common/config/main.php
Код: Выделить всё
'authManager' => [
'class' => 'yii\rbac\PhpManager',
"assignmentFile" => '@common/rbac/assignments.php',
"itemFile" => '@common/rbac/items.php',
"ruleFile" => '@common/rbac/rules.php',
'defaultRoles' => ['user', 'manager', 'analyst'],
],
Код: Выделить всё
public function actionInit()
{
$auth = Yii::$app->authManager;
$auth->removeAll();
$userRule = new UserGroupRule;
$auth->add($userRule);
$user = $auth->createRole(User::ROLE_USER);
$user->ruleName = $userRule->name;
$auth->add($user);
$analyst = $auth->createRole(User::ROLE_ANALYST);
$analyst->ruleName = $userRule->name;
$auth->add($analyst);
$auth->addChild($analyst, $user);
$manager = $auth->createRole(User::ROLE_MANAGER);
$manager->ruleName = $userRule->name;
$auth->add($manager);
$auth->addChild($manager, $user);
// add the rule accessOwn
$ownRuleAccess = new OwnModelRule();
$auth->add($ownRuleAccess);
$accessOwn = $auth->createPermission('ownModelRule');
$accessOwn->ruleName = $ownRuleAccess->name;
$auth->add($accessOwn);
$auth->addChild($user, $accessOwn);
Console::output('Success! RBAC roles has been added.');
}
Код: Выделить всё
public $name = 'ownModelRule';
public function execute($user, $item, $params)
{
return true;
}
Код: Выделить всё
Yii::$app->user->can('ownModelRule')
а вот для роли ANALYST - false
Хотя и ANALYST и MANAGER одинаково имею те же права, что и USER