RBAC with marketplace in Yii2

Hope you are doing well.

Yii2 with RBAC system I planing to develop school Management system and I have one issue I am looking for create school wise RBAC system so every school have own RBAC that’s means each school have own different roles (like… superadmin, admin, teacher, student, accountant etc…) and there access.

image

Thanks for your suggestion

I added additional column sys_company_id in auth_assigmant:
This column can use as school_id. For one user can grant difference access rights for schools

CREATE TABLE `auth_assignment` (
  `id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
  `item_name` VARCHAR(64) COLLATE utf8_unicode_ci NOT NULL,
  `user_id` INT(10) UNSIGNED NOT NULL,
  `sys_company_id` SMALLINT(5) UNSIGNED DEFAULT NULL,
  `created_at` INT(11) DEFAULT NULL,
  PRIMARY KEY (`id`),
  KEY `company_id` (`company_id`),
  KEY `NameUserId` (`item_name`(7),`user_id`),
  KEY `item_name` (`item_name`),
  KEY `idx-auth_assignment-user_id` (`user_id`,`sys_company_id`,`item_name`(10)),
  CONSTRAINT `auth_assignment_ibfk_3` FOREIGN KEY (`item_name`) REFERENCES `auth_item` (`name`)
) ENGINE=INNODB AUTO_INCREMENT=646 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci

Yes but how can we manage the different roles and their own rules as school wise with this? we need to extend the auth controller and we need to compare the all access with school_id ?

we are using dektrium/yii2-rbac and its hard to manage in web and api please let me know your concern how can we implement these with web and api in both? and how can I manage different users (superadmin, admin,student, teacher etc…) with single auth URL like (

In Web login … https://website.com/auth/login
In API Login https://website.com/v1/auth/login
)

The way to solve this is to have standard permissions across all schools, but Roles will have to be school specific, so a school can assign the pre-defined permissions to any Role they create. Then from the Yii auth will take over and check if a user can do the requested action in the normal way.