Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Maila2017-09-20 20:53:40
Yii
Maila, 2017-09-20 20:53:40

Rbac - how to configure access based on created roles?

In the base of the 3-user (admin (id_1) , content(id_3) and user(id_2 ) which are in 'user', in 'auth_assignment' and in 'auth_item_child' they have the following roles defined: d9c0d23a2948482aa7b6060b717bfb80.jpgthere is 'auth_rule-isAuthor'. It seems that everything logically works - 'user' browsing the blog, admin.site.com/blog/blog/view?id=18 created by the user 'content' does not see the 'update', 'delete' buttons like the others, because he has no rights
d9ca11bc9d6d4063bc1bb1bf3ba7979e.jpg
But if he just goes to the link admin.site.com/blog, he
can easily delete or edit any post.How to set up these roles here? bb699912e7f74395bf2befb5b8f4b246.jpg

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
M
Maxim Fedorov, 2017-09-21
@qonand

it can easily delete or edit any post

1. You need to configure the AccessControl to define access rights to the controller actions
2. Customize the display of buttons in the ActionColumn using the visibleButtons property

Similar questions
N
nSnayp2014-07-03 17:36:25
What to use for IOS Android development? 4Reply
S
Sergey Bard2018-08-28 10:06:33
How to make a table in yii2? 1Reply
A
Alexander Ampleev2018-08-28 12:22:47
Why doesn't jquery DataTables example work (fixed headers in table)? 2Reply
A
Andrey Enkin2016-04-05 02:26:32
Yii2 how to make pagination for grouped rows? 1Reply
G
Gorelov2018-08-30 21:45:43
When does the controller call occur? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question