How to properly use RBAC with different models?

B

bezdealnick2020-05-09 19:57:00

Yii

bezdealnick, 2020-05-09 19:57:00

Good day! There is a project, the advanced template is used. In the backend, authorization goes through the employee table, in the frontend, authorization goes through customers. Let's say now I'm making RBAC based on employee and making manager and admin roles there. But, if the customer wants to add roles to clients, how can you get out of this situation?
I have been using Yii recently (about six months) and have not worked with rbac before, but if I understood correctly from the documentation, then out of the box it is impossible to organize the storage of a role in each of the tables, for example, in employee - role = admin || manager. There, or stored in files, or in the database. Help me figure it out, rbac is driving me straight into a stupor.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

B

Boris Korobkov, 2020-05-09
@bezdealnick

Users - user table.
RBAC storage - PHP or DB, but in their own tables (not customers or employees)
Permissions - for each entity for create, view, edit, delete.
Roles - admin, manager, customer (these are not tables, just names)
User-Role - can be matched with hardcode. Or assign all roles to all users in default roles, but for each role make a rule that returns true/false after checking against your customers or employee tables)