How to implement RBAC in Yii?

Hello, Everybody!

I am a newbie to Yii, have learned for months. Recently i try to make a system using it. Everything almost be done. I run into a problem in implementing RBAC. I never before get touched with this kind of hierarchy. Followed the guide in the documentation. But it just doesn’t work properly. I’ll get to the point.

Two types of user: ‘author’, ‘admin’. Which column in the user table is ‘credential’.

I have a model named with ‘Patient’.

Patient Controller Access Rules for Admin

array('allow', // allow admin user to perform 'admin' and 'delete' actions





RBAC Hierarchy


$auth->createOperation('createPatient','create a patient');

$auth->createOperation('readPatient','read a patient');

$auth->createOperation('updatePatient','update a patient');

$auth->createOperation('deletePatient','delete a patient');

$bizRule='return Yii::app()->user->department==$params["patient"]->department';

$task=$auth->createTask('updateOwnPatient','update a patient by author himself',$bizRule);









$role->assign('admin',1);//1 is user admin id.

When i go to admin page of patient with user admin. I am denied. Error 403 arise:You are not authorized to perform this action.

I’m blocked with this feature, may not go further before i get understood the fundamental.

Is there anyone who master RBAC in yii can help me out?

Appreciate all you guys!

I think you don’t need ‘users’ parameter:

array('allow', // allow admin user to perform 'admin' and 'delete' actions




have you used the login form to log in as admin?

Did you save that hierarchy with $auth->save() ?

I think save() is not necessary, look at this example:

Thank you guys. I try to reply you with quoting your answers, But as new user i am. When i post like that, it is recognized as spam.

After go through some articles, I already have been familiar with RBAC. Some basic test is successful.

The only confusion is how to apply ‘updateOwnPost’ operation and how to pass ‘params’ into it in ‘accessRules’.

I am figuring it out.

Best regard.