Hello,
I would like to know what is the easiest way to set permissions to two type of user in my site.
In a few words I only need 2 type of users, one that can do full CRUD on every controller and another that can only view (can’t create, edit or delete anything on any controller)
I’ve already installed and running dektrium user and rbac modules, but for rbac I’ve not been able to find a good how to.
Thank you.
PS.: I use the basic template.
So here is a solution for you, I’m not sure if this is the best way to proceed but I hope it helps you so here it goes:
If you want a simple access control where the user has a single role and you want something less ‘complex’ than an RBAC solution do something like this:
Add a column on your users table for the role;
Create a class to extend AccessRule and override the matchRole() method to perform validation with your new role field, you can check how to do this here:
Basic Access Control Article
You should use this new class on your controller behaviors instead of the default one and define the rules there, the article above explains this to.
If you need more detailed information about the rules check here:
Access control filter
So if you’re sure that the rules are the same to all of the controllers you could just create like a middle class (that extends the Controller class) and put that behaviors there, then extend all of your controllers to that class. This way you get a centralized place to define access rules.
Thank you st1ck, I’ll take a look to those links.