How to create access restriction for an action in yii2.0

Asked

Viewed 491 times

0

I need the client user to just view the posts records of my system. I would like to know how to restrict the actions on the screen for the client user, so that this user can only view the records, and not appear to him the buttons to change, delete and register. The admin user who will have full access to the system.

php yii

1 answer

1


Yii2 has Access Control support. They are:

They are best explained in documentation. But in short:

AccessControl, you will use in a project that:

  • does not have many controllers/actions;
  • there won’t be many permissions changes for users and roles* are well defined;
  • will not be created/edited very often.

This is because you will have to, in each controller, define which actions each role* can perform.

The Dbmanager class (which uses the concept RBAC), creates the tables where will be stored all this information of what permission or role* each user has.

If this idea of going into each controller and making the changes is not feasible for your project, I would recommend taking a look in that library.

*: name given to the role/profession/position you assign to users, ex: administrator, editor, etc

  • Interesting I’m studying more about RBAC, thank you!

Browser other questions tagged php yii

You are not signed in. Login or sign up in order to post.