Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Maxim2016-09-02 11:48:51
Yii
Maxim, 2016-09-02 11:48:51

When is RBAC needed?

For training, I am making a simple website and admin panel (delete a user, delete a record, etc.) using Yii2 advanced.
Only users will be on the site, and only the admin has access to the admin panel.
In the last project, I made a site without an admin panel and checked the user's relationship to the material by its id.
Question 1 : What is bad access through checking by id?
Question 2 :
Now I've been reading about RBAC and I don't understand in what situation it should be applied and what is missing from a simple Access filter?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
M
matperez, 2016-09-02
@KidsBout

RBAC is neither better nor worse, they are complementary methods of authorization. The difference is that in the case of RBAC, you describe each permission explicitly, as opposed to implicitly describing it through the code itself. Roles from RBAC can be specified in the Access Filter.

Similar questions
R
robotcigan2015-05-27 20:19:49
Why doesn't IntelliJ IDEA 14 update css and js files? 1Reply
M
Maxim2017-05-17 20:25:03
Which database to choose for indexing/caching data? 5Reply
M
Maxim Timofeev2016-12-18 21:37:57
How to organize a video broadcast? 2Reply
R
Ruslan Dzh2019-05-16 07:02:59
How to set up sending an email about authorization in yii2 with a specific message text? 1Reply
S
Svetlana Galenko2019-05-16 18:02:58
Why doesn't registration work on a site made on yii? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question