Answer the question
In order to leave comments, you need to log in
S
S
sha-man2018-07-10 08:06:12
sha-man, 2018-07-10 08:06:12
Yii2. RBAC. How can a user with a role deny a certain permission?
There is a user role, it includes the author role.
The author role has permissions: createPost, updatePost, deletePost.
There is a user - user1. He is assigned the user role. It turns out that he has createPost, updatePost, deletePost permissions.
How for this particular user to deny one of the permissions, for example, deletePost?
3 answer(s)
@qonand
@agerasimov
@webinar
M
Maxim Fedorov, 2018-07-10 @qonand
You just need to write a rule that will determine whether an action is allowed for a particular user or not, and connect it to permission
A
Alexander Gerasimov, 2018-07-10 @agerasimov
sha-man at you the user can have some roles? The chain of roles is not inherited one after another, each role is independent and a user can have several roles. For example, CreaterPost, UpdaterPost - judging by the task you need to separate, then you will get a more flexible system.
M
Maxim Timofeev, 2018-07-10 @webinar
1. user can have more than 1 role
2. user can have not only roles but also permissions
Similar questions
Y
T
A
R
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question