil?
[...]At the first glance what is the problem? You set auth.php file, it has the rules - no problems.
But actually when you dig d
ipper you understand there is a lot of issues with it .
Lets take a look at the [CPhpAuthManager::assign](http://www.yiiframework.com/doc/api/1.1/CPhpAuthManager#assign-detail "")
[...]If you follow this rules, if you have 1 million of users.
You will have about 100 moderators and few admins... so it is peace of cake for CPhpAuthManager if you follow the rules
You just need to remember that
every role assignment
row to your auth.php file that
loaded every time!
I described the issue, but it is always better to do it yourself to understand in more depth what is the "problem" with it.
And don't understand me wrong... it is aw
some! but it not me
nt to work with a lot of users and assignments
ust do this loop after you set the basic rules in auth.php
$auth = Yii::app()->authManager;
execute it and after this open the