Hello,
There is something I am not understanding in the RBAC tutorial, it says to add ‘matchCallback’ => function ($rule, $action) {
return User::isUserAdmin(Yii::$app->user->identity->username);
But at the moment both the user and the admin can see the about page
return [
'access' => [
'class' => AccessControl::className(),
'only' => ['logout', 'signup', 'about'],
'rules' => [
[
'actions' => ['signup'],
'allow' => true,
'roles' => ['?'],
],
[
'actions' => ['logout'],
'allow' => true,
'roles' => ['@'],
],
[
'actions' => ['about'],
'allow' => true,
'roles' => ['@'],
'matchCallback' => function ($rule, $action) {
return User::isUserAdmin(Yii::$app->user->identity->username);
}
],
],
],
and here is the main.php:
<?php
NavBar::begin([
'brandLabel' => 'Kollox Forum',
'brandUrl' => Yii::$app->homeUrl,
'options' => [
'class' => 'navbar navbar-fixed-top',
],
]);
$menuItems = [
['label' => 'Home', 'url' => ['/site/index']],
['label' => 'About', 'url' => ['/site/about']],
['label' => 'Contact', 'url' => ['/site/contact']],
];
if (Yii::$app->user->isGuest) {
$menuItems[] = ['label' => 'Signup', 'url' => ['/site/signup']];
$menuItems[] = ['label' => 'Login', 'url' => ['/site/login']];
} else {
$menuItems[] = [
'label' => 'Logout (' . Yii::$app->user->identity->username . ')',
'url' => ['/site/logout'],
'linkOptions' => ['data-method' => 'post']
];
$menuItems[] = ['label' => 'Add Book', 'url' => ['/book']];
}
echo Nav::widget([
'options' => ['class' => 'navbar-nav navbar-right'],
'items' => $menuItems,
]);
NavBar::end();
?>
Why can we put the role name in the ‘roles’ => [’@’], like this:
‘roles’ => [‘admin’],
or
‘roles’ => [‘user’], as defined in the constants:
const ROLE_USER = 10;
const ROLE_ADMIN = 20;
Thank you,
Ben