Can I make AccessControl access rights for different roles in the config for all controllers?

A

AlexAll2019-02-22 10:49:39

Yii

AlexAll, 2019-02-22 10:49:39

I found such a way as in the config to restrict all roles except the admin access to the admin panel

'as access' => [
        'class' => 'yii\filters\AccessControl',
        'except' => ['site/login', 'site/error'],
        'rules' => [
            [
                'allow' => true,
                'roles' => ['admin'],
            ],
        ],
    ],

I thought, how can I do it right there to specify the access role for each controller in the admin panel? that not in each controller to register access?
I tried that but it doesn't work

'as access' => [
        'class' => 'yii\filters\AccessControl',
        'rules' => [
            [
                 'actions' => ['site/login', 'site/error'],
                'allow' => true,
                'roles' => ['admin'],
            ],
                        [
                 'actions' => ['user/index', 'user/view'],
                'allow' => true,
                'roles' => ['moderator'],
            ],
        ],
    ],

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

M

Maxim, 2019-02-22
@AlexAll

See how RBAC is implemented and use it. Pushing all this into one config is not the best option, in my opinion. I would make my own access filter and hang it globally on all requests in the config. How RBAC does it. And why do you need a bike. use it)