Answer the question
In order to leave comments, you need to log in
Organization of RBAC roles?
I'm trying to figure it out and at the same time fasten rbac and a question arose.
Several user roles are planned: admin, moderator, user, it is quite possible that there will be others. The problem arose in the fact that there are still banned and unconfirmed (not confirmed email). Do these users need roles? Or it can be organized somehow through the status of the user himself.
By and large, banned / unconfirmed have no rights to anything, only guest rights and to the login action, which will give an error that you are banned or confirm your email
Answer the question
In order to leave comments, you need to log in
make roles "ban", "confirmedUser" and distribute. This is more convenient than a separate status, because access control is all through rbac and there is no need to make additional bikes.
Good afternoon.
Here are two articles about RBAC . The first article just considers the option with three roles - admin, moderator and user.
For unconfirmed, I think you can focus on the status, as well as for blocked ones. If the status is not "active", then they will not be able to log in under their accounts and, accordingly, will not be able to get into the closed sections of the site.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question