rkhe
commented
1 year ago Got this solved using the allowed special key.
Posting the solution below for others who might need it.
On permissions.php,
[ 'role' => '*', 'prefix' => '*', 'extension' => '*', 'plugin' => '*', 'controller' => 'YourController', 'action' => ['index', 'view'], 'allowed' => function ($user, $role, \Cake\Http\ServerRequest $request) { $array_role = explode(',', $role); foreach ($array_role as $item) { if (in_array($item, ['roleA', 'roleB'])) { return true; } } return false; }, ],
The users.role is comma delimited string. Example: "roleA,roleB".
Closing this ticket. Thanks.
Hi,
Is there a way to extend the Simple RBAC plugin? My scenario is that I need a user to allow multiple roles but not a full admin.
Example: The App has multiple non-related modules. Example: an Article module and a Video Catalog module. The user can have an 'Author' role so it can Create, Edit, Update, or Delete an Article, however it can also have a 'Visitor' role so that he can access the Video Catalog module as a View Only access.
I wonder if I can extend the existing Simple RBAC plugin to allow multiple (maybe comma delimited) roles.
Any suggestions?
Thanks.