CPhpAuthManager - how it works, and when to use it

How-tos

CPhpAuthManager, rbac, accessControl, roles, admin, moderator, guest, banned

Introduction ------------ Before rieading this article, you should first learn this [How to setup RBAC with a php file](http://www.yiiframework.com/wiki/65/how-to-setup-rbac-with-a-php-file "")

It is actually mentioned in the documentation<quote>CPhpAuthManager is mainly suitable for authorization data that is not too big (for example, the authorization data for a personal blog system). Use CDbAuthManager for more complex authorization data.</quote>

So you maybe mistakenly thought it iwas perfect and willould allow you to manage the roles of the next website with million users, and it doesn't ... BUT there are ways to improve it actually, if your hierarchy structure is simple, so you can serve up to million users with it .

Why CPhpAuthManager can be evil?At the first glance what is the problem? You set auth.php file, it has the rules - no problems.

But actually when you dig dipeeper you understand there is a lot of issues with it .

Lets take a look at the [CPhpAuthManager::assign](http://www.yiiframework.com/doc/api/1.1/CPhpAuthManager#assign-detail "")If you follow this rules, if you have 1 million of users.
You will have about 100 moderators and few admins... so it is peace of cake for CPhpAuthManager if you follow the rules. You just need to remember that for every role assignment hou have to add a row to your auth.php file that is loaded every time! Addition1 --------- I described the issue, but it is always better to do it yourself to understand in more depth what is the "problem" with it. And don't understand me wrong... it is awesome! but it not meant to work with a lot of users and assignments!. jJust do this loop after you set the basic rules in auth.php
 
 

```php
$auth = Yii::app()->authManager;```

execute it and after this open the "data/auth.php".