RBAC question

Hi, i’m using YiiUser managment to control acces to models actions.

Because my app is simple and doesn’t have many users I can live with this approach.

So i only add this to ALL of my model controllers :

	public function filters() {

		return array(




	public function accessRules() {

		return array(






					'actions'=>array('minicreate', 'admin' ,'create','update','copy','export'),













As you can see I add this line :


So I have to change every controller.

What I want is something more flexible, so I only add one line with this parameters:

  • user (if empty is current logged)

  • Model

  • action requested

So the function return an array or something to allow/deny the action.

Is there any way to achieve this ?

Best regards


i just can think of one quick ugly way right now, you could define

a getAccessRules function in your own controller (that the other controllers extend from)

and in each access rules of the other controllers you call that func, that returns your

calculated access / deny array

but i am pretty sure, there is a nicer solution ;)

This response to your questions about rights module from 08/12/12. I can’t comment on extension page meanwhile.

Maybe it’s compatibility issue with your users class. I succeeded to install it with yii-users. This was very helpfull: http://www.yiiframework.com/wiki/423/installing-yii-users-and-rights-to-newly-created-yii-app/

Rights working only with case sensitive urls and with remapping off all requests to tables to lower case:

my setting for urls management:

	// uncomment the following to enable URLs in path-format










for rights tables remapping:




                'defaultRoles'=>array('Authenticated', 'Guest'),

                'assignmentTable' => 'authassignment',

                'itemTable' => 'authitem',

                'itemChildTable' => 'authitemchild',

                'rightsTable' => 'rights',


in class RWebUser you have to add function to update session states:

public function updateSession()


    $user = Yii::app()->getModule('user')->user($this->id);

    $userAttributes = CMap::mergeArray(array(






    foreach ($userAttributes as $attrName=>$attrValue)





this one comes from users extension

Hi Dmitry, i’m quite new to Right module, i’m testing it on a new project.

But I think it will accomplish my needs…

Thanks for the advise.

Best Regards