Doubt about access control

Yii 2.0 General Discussions
1

Hello Friends

I created a code using AccessControl, I use the caracter @ to only logged users access the actions. But on my table user I create status to each user, how can I define whats actions the user can access on my controller based on user’s status?

This is my code AccessControl:




return [

            'access' => [

                'class' => AccessControl::className(),

                'only' => ['action1','action2','action3'],

                'rules' => [

                    [

                        'actions' => ['action1','action2','action3'],

                        'allow' => true,

                        'roles' => ['@'],

                    ],

                ],

            ],

            'verbs' => [

                'class' => VerbFilter::className(),

                'actions' => [

                    'logout' => ['post','get'],

                ],

            ],

        ];

So I need that the usar that has a status ‘x’ access only action1, the user that has statys ‘y’ access all actions, the user that has status ‘z’ access action1 and action2.

Is it possible?

2

you would need RBAC (http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#rbac)

I dont think you can accomplish with Access Control Filter (ACF) alone

3

Hello

On Access Control Filter is possible create a array of user that can access a action?

4

I used the method described in this wiki:

http://www.yiiframework.com/wiki/771/rbac-super-simple-with-admin-and-user/

The example only has two roles for logged in users: admin and not admin, but I expanded it 6 role levels. Instead of using User::isAdmin($username), I created a method that checks a user->id to see if its role is equal to or greater than the required role.




public static function hasAccess($userid, $role)

{

  $user = self::findOne($userid);

  if ($user->role >= $role)

    {

    return true;

    }

  else {

  return false;

  }

}

Then in the Access Control section




//....other actions above...

               [

                   'actions' => ['admin'],

                   'allow' => true,

                   'roles' => ['@'],

                   'matchCallback' => function ($rule, $action) {

					 return User::hasAccess(Yii::$app->user->identity->id, User::ROLE_ADMIN);

                   }

               ],

//more actions....

You would have to change your x,y and z to numbers.

5

Thanks guys. I will try both ways and back result here.

6

The sample of newbiedo works very well. Thanks guys