Sorry the same topic of github.com/mdmsoft/yii2-admin/issues/215
The "RBAC Role" I mentioned refers to yii\rbac\Item::TYPE_ROLE.
The "Biz Role" refers to the role in the actual organization architecture, for example, a "Manager" of a department.
Generally there are some roles with same NAME in deferent departments in an big organization.
The finance and sales department has its “Manager”, it’s related to the particular department.
Usually we may design the E-R as follow.
xxx_dept (id, name, …)
1, finance
2, sales
xxx_role (id, dept_id, name, begin_date, end_date…)
1, 1, manager, 2015-01-01, 2016-01-01
2, 2, manager, 2015-01-01, 2016-01-01
So here comes the question…
In order to make the biz roles work with yii2 rbac mechanism, probably we may have two choices.
-
create two auth items (role) , FinaceManager and SalesManager. Then maintenance a relationship betweens rbac role and the biz role.
-
create two auth items (role) , FinaceManager and SalesManager. And drop the biz role entity (redundant).
In my opinion, the way 1 makes the world much more complicated, and the way 2, it means the extra properties of actual world role are not supported, for example the begin_date and end_date that mentioned above.
Is there a BEST PRACTICE? Any suggestion is appreciated. THANKS.