Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Maila2017-09-20 20:53:40
Yii
Maila, 2017-09-20 20:53:40

Rbac - how to configure access based on created roles?

In the base of the 3-user (admin (id_1) , content(id_3) and user(id_2 ) which are in 'user', in 'auth_assignment' and in 'auth_item_child' they have the following roles defined: d9c0d23a2948482aa7b6060b717bfb80.jpgthere is 'auth_rule-isAuthor'. It seems that everything logically works - 'user' browsing the blog, admin.site.com/blog/blog/view?id=18 created by the user 'content' does not see the 'update', 'delete' buttons like the others, because he has no rights
d9ca11bc9d6d4063bc1bb1bf3ba7979e.jpg
But if he just goes to the link admin.site.com/blog, he
can easily delete or edit any post.How to set up these roles here? bb699912e7f74395bf2befb5b8f4b246.jpg

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
M
Maxim Fedorov, 2017-09-21
@qonand

it can easily delete or edit any post

1. You need to configure the AccessControl to define access rights to the controller actions
2. Customize the display of buttons in the ActionColumn using the visibleButtons property

Similar questions
S
Sergey2015-08-08 13:47:13
Why is the controller not seeing form data in yii2? 1Reply
A
ArtJH2019-12-13 11:35:35
How to enable mod_rewrite in xampp? 1Reply
D
des1roer2017-07-16 18:13:57
Git local config? 2Reply
S
Sharov Dmitry2015-08-11 13:21:44
Upgrading a large Yii2 site? 3Reply
C
ColdSpirit2015-08-12 14:26:42
How does the MVC controller work? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question