panix/mod-rbac

RBAC management module

Installs: 149

Dependents: 6

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

Type:pixelion-module

dev-master 2021-03-11 09:44 UTC

This package is auto-updated.

Last update: 2021-06-11 10:14:39 UTC


README

Module RBAC provides a web interface for advanced access control and includes following features:

  • Allows CRUD operations for roles, permissions, rules
  • Allows to assign multiple roles or permissions to the user
  • Allows to create console migrations

Latest Stable Version Latest Unstable Version Total Downloads Monthly Downloads Daily Downloads License

Installation

The preferred way to install this extension is through composer.

Either run

php composer require --prefer-dist panix/mod-rbac "*"

or add

"panix/mod-rbac": "*"

to the require section of your composer.json.

Usage

Once the extension is installed, simply modify your application configuration as follows:

return [
    'modules' => [
        'rbac' => [
            'class' => 'panix\mod\rbac\Module',
        ],
    ],
    'components' => [
        'authManager' => [
            'class' => 'yii\rbac\DbManager',
            'defaultRoles' => ['guest', 'user'],
        ],
    ],
];

After you downloaded and configured Yii2-rbac, the last thing you need to do is updating your database schema by applying the migration:

$ php yii migrate/up --migrationPath=@yii/rbac/migrations

You can then access Auth manager through the following URL:

http://localhost/path/to/index.php?r=rbac/
http://localhost/path/to/index.php?r=rbac/route
http://localhost/path/to/index.php?r=rbac/permission
http://localhost/path/to/index.php?r=rbac/role
http://localhost/path/to/index.php?r=rbac/assignment

or if you have enabled pretty URLs, you may use the following URL:

http://localhost/path/to/index.php/rbac
http://localhost/path/to/index.php/rbac/route
http://localhost/path/to/index.php/rbac/permission
http://localhost/path/to/index.php/rbac/role
http://localhost/path/to/index.php/rbac/assignment

Applying rules:

  1. For applying rules only for controller add the following code:
use panix\mod\rbac\filters\AccessControl;

class AdminController extends Controller 
{
    public function behaviors()
    {
        return [
            'access' => [
                'class' => AccessControl::class,
                'allowActions' => [
                    'index',
                    // The actions listed here will be allowed to everyone including guests.
                ]
            ],
        ];
    }
}
  1. For applying rules for module add the following code:
use Yii;
use panix\mod\rbac\filters\AccessControl;

/**
 * Class Module
 */
class Module extends \yii\base\Module
{
    /**
     * @return array
     */
    public function behaviors()
    {
        return [
            AccessControl::class
        ];
    }
}
  1. Also you can apply rules via main configuration:
// apply for single module

'modules' => [
    'rbac' => [
        'class' => 'panix\mod\rbac\Module',
        'as access' => [
            'class' => panix\mod\rbac\filters\AccessControl::class
        ],
    ]
]

// or apply globally for whole application

'modules' => [
    ...
],
'components' => [
    ...
],
'as access' => [
    'class' => panix\mod\rbac\filters\AccessControl::class,
    'allowActions' => [
        'site/*',
        'admin/*',
        // The actions listed here will be allowed to everyone including guests.
        // So, 'admin/*' should not appear here in the production, of course.
        // But in the earlier stages of your development, you may probably want to
        // add a lot of actions here until you finally completed setting up rbac,
        // otherwise you may not even take a first step.
    ]
 ],

Migrations

You can create the console migrations for creating/updating RBAC items.

Module setup

To be able create the migrations, you need to add the following code to your console application configuration:

// console.php
'modules' => [
    'rbac' => [
        'class' => 'panix\mod\rbac\ConsoleModule'
    ]
]

Methods

  1. createPermission(): creating a permission
  2. updatePermission(): updating a permission
  3. removePermission(): removing a permission
  4. createRole(): creating a role
  5. updateRole(): updating a role
  6. removeRole(): removing a role
  7. createRule(): creating a rule
  8. updateRule(): updating a rule
  9. removeRule(): removing a rule
  10. addChild(): creating a child
  11. removeChild(): removing a child
  12. assign(): assign a role to a user

You can see a complex example of migration here.

Applying Migrations

To upgrade a database to its latest structure, you should apply all available new migrations using the following command:

$ php cmd rbac/migrate

Reverting Migrations

To revert (undo) one or multiple migrations that have been applied before, you can run the following command:

$ php cmd rbac/migrate/down     # revert the most recently applied migration
$ php cmd rbac/migrate/down 3   # revert the most 3 recently applied migrations

Redoing Migrations

Redoing migrations means first reverting the specified migrations and then applying again. This can be done as follows:

$ php cmd rbac/migrate/redo     # redo the last applied migration
$ php cmd rbac/migrate/redo 3   # redo the last 3 applied migrations