Yii2 role management with rbac and database storage

Asked 3/7, 2014 at 13:14 Answered 25/4, 2015 at 9:31

I want to learn Yii2 membership and use Yii to store and retrieve roles using a database.

I have read Security Authorization and How to add role to user? and Does Anyone Have A Working Example Of Rbac? and also try using the yii2-admin extension and tried to understand how Yii manages user roles but I can't find any working samples or simple step by step examples.

Please guide me and tell me the simplest solution.

Brigham answered 3/7, 2014 at 13:14 Comment(0)

Implementing a role based access control is a very easy process and you can even load your roles from the database if you want.

Step1: Creating necessary tables in the database [ You can also apply migrations with console command yii migrate instead of step 1 ]

The first step is to create necessary tables in the database.Below is the sql you need to run in the database.

drop table if exists `auth_assignment`;
drop table if exists `auth_item_child`;
drop table if exists `auth_item`;
drop table if exists `auth_rule`;

create table `auth_rule`
(
`name` varchar(64) not null,
`data` text,
`created_at` integer,
`updated_at` integer,
    primary key (`name`)
) engine InnoDB;

create table `auth_item`
(
`name` varchar(64) not null,
`type` integer not null,
`description` text,
`rule_name` varchar(64),
`data` text,
`created_at` integer,
`updated_at` integer,
primary key (`name`),
foreign key (`rule_name`) references `auth_rule` (`name`) on delete set null on update cascade,
key `type` (`type`)
) engine InnoDB;

create table `auth_item_child`
(
`parent` varchar(64) not null,
`child` varchar(64) not null,
primary key (`parent`, `child`),
foreign key (`parent`) references `auth_item` (`name`) on delete cascade on update cascade,
foreign key (`child`) references `auth_item` (`name`) on delete cascade on update cascade
) engine InnoDB;

create table `auth_assignment`
(
`item_name` varchar(64) not null,
`user_id` varchar(64) not null,
`created_at` integer,
primary key (`item_name`, `user_id`),
foreign key (`item_name`) references `auth_item` (`name`) on delete cascade on update cascade
) engine InnoDB;

Step2: Setting up the config file

Now you can set up the config file to use the authmanager as DbManager. This is done by adding the following lines to the components section of your config file

     'authManager' => [
                           'class' => 'yii\rbac\DbManager',
                           'defaultRoles' => ['guest'],
          ],

Step3: Adding and assigning roles.

Now you can add roles by simply writing the following code to your corresponding controller.

    use yii\rbac\DbManager;
    $r=new DbManager;
    $r->init();
    $test = $r->createRole('test');
    $r->add($test);

And you can assign it to the users by

    $r->assign($test, 2);

http://www.yiiframework.com/doc-2.0/guide-security-authorization.html

Cud answered 3/7, 2014 at 14:34 Comment(9)

Thanks Dency, but I have two question: **1.**Is table structure convention based or it's your suggestion?? **2.**Is it possible to config role management (create table, createRole & assign role ) with migration?? – Brigham 5/7, 2014 at 11:43

Please refer to the updated rbac tables at github.com/yiisoft/yii2/blob/master/framework/rbac/migrations – Cud 7/7, 2014 at 7:56

Thanks Dency. All things worked except last step (Step3: Adding and assigning roles) I got error on call save method after createRole method: Calling unknown method: yii\rbac\DbManager::save() – Brigham 8/7, 2014 at 8:14

@b.cyclops..sorry I am using Yii2 alpha version. Please see my updated answer – Cud 8/7, 2014 at 8:52

You may refer to this link for more details.github.com/yiisoft/yii2/blob/master/docs/guide/… – Cud 8/7, 2014 at 8:53

Thanks it's work great and I understand RBAC from your answer. – Brigham 8/7, 2014 at 9:36

Hello, can you explain: need I add foreign key user_id to 'auth_assignment' table? – Spalding 18/8, 2014 at 9:38

and do prefix to each table like tbl_auth_assignment – Spalding 18/8, 2014 at 10:23

The step 1 can be replaced by ./yii migrate --migrationPath=@yii/rbac/migrations/ – Telesis 7/1, 2015 at 18:10

Updated link from official docs: http://www.yiiframework.com/doc-2.0/guide-security-authorization.html

If you are working with database you have to add authmanager to your application components:

return [
// ...
'components' => [
    'authManager' => [
        'class' => 'yii\rbac\DbManager',
    ],
    // ...
],

];

And then execute a migration:

yii migrate --migrationPath=@yii/rbac/migrations

It will create automatically the required tables in your database. Now you can access the AuthManager via

yii migrate --migrationPath=@yii/rbac/migrations

Writ answered 25/4, 2015 at 9:31 Comment(3)

Link only answers are not welcomed on Stack Overflow. It will be better if you include essential part of this article. – Coroneted 25/4, 2015 at 9:59

This answer is much better. – Codding 29/1, 2017 at 3:29

For the basic app it needs to be added to 2 locations then only it will work console.php & web.php – Covalence 23/6, 2020 at 9:11

Recommended topics

Hot tags