Rbac DbManager Implementation

Hello everyone i am new to yii frameworks…

I stuck with authManager component…

Can anyone please refer any link for how to implement authManager using DbManager

1:Most of the article say add tables to database

2:Create a role in Controller and Assign


use yii\rbac\DbManager;

$r=new DbManager;





but miss most of details how to implement…

so i am trying out from few days couldn’t able find any useful article of implementation

So here are thinks i need to know

1:where to write DbManager Logic in which controller

Example: i have 3 roles admin, client, guest

2:How to write Rule for this Roles

3:how and where to register these Rules to Roles

4:when user register how to access these role

5:how to write behaviors() in controller to restrict access based on role

example: how to prevent client from accessing admin controller if he access using url

       like  admin/index how to deny access






           'roles'=>['admin'] //here i need admin or client instead of ? or @ 




i will be really glad if anyone share any useful link or sample code

You can try Yii2-admin extension

I created a video recently on YouTube that goes through the whole process, which might help but it uses yii2-admin to setup permissions rather than using code to populate but I will try and answer your questions: https://www.youtube.com/watch?v=vLb8YATO-HU

  1. I’m not sure which logic you are referring to. The permissions live in the database tables, the code to populate them (if used) is usually put into a command and run once from the command line or is put into a migration and added that way. The access control logic (for instance only admin can access the index action) goes into each controller that you need to restrict. By default, you are allowed into any action that is not restricted although if you use the AccessControl filter in yii2-admin plugin, you are not allowed in to any part of the site unless you create a permission for each route.

  2. See the guide here: https://github.com/yiisoft/yii2/blob/master/docs/guide/security-authorization.md rules are written as classes under the rbac folder and then they are serialized into the database when you add them in code (see the example in the guide). You do NOT need a rule for a permission, it is optional.

  3. Rules belong to permissions and permissions belong to roles. The example is role "user" has permission "editOwnPost" which includes the rule "AuthorRule", which checks whether the current user is the author of the post.

  4. When a user registers, you will normally use code to add them into a default role. This is covered in the guide (just before "Using Rules")

  5. Your example is correct. Use "admin", "user" or whatever instead of ? or @