claudejanz/yii2-context-access-filter

This shows how to implement Context and Access Filter for Yii2 framework

Maintainers

Details

github.com/claudejanz/yii2-context-access-filter

Source

Issues

Installs: 297

Dependents: 0

Suggesters: 0

Security: 0

Stars: 4

Watchers: 1

Forks: 0

Open Issues: 0

0.0.1 2014-11-26 12:42 UTC

Requires

BSD-4-Clause 6bd84f0e4274c7ed6df93407185e2cb2f4c7c0c7

  • Claude Janz <claudejanz.woop@gmail.com>

This package is auto-updated.

Last update: 2024-04-11 17:14:39 UTC

README

Latest Stable Version Total Downloads Latest Unstable Version License

This shows how to implement Context and Access Filter for Yii2 framework

Installation

The preferred way to install this extension is through composer.

Either run

$ php composer.phar require "claudejanz/yii2-context-access-filter": "dev-master"

or add

"claudejanz/yii2-context-access-filter": "dev-master"

to the require section of your composer.json file.

install rbac as in doc Role based access control (RBAC)

Usage

###in RbacController

class RbacController extends Controller {
    public function actionIndex() {
        $auth = Yii::$app->authManager;

        $auth->removeAll();

        // add "view" permission
        $view = $auth->createPermission('view');
        $view->description = 'view';
        $auth->add($view);

        // add "create" permission
        $create = $auth->createPermission('create');
        $create->description = 'create';
        $auth->add($create);

        // add the rule
        $rule = new \claudejanz\contextAccessFilter\rules\OwnRule();
        $auth->add($rule);
        
        // add "update" permission
        $update = $auth->createPermission('update');
        $update->description = 'update';
        $auth->add($update);

        // add the "updateOwn" permission and associate the rule with it.
        $updateOwn = $auth->createPermission('updateOwn');
        $updateOwn->description = 'update own';
        $updateOwn->ruleName = $rule->name;
        $auth->add($updateOwn);

        // make "updateOwn" child from "update"
        $auth->addChild($update,$updateOwn);
        
        // add "delete" permission
        $delete = $auth->createPermission('delete');
        $delete->description = 'delete';
        $auth->add($delete);
        
        // add the "deleteOwn" permission and associate the rule with it.
        $deleteOwn = $auth->createPermission('deleteOwn');
        $deleteOwn->description = 'delete own';
        $deleteOwn->ruleName = $rule->name;
        $auth->add($deleteOwn);

        // make "deleteOwn" child from "delete"
        $auth->addChild($delete,$deleteOwn);
        
        


        // add "reader" role and give this role the "view" permission
        $reader = $auth->createRole('reader');
        $auth->add($reader);
        $auth->addChild($reader, $view);

        // add "moderator" role and give this role the "create" permission
        // as well as the permissions of the "updateOwn" and "deleteOwn" role
        // and the permissions of the "reader" role
        $moderator = $auth->createRole('moderator');
        $auth->add($moderator);
        $auth->addChild($moderator, $create);
        $auth->addChild($moderator, $updateOwn);
        $auth->addChild($moderator, $deleteOwn);
        $auth->addChild($moderator, $reader);

        // add "admin" role and give this role the "update" and "delete" permission
        // as well as the permissions of the "moderator" role
        $admin = $auth->createRole('admin');
        $auth->add($admin);
        $auth->addChild($admin, $update);
        $auth->addChild($admin, $delete);
        $auth->addChild($admin, $moderator);

        // Assign roles to users. 1, 2 and 3 are IDs returned by IdentityInterface::getId()
        // usually implemented in your User model.
        $auth->assign($admin, 1);
        $auth->assign($moderator, 2);
        $auth->assign($normal, 3);
    }

}

###in controller

    public function behaviors() {
        return [
            'context' =>[
                'class' => \claudejanz\contextAccessFilter\filters\ContextFilter::className(),
                'only' => ['update','delete'],
                // model to load
                'modelName' => Vin::className(),
                
            ],
            'access' => [
                'class' => \claudejanz\contextAccessFilter\filters\AccessControl::className(),
                'only' => ['create', 'update','delete'],
                'rules' => [
                    [
                        'allow' => true,
                        'actions' => ['create'],
                        'roles' => ['create'],
                    ],
                    [
                        'allow' => true,
                        'actions' => ['update'],
                        'roles' => ['update'],
                    ],
                    [
                        'allow' => true,
                        'actions' => ['delete'],
                        'roles' => ['delete'],
                    ],
                ],
            ],
            'verbs' => [
                'class' => \yii\filters\VerbFilter::className(),
                'actions' => [
                    'delete' => ['post'],
                ],
            ],
        ];
    }
    // update function
    public function actionUpdate($id) {
        $model = $this->model;

        if ($model->load(Yii::$app->request->post()) && $model->save()) {
            return $this->redirect(['view', 'id' => $model->id]);
        } else {
            return $this->render('update', [
                        'model' => $model,
            ]);
        }
    }
    // delete function 
    public function actionDelete($id) {
        $this->model->delete();

        return $this->redirect(['index']);
    }