Yii2 yii2mod/yii2-rbac

0
votes

I try to understand how it works - no way I only can see the routes beginning with /rbac/ .. and some with /gridview/ ... and /dynagrid/ ... But no route related to my contoller actions I thought that yii2mod/yii2-rbac worked like RBAC in Yii1 where I had permissions defined and checked in controller.

When - as before - I insert something like this :

INSERT INTO `auth_item` (`name`, `type`, `description`, `rule_name`, `data`) VALUES ('createCompany', 0, 'createCompany', NULL, 'N;');

and assign it to a user Admin it appears as a permission and not as a route in the permission view of Admin (rbac/permission/view/Admin)

The readme file did not help me - so how can I use yii2mod/yii2-rbac ?

1
yii2rbac
Are you trying to understand the rbac mechanism of yii2? Still want to know the separate package yii2mod/yii2-rbac? - Luna
depends - will take the one I can understand - G. Trennert

1 Answers

1
votes

The yii2mod/yii2-rbac package what it provides is a web interface, but it is not an alternative to the native implementation of the RBAC in Yii2:

Yii2-RBAC provides a web interface for advanced access control and includes following features:

  • Allows CRUD operations for roles, permissions, rules
  • Allows to assign multiple roles or permissions to the user
  • Allows to create console migrations
  • Integrated with yii2mod/base

The base of this package is the RBAC Yii2 that can review part of its implementation here (only as an example).

Making a raw INSERT to the auth_item table does not make much sense as a way to understand how the RBAC works. The auth_item table keeps the records of the permissions and/or roles which are separated by types: 1=Role, 2=permission.

Installed and configured yii2mod/yii2-rbac in your project you could enter the different options to create roles, permissions, routes and assign them to your users as they inidcan them:

http://localhost/path/to/index.php?r=rbac/
http://localhost/path/to/index.php?r=rbac/route
http://localhost/path/to/index.php?r=rbac/permission
http://localhost/path/to/index.php?r=rbac/role
http://localhost/path/to/index.php?r=rbac/assignment

or if you have enabled pretty URLs, you may use the following URL:

http://localhost/path/to/index.php/rbac
http://localhost/path/to/index.php/rbac/route
http://localhost/path/to/index.php/rbac/permission
http://localhost/path/to/index.php/rbac/role
http://localhost/path/to/index.php/rbac/assignment

If you want to understand better how the YB2 RBAC works, you can review it from here.