Browse Source

Basic information about RBAC

tags/2.0.0-beta
Vincent 11 years ago
parent
commit
5b785bf778
  1. 141
      docs/guide/rbac.md

141
docs/guide/rbac.md

@ -1,43 +1,122 @@
What is Yii Using RBAC
=========== ===========
Yii is a high-performance, component-based PHP framework for rapidly developing large-scale Web applications. Yii enables maximum reusability in Web Lacking proper documentation, this guide is a stub copied from a topic on the forum.
programming and can significantly accelerate your Web application development
process. The name Yii (pronounced `Yee` or `[ji:]`) is an acronym for
**Yes It Is!**.
Requirements First af all, you modify your config (web.php or main.php),
------------ ```php
'authManager' => [
'class' => 'app\components\PhpManager', // THIS IS YOUR AUTH MANAGER
'defaultRoles' => ['guest'],
],
```
To run a Yii-powered Web application, you need a Web server that supports Next, create the manager itself (app/components/PhpManager.php)
PHP 5.4.0 or greater. ```php
<?php
namespace app\components;
For developers who want to use Yii, understanding object-oriented use Yii;
programming (OOP) is very helpful, because Yii is a pure OOP framework.
Yii 2.0 also makes use of the latest features of PHP such as [namespaces](http://www.php.net/manual/en/language.namespaces.php)
so you should be familiar with how they work.
class PhpManager extends \yii\rbac\PhpManager
{
public function init()
{
if ($this->authFile === NULL)
$this->authFile = Yii::getAlias('@app/data/rbac') . '.php'; // HERE GOES YOUR RBAC TREE FILE
What is Yii Best for? parent::init();
---------------------
Yii is a generic Web programming framework that can be used for developing if (!Yii::$app->user->isGuest) {
virtually any type of Web application. Because it is light-weight and $this->assign(Yii::$app->user->identity->id, Yii::$app->user->identity->role); // we suppose that user's role is stored in identity
equipped with sophisticated caching mechanisms, it is especially suited }
to high-traffic applications, such as portals, forums, content }
management systems (CMS), e-commerce projects, etc. }
```
Now, the rules tree (@app/data/rbac.php):
```php
<?php
use yii\rbac\Item;
How does Yii Compare with Other Frameworks? return [
------------------------------------------- // HERE ARE YOUR MANAGEMENT TASKS
'manageThing0' => ['type' => Item::TYPE_OPERATION, 'description' => '...', 'bizRule' => NULL, 'data' => NULL],
'manageThing1' => ['type' => Item::TYPE_OPERATION, 'description' => '...', 'bizRule' => NULL, 'data' => NULL],
'manageThing2' => ['type' => Item::TYPE_OPERATION, 'description' => '...', 'bizRule' => NULL, 'data' => NULL],
'manageThing2' => ['type' => Item::TYPE_OPERATION, 'description' => '...', 'bizRule' => NULL, 'data' => NULL],
- Like most PHP frameworks, Yii is uses the MVC (Model-View-Controller) design approach. // AND THE ROLES
- Yii is a fullstack framework providing many solutions and components, such as logging, session management, caching etc. 'guest' => [
- Yii strikes a good balance between simplicity and features. 'type' => Item::TYPE_ROLE,
- Syntax and overall development usability are taken seriously by the Yii development team. 'description' => 'Guest',
- Performance is one of the key goals for the Yii framework. 'bizRule' => NULL,
- The Yii development team is constantly watching what other Web frameworks are doing to see what best practices and 'data' => NULL
features should be incorporated into Yii. The initial Yii release was heavily influenced by Ruby on Rails. ],
Still, no framework or feature is being blindly copied into Yii; all decisions are based upon what's best
for Web developers and in keeping with Yii's philosophy. 'user' => [
'type' => Item::TYPE_ROLE,
'description' => 'User',
'children' => [
'guest',
'manageThing0', // User can edit thing0
],
'bizRule' => 'return !Yii::$app->user->isGuest;',
'data' => NULL
],
'moderator' => [
'type' => Item::TYPE_ROLE,
'description' => 'Moderator',
'children' => [
'user', // Can manage all that user can
'manageThing1', // and also thing1
],
'bizRule' => NULL,
'data' => NULL
],
'admin' => [
'type' => Item::TYPE_ROLE,
'description' => 'Admin',
'children' => [
'moderator', // can do all the stuff that moderator can
'manageThing2', // and also manage thing2
],
'bizRule' => NULL,
'data' => NULL
],
'godmode' => [
'type' => Item::TYPE_ROLE,
'description' => 'Super admin',
'children' => [
'admin', // can do all that admin can
'manageThing3', // and also thing3
],
'bizRule' => NULL,
'data' => NULL
],
];
```
As a result, you can now add access control filters to controllers
```php
public function behaviors()
{
return [
'access' => [
'class' => 'yii\web\AccessControl',
'except' => ['something'],
'rules' => [
[
'allow' => true,
'roles' => ['manageThing1'],
],
],
],
];
}
```

Loading…
Cancel
Save