Answer the question
In order to leave comments, you need to log in
E
E
Eugene2018-06-13 14:42:50
Eugene, 2018-06-13 14:42:50
Is it possible to restrict access to a page without using the RBAC bike?
There is an admin. Access to it is limited simply in the module:
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'allow' => true,
'roles' => ['@'],
],
],
],
];
}That is, only users with the authorized role can log into the admin panel. Its OK.
But now I have added a second user to the User database. And it is necessary that 1 user does not have access to the n-th page in the admin panel. And the other saw.
Can this be set up without the hourly RBAC setup, or do you still have to read the documentation and set up roles?
2 answer(s)
@evgen9586
@qonand
M
Maxim, 2018-06-13 @evgen9586
public function behaviors()
{
return [
'access' => [
'class' => \yii\filters\AccessControl::className(),
'rules' => [
// allow authenticated users
[
'allow' => true,
'matchCallback' => function ($rule, $action) {
if (Yii::$app->user->id == 1){
return false;
} else {
return true;
}
}
],
// everything else is denied
],
],
];
}M
Maxim Fedorov, 2018-06-13 @qonand
you can, for example, by setting matchCallback , but is it worth it ...
Similar questions
V
N
D
E
M
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question