Yii2 how to use DbManager assignment roles?

1
votes

I am try to make RBAC with DbManager. I read some guides and did that:

Added authManager in config:

'components' => [
    //...
    'authManager' => [
        'class' => 'yii\rbac\DbManager',
        'defaultRoles' => [
            'user',
            'moderator',
            'admin',
            'superadmin'
        ],
    ],
    //...
]

imported \vendor\yiisoft\yii2\rbac\migrations\schema-mysql.sql in my database;

write GroupRule class:

namespace app\components\rbac;

use Yii;
use yii\rbac\Rule;

/**
 * User group rule class.
 */
class GroupRule extends Rule
{
    /**
     * @inheritdoc
     */
    public $name = 'group';

    /**
     * @inheritdoc
     */
    public function execute($user, $item, $params)
    {
        if (!Yii::$app->user->isGuest) {
            $role = Yii::$app->user->identity->role;

            if ($item->name === 'superadmin') {
                return $role === $item->name;
            } elseif ($item->name === 'admin') {
                return $role === $item->name || $role === 'superadmin';
            } elseif ($item->name === 'moderator ') {
                return $role === $item->name || $role === 'superadmin' || $role === 'admin';
            } elseif ($item->name === 'user') {
                return $role === $item->name || $role === 'superadmin' || $role === 'admin' || $role === 'moderator';
            }
        }
        return false;
    }
}

And rbac controller:

namespace app\commands;

use Yii;
use yii\console\Controller;
use app\components\rbac\GroupRule;
use yii\rbac\DbManager;

/**
 * RBAC console controller.
 */
class RbacController extends Controller
{
    /**
     * Initial RBAC action
     * @param integer $id Superadmin ID
     */
    public function actionInit($id = null)
    {
        $auth = new DbManager;
        $auth->init();

        $auth->removeAll(); //удаляем старые данные
        // Rules
        $groupRule = new GroupRule();

        $auth->add($groupRule);

        // Roles
        $user = $auth->createRole('user');
        $user->description = 'User';
        $user->ruleName = $groupRule->name;
        $auth->add($user);

        $moderator = $auth->createRole(' moderator ');
        $moderator ->description = 'Moderator ';
        $moderator ->ruleName = $groupRule->name;
        $auth->add($moderator);
        $auth->addChild($moderator, $user);

        $admin = $auth->createRole('admin');
        $admin->description = 'Admin';
        $admin->ruleName = $groupRule->name;
        $auth->add($admin);
        $auth->addChild($admin, $moderator);

        $superadmin = $auth->createRole('superadmin');
        $superadmin->description = 'Superadmin';
        $superadmin->ruleName = $groupRule->name;
        $auth->add($superadmin);
        $auth->addChild($superadmin, $admin);

        // Superadmin assignments
        if ($id !== null) {
            $auth->assign($superadmin, $id);
        }
    }
}

And enter yii rbac/init 1 in console.

So, now in assign superadmin role for user with id = 1

AND i have auth_item table with my roles, BUT type column has value = 1 for each rows! I think it's abnormally. What did i do wrong? Another question - what should i do for bind role column of user table with item_name column of auth_assignment table AND how can i assign role when i create new user?

1
mysqlyii2rbac

1 Answers

1
votes

You can assign roles to your user using the assign function of the authManager. The general syntax is:

Yii::$app->authManager->assign(Yii::$app->authManager->getRole('user_role_here'), 'user_id_here');

e.g.

Yii::$app->authManager->assign(Yii::$app->authManager->getRole('moderator'), $this->getId());