How to in yii-advanced application RBAC table auth_assignment not define User_id it define user type

yiisoft / yii2

Yii 2: The Fast, Secure and Professional PHP Framework

http://www.yiiframework.com

BSD 3-Clause "New" or "Revised" License

14.24k stars 6.91k forks source link

How to in yii-advanced application RBAC table auth_assignment not define User_id it define user type #7329

Closed rahulsinh closed 9 years ago

rahulsinh commented 9 years ago

@samdark Hii i want to give permission to create,update and delete according to user type for example user type is customer so there are many customer are there so i am not given permission according User_id if user type is customer then he can not create ,update or delete so auth_assignment table define type and use type for permisssion.

samdark commented 9 years ago

There's no need to store type in user table. Your type is a Role in terms of RBAC and permissions are Permission. Hierarchy would be the following:

Customer // Role
  Create // can create
  Update // can update
  Delete // can delete
Admin // Role
  Customer // can do everything Customer can 
  ViewStats // additionally can view stats

Then you're assigning either Customer or Admin to your users using RBAC API.

rahulsinh commented 9 years ago

@samdark how to use yii2-user extension in yii advanced application because there are already signup and login property how to replace with yii2-user extension.

samdark commented 9 years ago

@rahulsinh I don't know. I've never used yii2-user.

rahulsinh commented 9 years ago

@samdark thanks for Your response