ridz
(Me)
1
I’m trying to get access control to work.
All users can see index and view.
Authenticated users can create.
Admin can update and delete.
Currently, the page is asking to login when accessing index and view.
Authenticated user cannot create.
Admin cannot access all.
Pls help.
'access'=> [
'class' => AccessControl::className(),
'only' => ['index','view','create','update','delete'],
'rules' => [
[
'actions' => ['index','view'],
'allow' => true,
'roles' => ['*'],
],
[
'actions' => ['create'],
'allow' => true,
'roles' => ['@'],
],
[
'actions' => ['update','delete'],
'allow' => true,
'roles' => ['admin'],
],
],
],
....
The code seems work.
Are you sure that denied actions is for AccessControl and not other reasons?
ilaiyaraja
(Ilaiyamdu)
3
Your code will work for all users(change * to ?), But for new roles you can define rules to access
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['create'],
'allow' => true,
'roles' => ['@'],
],
//for new roles, you have to declare rules
[
'actions' => ['update', 'delete'],
'allow' => true,
'roles' => ['@'],
'matchCallback' => function ($rule, $action) {
return MyComponent::isPermissions();//define your rule here by custom component or by webUser
}
],
[
'actions' => ['view', 'index'],
'allow' => true,
'roles' => ['?'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'delete' => ['post'],
],
],
];
}
Refer This link
ridz
(Me)
4
What are other possible reasons?
ridz
(Me)
5
The code will work if there is only one role.
I’ve been reading about rules but still don’t understand. Is there any example code?
