Where does the definition of authentication rules go?


Is there any place in particular where AuthManager rules should be defined? I mean where do I put createRole(…) calls etc.?

Thanks in adv.

AFAIK, these creating rules codes only run ONCE in the life time. So you may just put it anywhere. Be sure it will be run. And remember to delete the code after it has update to database(if you use CDBAuthManager).

I never manually create the rules though. I usually use SRbac to do these things.

I create a yii command for my Auth Management systems, SRBac seems to over complicate in my opinion. I have about 200 auth items, 9 roles, and about 1500 users.

  class GenerateAuthCommand extends CConsoleCommand


    public function run($args)


      // delete old auth file if it exists (IF USING PHP AUTH)


      $auth = Yii::app()->authManager;

      // add roles here




then when you are ready to generate your Auth data, navigate to your protected folder and run

(Linux: verify file has execute permissions)

./yiic generateauth

Thanks :)

Question for DarkNSF – How do I “create a yii command”? That is, where do I place the class you shared in order for it to become a “yii command” so I can run ./yiic generateauth as you mentioned? Pardon me, I’ve very new at this.

thanks very much!

Take a look here.