Answer the question
In order to leave comments, you need to log in
Rbac yii2 what is the difference between permission and role?
Can anyone explain on the fingers how the role differs from permission in rbac? No matter how much I tried to understand, I still didn't understand. Well, for example, we created three Admin Manager User roles, made AdminPanel permissions and tied it to Admin and User, and then in AccessControl we specified access for the admin panel (or for the entire admin panel) But why not just specify access for these roles in AccessControl and that's it ?
Answer the question
In order to leave comments, you need to log in
Permissions are what the user can do: view the admin panel, edit posts, delete users, and so on.
In order not to assign the same permissions to different users each time, they are tied to roles. Then this role is assigned to the user either immediately upon registration, or by the administrator.
When you assign the role "Administrator" to any user, all the permissions of this role become available to him. Roles can also be inherited. The admin can inherit the user role and additional permissions.
If you add a new system permission, you simply assign that permission to the required role. And this permission becomes available to all users of this role. If there were no roles, the permission would have to be assigned to all users.
In small projects, you can get by with roles without permissions.
It is quite clearly described in Wikipedia .
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question