Auth on multiple tables

kcackler · November 13, 2010, 1:36am

I am still quite new to Yii, so please forgive me if this is a stupid question. In one of my current systems that I am developing, we have 3 separate user tables because all 3 of the roles require vastly different information and all 3 login areas are in completely different spots of the site (Each login form will be checking only its 1 table for user information). We have a User, Affiliate, and Admin table. A front-facing user login form will interact with the User model, an Affiliate form will interact with the Affiliate model, and an administrator login form will interact with the ADmin table. I have read through the RBAC article multiple times now, but I still am unclear as to how I can create 3 different login forms, each checking a different user table, while using the auth component in Yii.

For the user table, we will just be doing auth checking to make sure that the user is logged in before they can purchase or view their account and also make sure that a user can only update his own information.

Pretty much the same for the affiliate table.

For the admin table, we will actually want to implement RBAC so that we can grant permissions to admins, advertising managers, moderators, etc…

So how can we best achieve this?

zaccaria · November 13, 2010, 8:03am

The best advice is to use only 1 user table, with minimal data (userid, password) for all user type.

You can create other table adminUser belongs to user for store the extra data needed by the different typt of user.

If you choose to use RBAC, you can create 3 main roles for admin, user and affiliate in order to use the embedded check access even for the section.

In the login form of each section, you have to add just one extra rule, like

if (!Yii::app()->authManager->checkAccess(‘userId’, ‘affiliate’))

{

&#036;this-&gt;addError('userId', 'You are not allowed in Affiliate section');

}

kcackler · November 13, 2010, 3:15pm

Thanks for the tip! I had never thought of doing it like that. So in your example, I might have the following tables:

User (Contains userid/pass for all users)

AdminDetails (Contains specific information for administrators. Would contain foreign key to user table)

UserDetails (Contains specific information for regular users. Would contain foreign key to user table)

AffiliateDetails (Contains specific information for affiliates. Would contain foreign key to user table)

Does that basically sound correct?