Restrict view for role or user

woolter · July 23, 2015, 8:16pm

Hi all,

I ´ve started to use Yii2 Basic one month ago, and now I was finish all that I want for the web page.

The next questions are based on basic application to make easier the explanation and considering that I have these views:

Home

About

Contact

Login

Question 1:

At this moment I want that the application allows to guest user to see home and for the others views redirect all guest to login view, and I don’t have idea how to obtain this result.

Question 2:

How I can reach these results after user was login with 3 different types of user:

Group 1: access to home, login and about

Group 2: access to home, login and contact

Group 3 (admin): access to all views

When I saw the code below in basic/view/layouts/main.php I suppose that the question 1 was resolved but without login I can access to all the views


<?php

            NavBar::begin([

                'brandLabel' => 'My Company',

                'brandUrl' => Yii::$app->homeUrl,

                'options' => [

                    'class' => 'navbar-inverse navbar-fixed-top',

                ],

            ]);

            echo Nav::widget([

                'options' => ['class' => 'navbar-nav navbar-right'],

                'items' => [

                    ['label' => 'Home', 'url' => ['/site/index']],

                    ['label' => 'About', 'url' => ['/site/about']],

                    ['label' => 'Contact', 'url' => ['/site/contact']],

                    Yii::$app->user->isGuest ?

                        ['label' => 'Login', 'url' => ['/site/login']] :

                        ['label' => 'Logout (' . Yii::$app->user->identity->username . ')',

                            'url' => ['/site/logout'],

                            'linkOptions' => ['data-method' => 'post']],

                ],

            ]);

            NavBar::end();

        ?>

I hope someone can help me with those questions.

Thanks.

grischer · July 24, 2015, 9:14am

Hi Woolter,

basicaly you need to use RBAC system adjusting your db accordingly.

documentation:

http://www.yiiframework.com/wiki/771/rbac-super-simple-with-admin-and-user/

In mysql i use only one view with all the user information I need to know.

To reach this result usually I put a if in the login action to redirect user




if(Yii::$app->user->identiy->guest == 1){

      return $this->redirect(your Url);

}else{

      return $this->redirect(your Url);

}

Woolter:

Question 2:

How I can reach these results after user was login with 3 different types of user:

Group 1: access to home, login and about

Group 2: access to home, login and contact

Group 3 (admin): access to all views

When I saw the code below in basic/view/layouts/main.php I suppose that the question 1 was resolved but without login I can access to all the views


<?php

            NavBar::begin([

                'brandLabel' => 'My Company',

                'brandUrl' => Yii::$app->homeUrl,

                'options' => [

                    'class' => 'navbar-inverse navbar-fixed-top',

                ],

            ]);

            echo Nav::widget([

                'options' => ['class' => 'navbar-nav navbar-right'],

                'items' => [

                    ['label' => 'Home', 'url' => ['/site/index']],

                    ['label' => 'About', 'url' => ['/site/about']],

                    ['label' => 'Contact', 'url' => ['/site/contact']],

                    Yii::$app->user->isGuest ?

                        ['label' => 'Login', 'url' => ['/site/login']] :

                        ['label' => 'Logout (' . Yii::$app->user->identity->username . ')',

                            'url' => ['/site/logout'],

                            'linkOptions' => ['data-method' => 'post']],

                ],

            ]);

            NavBar::end();

        ?>

I hope someone can help me with those questions.

Thanks.

I usually adopt this solution


<?php

       if(Yii::$app->user->identity->guest== 1){

         $menuItems = [

                    ['label' => 'Home', 'url' => ['/site/index']],

                    ['label' => 'About', 'url' => ['/site/about']],

                    ['label' => 'Contact', 'url' => ['/site/contact']],

                   

                ];

                }else{

          $menuItems = [

                    ['label' => 'Home', 'url' => ['/site/index']],

                    

                   

                ];

                 }

  

            NavBar::begin([

                'brandLabel' => 'My Company',

                'brandUrl' => Yii::$app->homeUrl,

                'options' => [

                    'class' => 'navbar-inverse navbar-fixed-top',

                ],

            ]);

            echo Nav::widget([

                'options' => ['class' => 'navbar-nav navbar-right'],

                'items' => $menuItems,

                         Yii::$app->user->isGuest ?

                        ['label' => 'Login', 'url' => ['/site/login']] :

                        ['label' => 'Logout (' . Yii::$app->user->identity->username . ')',

                            'url' => ['/site/logout'],

                            'linkOptions' => ['data-method' => 'post']],

            ]);

            NavBar::end();

        ?>

Then you should to modify rules inside your controller as described in the guide i linked in order no one, exc ept the authorized user, access to action.

woolter · July 24, 2015, 7:14pm

Grischer, thanks alot for your answers.

Those gave me an idea how i can obtain the goals, and now i have the solution.

Thanks again.

grischer · July 27, 2015, 11:47am

Backslider · July 27, 2015, 6:29pm

You can restrict access in the controller in cases where all the controller actions are restricted, eg.




	public function init()

	{

		if(Yii::$app->user->isGuest) {

			$this->redirect('url');

		}

	}