Yii2rbac needs to verify whether the user has the permission to control the controller and Action each time a method is used? How can I configure it if it is configured? Yii2 rbac needs to verify whether the user has the permission to control the controller and Action each time a method is used? How can I configure it if it is configured?
Reply content:
Yii2 rbac needs to verify whether the user has the permission to control the controller and Action each time a method is used? How can I configure it if it is configured?
Yii \ filters \ AccessRule: matchCalllback. Pay attention to the passed parameters $ rule, $ action
[ 'actions' => ['special-callback'], 'allow' => true, 'matchCallback' => function ($rule, $action) { # write arbitrary access check logic # permission = (rule [xxoo] action) # return user->can(permission); }]
Or use the following method, see yii2-admin
return [ 'components' => [ 'authManager' => [ 'class' => 'yii\rbac\PhpManager', // or use 'yii\rbac\DbManager' ] ], 'as access' => [ 'class' => 'mdm\admin\components\AccessControl', ],];
AccessControl supports role configuration
For example:
[ 'actions' => ['edit'], 'allow' => true, 'roles' => ['@', 'author'],],