I have encountered what appears to be a flaw in the design of our application. I sure could use some help in getting a better understanding of Yii’s user management system and some advice regarding what you all think would be the best way to change our application’s model structure (if necessary).
We’re building an application that has 3 types of users: students (basic users), school administrators (intermediate-level admins) and site administrators (super admins). It’s not just the RBAC/user roles that differentiate the users, though; they also have different attributes.
Initially, when we did our application design, we believed we could have a single User model to manage state persistence, while using SRBAC (great extension, by the way, Spryos!) to manage the different access permissions for the users. In our database, the User table has a lot of columns, many of which are intentionally left null for different user types (e.g. student users have some data that school administrators do not, and vice versa).
However, due to a change in the project’s requirements, it has now become evident that the school administrator users will need to have relationships with other models in our domain (messages and schools) that other types of users do not need and should not have, for security reasons (e.g. student users must not be able to access school administrator messages).
I’m now thinking that it will be necessary to create three new models - one for each type of user, and then build relationships between them and some of the other models individually. But this will require a relatively significant restructuring of the database and application, so I’d like to avoid this if at all possible.
Even though it was a little confusing to me at first, I am now very glad that Yii’s authentication mechanism is decoupled from the modeling of users in a database. It seems that it might be possible to create new models for different types of users without having to make many changes (maybe none, I hope) to the WebUser class I extended from CWebUser.
If anyone had advice for me, I cannot wait to hear it. Thanks in advance!