Answer the question
In order to leave comments, you need to log in
N
N
nepster-web2013-12-28 04:51:47
nepster-web, 2013-12-28 04:51:47
How to beautifully design permission check in Yii?
I understand the rules, created everything, did it, everything works. The design question remains how to shape this case beautifully?
For example, there is a rule for news (news operation that allows you to delete, edit and add) and each rule separately.
Yii::app()->user->checkAccess('news') // Добавить, редактировать, удалить
Yii::app()->user->checkAccess('news:add') // Добавить
Yii::app()->user->checkAccess('news:edit') // редактировать
Yii::app()->user->checkAccess('news:delete') // удалитьPlease tell me how it will be correct (more beautiful) to draw up this case:
I see only this option:
$ryle_news = Yii::app()->user->checkAccess('news');
$ryle_news.add = Yii::app()->user->checkAccess('news:add');
if(!$ryle_news || $ryle_news.add)
{
// У Вас нет прав для добавления новости
} 4 answer(s)
@nepster-web
@mihailkog
_
_ _, 2013-12-28 @nepster-web
I don't think you understand what you are doing.
If you have a separate rule in AuthManager for each action, then why do you need a general rule?
You just need to check Yii::app()->user->checkAccess('news:add'), why do you need to check Yii::app()->user->checkAccess('news') and why do you even need it?
If you want to give all privileges at once - let's automatically access all operations.
M
mihailkog, 2014-01-23 @mihailkog
I would suggest using to implement RBAC (role based access control) in Yii, for example, here is a solution .
Similar questions
A
K
M
V
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question