Download the PHP package developeruz/yii2-db-rbac without Composer
On this page you can find all versions of the php package developeruz/yii2-db-rbac. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download developeruz/yii2-db-rbac
More information about developeruz/yii2-db-rbac
Files in developeruz/yii2-db-rbac
Package yii2-db-rbac
Short Description Dynamic control of access rights in YII2
License MIT
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package yii2-db-rbac
Dynamic Access Control for Yii2
НА РУССКОМ ТУТ
The easiest way to create access control in Yii2 without changes in the code.
This module allows creating roles and rules for Yii role base access (RBAC) via UI. It also allows assigning roles and rules for user via UI. Behaviour that checks access by the modules rules.
Integrations
| CMS | Module |
|---|---|
| EasyiiCMS | https://github.com/developeruz/easyii-rbac-module |
Feel free to request integration with any CMS/Packages which is written on Yii2
Installation guide
To work correctly, you must configure the module authManager in the application config file (common/config/main.php for advanced app
or config/web.php and config/console for basic app)
Run migration to create DbManager table (it means that a connection to the database is already configured for the application)
Add the module
Include module to the config file (backend/config/main.php for advanced app or config/web.php for basic app)
If you want to setup layout, put it in the following way
If you use CNC, be sure that you have correct routing rules for modules
Adding links
/permit/access/role - manage roles
/permit/access/permission - manage access
Assigning role to a user
The module also has an interface for assigning roles to users.
To work correctly, the module should be specified with User class in the module parameters.
User class should implement developeruz\db_rbac\interfaces\UserRbacInterface.
In most cases, you have to add function getUserName() which should return user's name.
For managing role for user with id=1, visit /permit/user/view/1
The easiest way is to add this as a button in GridView with users list.
You can also assign a role to the user in the code, for example when user has been created.
You also can check if a user has access in code thought can() method in User class
$permissionName - could be a role name or a permission name.
Configure module's Access Control
In the config you can set the list of roles that have access to module functionality.
Behaviour that checks access by the modules rules
By using this behaviour you don't need to write Yii::$app->user->can($permissionName) in each action. Behaviour will check it automatically.
It is also useful for access control with the third party modules.
Configure behaviour
You have to include behaviour to the app config file, if you want to check access automatically.
On EVENT_BEFORE_ACTION behaviour will check access for current user (Yii::$app->user) to the action.
Action is allowed if:
- a user has access to the action (rule: module/controller/action)
- a user has acceess to any action in the controller (rule: module/controller)
- a user has access to any action in the module (rule: module)
Redirection if access denied
By default if a user doesn't have access, behaviour will throw ForbiddenHttpException. Application can handle this exception as needed.
You also can configure login_url where unauthorized user will be redirected, or redirect_url for redirecting a user when access is denied.
Configure default access rules
After connecting behavior, access is available only to authorized users with certain rights.
You can create default access rights in config file in the same way as you do in controller (AccessControl):
In this example any user has access to site/login and site/index and only user with role admin has access to site/about.
The rules described in the configuration take precedence over dynamically configurable rules.
Configure areas of behavior responsibility
By default, the rule is "all is prohibited unless is allowed." If the behavior is supposed to protect only certain routes,
and all others should be accessible for all, please set up protect parameter
In this example, the behavior will check the user's permission to access the page only for paths beginning
with admin,user and site / about. All other routes are available for all (not verified by the behavior).
As you can see in the example, the parameter protect can be combined with rules.
Contributing
Contributions are welcome and will be fully credited. I accept contributions via Pull Requests. Please see CONTRIBUTING for details.
License
The MIT License (MIT). Please see License File for more information.
