Reputation: 21
I am trying to apply simple hierarchial user structure(for ex: super-admin,admin,user) in my Yii web app. Can I do it by using Yii's default AccessControl or is it required to implement in Rbac.
Upvotes: 2
Views: 1334
Reputation: 36899
You can do this by using Yii's default Access Control.
What I normally do when I do not use RBAC is create a field in the ACL User database that contains values eg. Admin, Super Admin etc and then once logged in I assign it to the Yii::app()-user session variable in componetnst/UserIdentity.php "Notice $this->setState('accessCode',$user->accessCode);
"
class UserIdentity extends CUserIdentity
{
private $_id;
public function authenticate()
{
$username=strtolower($this->username);
$user=Users::model()->find('LOWER(userName)=?',array($username));
if($user===null)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if(!$user->validatePassword($this->password))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
$this->_id=$user->u_id;
$this->username=$user->userName;
$this->setState('accessCode',$user->accessCode);
$this->setState('userName',$this->username);
$this->setState('id',$this->_id);
$this->setState('accessCode',$user->accessCode);
$this->errorCode=self::ERROR_NONE;
}
return $this->errorCode==self::ERROR_NONE;
}
public function getId(){
return $this->_id;
}
}
No in my controllers I have something like
public function accessRules()
{
return array(
array('allow',
'actions'=>array('admin'),
'expression'=>'Yii::app()->user->accessCode & 8',
),
array('allow',
'actions'=>array('create','update'),
'expression'=>'Yii::app()->user->accessCode & 1',
),
array('allow',
'actions'=>array('view'),
'expression'=>'Yii::app()->user->accessCode & 4',
),
array('allow',
'actions'=>array('delete'),
'expression'=>'Yii::app()->user->accessCode & 2',
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
Notice the expression works like a if statement
I hope this helps
Upvotes: 6