Yii2 RBAC how to exclude some rights of a child role?

V

v0lume2016-01-29 07:50:59

Yii

v0lume, 2016-01-29 07:50:59

Greetings!
There are two roles, user and guest.
The guest has access to the login page, let's call this item "login".
Guest is a child role of User, i.e. everything that a guest can do, a user can do.
Now the question is - how to exclude access from the user to the authorization page?
Interested in true-way.
I see options - checking the role in bizrule / checking the role in the action itself. Am I missing something or are there other options?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

D

Dmitry Bay, 2016-01-29
@kawabanga

why do you need a role in this case?
check against Yii::$app->user->isGuest Returns whether the user is logged in.

N

Nikita, 2016-01-29
@bitver

No way, if you started making a white list, then continue it, i.e. in your case it is necessary to exclude inheritance. Otherwise, the mixture of black list and white list will be very scary both in implementation and in understanding.

D

dimabdc, 2016-01-29
@dimabdc

You can only use a crutch.
You have a mistake in inheriting rights, inheritance should be in ascending order of basic powers, i.e. guest->user->moderator->admin.