dektrium Yii2-rbac


I have a problem when using dektrium yii2-rbac.

I created roles, permission and routes, rules and assignment using rbac. But my problem is how we configure it in controller to automatically check if the user has or not the permission to do an action.

For example in Yii1.1 the controller has to be extend Rcontroller.

If i follow the yii2 guide about it, i have to hard code the permission checking (\Yii::$app->user->can()) for each action.

It is possible to use rbac in the controller without hard coded checking if the user can do the task?


You can use AccessControl behavior for this.

    public function behaviors()


        return [

            'access' => [

                'class' => AccessControl::className(),

                'rules' => [


                        'allow' => true,

                        'roles' => ['ABC'],






where ABC is the name of role or permission. This will limit access to every controller’s action to users with role or permission ABC. See Access Control Filter guide section for more info about ACF.

What i want to avoid is to hard code the name of the role in the controller. With this you have to know the name of the role created at the front end level. Is there any way to use rbac without hard code the role like in Yii1.1 ?

I’ve seen solution where permission is called something like ‘aaa/bbb’ where ‘aaa’ is controller’s id and ‘bbb’ is action’s id so you can prepare ACF rule that will check it based on current controller’s action.

Please do you have the link?

This matchCallback might do the trick after few tweeks (I haven’t tested it though).

Thks for the link and i implemented it successfully. But i have an issue when creating rule with the execute method.

I have a modele named Tabpost and i want to allow only the author to modify his post. Kindly seee below the method.


namespace app\rules;

use yii\rbac\Rule;

use Yii;


  • Rules to restrict Author to update only his own posts


class UpdatePostRule extends Rule



 * @param string|integer &#036;user the user ID.

 * @param Item &#036;item the role or permission that this rule is associated with

 * @param array &#036;params parameters passed to ManagerInterface::checkAccess().

 * @return boolean a value indicating whether the rule permits the role or permission it is associated with.


public function execute(&#036;user, &#036;item, &#036;params)


	Yii::info('user  '.&#036;params['Tabpost']);

	Yii::info('user ID  '.&#036;user);

    return isset(&#036;params['Tabpost']) ? &#036;params['Tabpost']-&gt;user_id == &#036;user : false;



When i execute the update action, i get this error:

Undefined index: Tabpost

Please it seems that i do not use the execute method well.

What is $params attributes?

I see you have copied the code from here.

In here you can find example of using this rule (second box). Array [‘post’ => $post] is $params.

Thank you. it helps me