Advanced RBAC in nav bar

1124ritesh · February 19, 2016, 6:51am

Hi everyone,

I am a newbie in Yii.

I have to set up module rights in nav bar. i.e.

Only authorised persons can view the nav links. I don’t know how to do this. Is it possible…??

for example:-

Admin can view all links.

but if a user of circulation department logs in he should view:

home | circulation | logout

Admin Can Allow this user to view other links if admin allowed the user to view menu option then this nav bar should look like:

home | menu | circulation | logout

I am really sorry for my poor English. But please help me. I am stucked here.

I am Using Yii 2.0.6 and kartik side nav widget.

Thanks For the help in advance.

soul · February 19, 2016, 7:02am

Use

yii::$app()->user->isGuest and yii\web\User::can()

http://www.yiiframework.com/doc-2.0/guide-security-authorization.html

1124ritesh · February 19, 2016, 9:45am

Thanks For the reply Soul. But actually user is not guest.

Both are users.

but roles are different, for admin role id is 1. and for circulation user role id is 3.


 <?= SideNav::widget([

                'type' => SideNav::TYPE_DEFAULT,

                'heading' => 'Options',

                'items' => [

                    [

                        'url' => 'index.php?r=admin/',

                        'label' => 'Home',

                        'icon' => 'home'

                    ],

                      [

                        'label' => 'User',

                        'icon' => 'glyphicon glyphicon-user',

                        'items' => [

                            ['label' => 'User', 'icon'=>'glyphicon ', 'url'=>'index.php?r=admin/users'],

                        ],

                    ],

               // i  want to do something like this 

               //   if(Yii::$app->user->identity->role=='user'){

                    [

                        'label' => 'Settings',

                        'icon' => 'glyphicon glyphicon-cog',

                        'items' => [

                            ['label' => 'Department', 'icon'=>'glyphicon', 'url'=>'index.php?r=settings/department'],

                           ],

                    ],

                // }  

                     [

                        'label' => 'Location Master',

                        'icon' => 'glyphicon glyphicon-map-marker',

                        'items' => [

                            ['label' => 'Country', 'icon'=>'glyphicon', 'url'=>'index.php?r=settings/country'],

                           

                        ],

                    ],

                     [

                        'label' => 'Circulation ',

                        'icon' => 'glyphicon glyphicon-refresh',

                        'items' => [

                            [

                              'label' => 'Agency Master', 

                              'icon'=>'glyphicon',

                              'items'=>[

                              ['label'=>'Agency Master','icon'=>'glyphicon-indent-right','url'=>'index.php?r=circulation/agency'],

                              ],

                            ],

                         ],

                    ],

                ],

            ]);  ?>

softark · February 20, 2016, 12:03am

You should use \yii\web\User::can().

See the documentation:

http://www.yiiframework.com/doc-2.0/yii-web-user.html#can()-detail

and

http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#access-check




$items = $itemsForUser_A;

if (Yii::$app->user->can('editSetting')) {

    $items = ArrayHelper::merge($items, $itemsForAdmin);

}

$items = ArrayHelper::merge($items, $itemsForUser_<img src='http://www.yiiframework.com/forum/public/style_emoticons/default/cool.gif' class='bbc_emoticon' alt='B)' />;

echo SideNav::widget([

    'type' => SideNav::TYPE_DEFAULT,

    'heading' => 'Options',

    'items' => $items,

]);

In the above, ‘editSetting’ is an authorization item name. Only the users with the ‘editSetting’ permission can see the ‘setting’ menu item.

Probably you can do it like this, using a role name instead of a permission name:




if (Yii::$app->user->can('admin')) {

    $items = ArrayHelper::merge($items, $itemsForAdmin);

}

1124ritesh · February 20, 2016, 5:18am

softark:

You should use \yii\web\User::can().

See the documentation:

http://www.yiiframework.com/doc-2.0/yii-web-user.html#can()-detail

and

http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#access-check
$items = $itemsForUser_A;

if (Yii::$app->user->can('editSetting')) {

    $items = ArrayHelper::merge($items, $itemsForAdmin);

}

$items = ArrayHelper::merge($items, $itemsForUser_<img src='http://www.yiiframework.com/forum/public/style_emoticons/default/cool.gif' class='bbc_emoticon' alt='B)' />;

echo SideNav::widget([

    'type' => SideNav::TYPE_DEFAULT,

    'heading' => 'Options',

    'items' => $items,

]);
In the above, ‘editSetting’ is an authorization item name. Only the users with the ‘editSetting’ permission can see the ‘setting’ menu item.

Probably you can do it like this, using a role name instead of a permission name:
if (Yii::$app->user->can('admin')) {

    $items = ArrayHelper::merge($items, $itemsForAdmin);

}

Thanks A lot it Worked…

Yii is really awesome…

jacmoe · February 20, 2016, 5:26am

Yes It Is