Yii2. Access control by roles. How can I add 'OR' condition?
Question
I have a controller with the following access restriction:
'access' => [
'class' => AccessControl::className(),
'only' => ['index', 'view', 'create', 'update', 'delete'],
'rules' => [
[
'actions' => ['index', 'view'],
'allow' => true,
'roles' => [RbacComponent::VIEW_EXPENSES_ACCOUNTS_KEY],
],
[
'actions' => ['create'],
'allow' => true,
'roles' => [RbacComponent::CREATE_EXPENSES_ACCOUNTS_KEY],
],
[
'actions' => ['update'],
'allow' => true,
'roles' => [RbacComponent::EDIT_EXPENSES_ACCOUNTS_KEY],
],
[
'actions' => ['delete'],
'allow' => true,
'roles' => [RbacComponent::DELETE_EXPENSES_ACCOUNTS_KEY],
],
],
],
How can I add ' OR ' \\Yii::$app->user->identity->isOwner() to all that rules?
I tried to use this variant:
[
'actions' => ['index', 'view'],
'allow' => true,
'roles' => [RbacComponent::VIEW_EXPENSES_ACCOUNTS_KEY],
'matchCallback' => function ($rule, $action) {
return \Yii::$app->user->identity->isOwner();
}
],
But, in this case, it will be ' AND ' and won't work.
I think this variant will work:
'rules' => [
[
'actions' => ['index', 'view', 'create', 'update', 'delete'],
'allow' => true,
'roles' => ['@'],
'matchCallback' => function ($rule, $action) {
if ($action == 'index') {
if (\Yii::$app->user->identity->isOwner() || \Yii::$app->user->can(RbacComponent::VIEW_EXPENSES_ACCOUNTS_KEY)) {
return true;
}
}
... other actions
}
],
But maybe there is better and simpler way?
2 answers
solution1
1 ACCPTED 2017-09-15 06:58:27
You could simply add a rule with your callback :
'rules' => [
[
'actions' => ['index', 'view'],
'allow' => true,
'roles' => [RbacComponent::VIEW_EXPENSES_ACCOUNTS_KEY],
],
[
'actions' => ['create'],
'allow' => true,
'roles' => [RbacComponent::CREATE_EXPENSES_ACCOUNTS_KEY],
],
[
'actions' => ['update'],
'allow' => true,
'roles' => [RbacComponent::EDIT_EXPENSES_ACCOUNTS_KEY],
],
[
'actions' => ['delete'],
'allow' => true,
'roles' => [RbacComponent::DELETE_EXPENSES_ACCOUNTS_KEY],
],
[
'actions' => ['index', 'view', 'create', 'update', 'delete'],
'allow' => true,
'matchCallback' => function ($rule, $action) {
return \Yii::$app->user->identity->isOwner();
},
],
],
solution2
0 2017-09-14 20:44:33
This should work
[
'allow' => true,
'roles' => ['owner'],
],
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
yii2. query with like condition
How can I set access roles according to users ranks in YII 1.7x
Yii2. How to handle a checkbox array
Yii2. Session and Forms
Yii2. Models related
How can I make Access to folders in Yii?
Yii2. Widgets and Actions
Yii2. Pjax and Session
How to make roles in yii
YII, MS Access how can i use it together?
Related Tags