T
T
Travious2016-08-11 07:38:32
Yii
Travious, 2016-08-11 07:38:32

Authorization form in Yii2: how to implement a model? Is it ok to have 2 ActiveRecord models per 1 table?

There is: a MySQL database, there is a user table in it, so far it has a minimum of fields: id, username, password, perms (these are some privileges - rights), authKey and accessToken.
Required:
1) Make an entry form so that the user is taken from that table.
2) At the administrator, make a grid with CRUD, to edit the same table: add users, delete, etc.
Registration will NOT be, ie. all manually admin add.
So, with the help of Gii, I created the User ActiveRecord model for this very table. Everything is OK here.
Then inherited the User model from IdentityInterface. Also OK.
Then for this User generated a login form.
And for the same User generated CRUD.
And here are the problems.
perms field.
How to remove it from the login form but leave it in CRUD? After all, in CRUD this field should be required, while during authorization it should not be at all.
The solution is obvious: in the views, remove unnecessary inputs and fix the rest. But somehow I don't like it.
What do you think, will it be ok?
Or is it better to come up with something, add a layer somewhere, say, make a LoginForm model for the login form, and already refer to User in it , but from CRUD directly to User?
Or is there a layer for CRUD too?
Or just make 2 ActiveRecord models per 1 table?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
M
Maxim Fedorov, 2016-08-11
@qonand

Of course, this problem can also be solved with the help of Active Record using scripts and safe attributes.
But as for me, this is not entirely correct from an architectural point of view, because:
1. We get a strong connection between authorization and AR users - and this is not good
2. We pile up AR users with redundant code, which in itself will complicate the understanding of the code.
And given the fact that the system can expand in the future, these two factors will greatly affect support, because. when the code is highly coupled and heaped up it is very difficult to work with.
It is more correct, in my opinion, to take out authorization and all the logic associated with it in a separate model inherited from \yii\base\Model, which will already use AR User in its work

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question