Yii2-admin role-based aceess control(RBAC)

sherin_jose_yii · August 4, 2016, 5:39am

I am using yii2-admin for role-based access control. In this module, we need to check the access in each action like


if (\Yii::$app->user->can('createPost')) {

   // create post

}

or like


public function behaviors()

{

    return [

        'access' => [

            'class' => AccessControl::className(),

            'rules' => [

                [

                    'allow' => true,

                    'actions' => ['create'],

                    'roles' => ['createPost'],

                ],

            ]

        ]

    ];

}

But in yii-1 the rights module provides an option to check the access control by extending a controller (RController). Do we have such an option in yii2-admin ?

softark · August 4, 2016, 11:39am

[color="#006400"]/* Moved from "General Discussions" to "Extensions" */[/color]

The extension doesn’t provide an extended Controller like “RController”.

But it does provide an extended AccessControl filter, which is a very convenient component. It uses "route" permissions in the RBAC hierarchy to check access to controllers/actions, which works almost the same as yii-rights does for Yii 1.x.