yii2-rbac-plus

Yii Framework Extensions

Createnew extension

Popular Tags

yii2-rbac-plus Database role base access control manager for yii2

yii2-rbac-plus ¶

Features
Installation
Usage

Database role base access control manager for yii2

Features ¶

CRUD operations for roles, permissions and rules
Allows to assign multiple roles to user
Nice views to intergrate right away
Integrated with Yii2-user-plus (flexible user management module)

Yii2 RBAC manager

Installation ¶

The preferred way to install this extension is through composer.

Either run

php composer.phar require --prefer-dist johnitvn/yii2-rbac-plus "*"

or add

"johnitvn/yii2-rbac-plus": "*"

to the require section of your composer.json file.

Usage ¶

Let 's add into modules config in your main config file

'components' => [
    'authManager' => [
        'class' => 'yii\rbac\DbManager',
    ],
],
'modules' => [
    'rbac' =>  [
        'class' => 'johnitvn\rbacplus\Module'
    ]       
]

Next, update the database schema

$ php yii migrate/up --migrationPath=@yii/rbac/migrations

Ok. That's done. Avaiable route now:

/rbac/rule
/rbac/permission
/rbac/role
/rbac/assignment

The module configuration avaible:

'modules' => [
    'rbac' =>  [
        'class' => 'johnitvn\rbacplus\Module',
        'userModelClassName'=>null,
        'userModelIdField'=>'id',
        'userModelLoginField'=>'username',
        'userModelLoginFieldLabel'=>null,
        'userModelExtraDataColumls'=>null,
        'beforeCreateController'=>null,
        'beforeAction'=>null
    ]       
]

userModelClassName: The user model class.
If you not set or set null, RBAC Plus will be get from Yii::$app->getUser()->identityClass
userModelIdField: The user model id field.
Default id field is 'id', you must set this config if primary key of user table in database is not 'id'
userModelLoginField The user model login field.
Default login field is 'username'. Maybe you use email field or something other for login. So you must change this config
userModelLoginFieldLabel The user model login field label.
If you set null the label will get from $userModelClass->attributeLabels()[$userModelLoginField]
userModelExtraDataColumls The extra data columns you want to show in user assign views.
The default in assignment data gridview just display id and login column data. if you want to add created_at column you can add

'userModelExtraDataColumls'=>[
    [
        'attributes'=>'created_at',
        'value'=>function($model){
            return date('m/d/Y', $model->created_at);
        }
    ]
]

beforeCreateController The callable before create all controller of Rbac Plus module. The default it is null. You need config this when you want to restrict access to Rbac Plus module.
Example:

'beforeCreateController'=>function($route){
    /**
    *@var string $route The route consisting of module, controller and action IDs.
    */    
}

beforeActionThe callable before action of all controller in Rbac Plus module.
The default it is null. You need config this when you want to restrict access to any action in some controller of Rbac Plus module
Example:

'beforeAction'=>function($action){
    /**
    *@var yii\base\Action $action the action to be executed.
    */    
}

1 0

10 followers

0 downloads

Yii Version: 2.0

License: Apache-2.0

Category: Auth

Tags: authentication, rbac

Developed by: John Martin

Created on: Jul 23, 2015

Last updated: 9 years ago

Related Extensions

User Contributed Notes 6

#19775

0 0

examples exist?

Hi John, great job.
are there some example for try?

Edit: I copy controller && views from rbac-plus/src/ to my controllers and this run very good.

alexmetola at Feb 12, 2016, 2:54:21 PM

#19799

0 0

Bug in ModalRemote.js ?

Hi John,
Many thanks for this Extension. I integrated it in my application
and i was wondering about the non-functionality by deleting roles and permissions.
It shows a jquery-error in the console of the browser-developer-tools
"uncaught exception: cant get selector for pjax container!"
I fixed it by editing the "ModalRemote.js" in line ~ 214
~~~
[javascript]
function successRemoteResponse(response)

    // Reload datatable if response contain forceReload field
    if (response.forceReload !== undefined && response.forceReload) {
        if (response.forceReload == 'true') {
            // Backwards compatible reload of fixed crud-datatable-pjax
            $.pjax.reload({container: '#crud-datatable-pjax'});
        } else {

// $.pjax.reload({container: response.forceReload}); //comment out

            $.pjax.reload({container: '#crud-datatable-pjax'}); // new line
        }
    }

...
~~~
The condition for response.forceReload is now obsolete.
Perhaps you can fix it in your code.

Greetings
Frank

Frank Segelke at Mar 11, 2016, 10:32:38 AM

#19890

0 0

Provide Examples

Please provide examples, how to use? Can I get any step by step tutorial ?

Rajith R at Jun 22, 2016, 12:01:38 PM

#19903

0 0

Routes

I don't see any method in this for role restricting or allowing access to specific routes

This is a key part of any rbac usage.

Is this possible or will have to extend or write a separate module for this.

PaulD at Jul 4, 2016, 5:37:11 PM

#20142

1 0

ABANDONED

This project has been abandoned by its owner so I encourage don't use it anymore.

Néstor Acevedo at Nov 7, 2017, 11:46:58 PM

#21013

0 0

I have forked it and support it. I have added AccessFilters to the code.

dmk-design/yii2-rbac-plus

amk79 at Feb 11, 2022, 5:33:00 PM

Categories