Authorisation

mattchewone · May 21, 2014, 9:20pm

What is the best way to have 3-4 roles for user so they have access to different pages and have a different menu based on their role. I used the advanced template login template so in my DB I have a role column which is set to 10 as the default.

How do i set the rules() on the controller for the pages to accept minimum role level so eg admin is 30, but can see everything, but normal role of 10 can only see specific pages. Or would the pages need to have dynamic rules so they can be changed on the fly?

I have seen the guide for authorisation, but im still puzzled. So advice would be much appreciated.

Matt

mattchewone · May 28, 2014, 2:53pm

Is Anyone able to shed any light on this for me?

Thanks

evstevemd · May 29, 2014, 9:29am

check section in Yii2 guide

http://www.yiiframework.com/doc-2.0/guide-authorization.html

mattchewone · May 29, 2014, 12:14pm

Thanks Stefano, I have read through that a few times now.

Will have another read through and see if I can figure something out.

evstevemd · May 29, 2014, 2:31pm

You have to be specific to the question, showing relevant codes and explaining your problem throughly!

mattchewone · May 29, 2014, 2:53pm

Ok what im looking for is for the users in the DB to have roles set against them, so there would be a field in the DB users table, called ‘roles’.

Then have a table which lists the roles and has a description against them, so a table called roles.

Then have Yii authmanager point to the roles table, so that I can specify within a controller the minimum role per action. Like this:




    public function behaviors()

    {

        return [

            'access' => [

                'class' => AccessControl::className(),

                'only' => ['admin','search'],

                'rules' => [

                    [

                        'actions' => ['admin'],

                        'allow' => true,

                        'roles' => ['admin'], // minimum access level is admin 

                    ],         

                    [

                        'actions' => ['logout'],

                        'allow' => true,

                        'roles' => ['user'], // minimum access level is user

                    ],       

                ],

            ];

    }

Something like that, so that. Then I would display the menu per access level so its dynamic to role level.

The roles i wish to set up will be mainly static, but the users which have them will change.