Jump to content
Larry Ullman's Book Forums


  • Posts

  • Joined

  • Last visited

IlyaP's Achievements


Newbie (1/14)



  1. Thank you, Brent Knigge for attention, but unfortunately it is not what looking for. I understood that there are two types of autManager. And in the Larry's Yii book the DbAuthManager is used. I'm speaking about how user's role could be change without deleting all settings of rbac. Because, it can be done by deceloper, but not by administrator who will use site. Here is a long quote from the book: "«The goal is to invoke the assign() method once for each user, as that's what the RBAC system will need in order to confirm permission. The first thing you'll need to do is determine what user identifier counts. In other words: what table column and model attribute differentiates the different roles? Logically, this would be a property such as user.type in the CMS example. The goal, then, is to do this: if ($user->type === 'admin') { $auth->assign('admin', $user->id); } elseif ($user->type === 'author') { $auth->assign('author', $user->id); } elseif ($user->type === 'public') { $auth->assign('public', $user->id); } That code associates the user's ID with a specific RBAC role. As each $user->type value directly correlates to a role, that code can be condensed to: $auth->assign($user->type, $user->id); Second, you need to determine when it would make sense to invoke assign(). A logical time would be after the user registers. To do that, you could create an afterSave() method in the model class: # protected/models/User.php public function afterSave() { if (!Yii::app()->authManager->isAssigned( $this->type,$this->id)) { Yii::app()->authManager->assign($this->type, $this->id); } return parent::afterSave(); } «That code will be called after a model record is saved. This could be after a new record is created or after it is updated (like when the user changes her password). Because the second possibility exists, this code first checks that the assignment has not already taken place. If not, then the assignment is performed. {TIP} If you have a situation where the user's permissions may be changed, you'd need to remove the existing role assignment and add the new one" «The Yii Book.» Larry Ullman, 2014-12-20. iBooks. As I understood, assign method must be called only one time for every user. But, what if I need to let administrator change roles to users? It could be a form in admin's area, where the admin could choose a role for any user. But how can I save it? Sorry for such a long quotes and, probably for the stupid question. I'm totally new in Yii and frameworks at all, I developed only in procedural way before.
  2. Hello! First of all, I really appreciate the Yii book and I find it just awesome! Thank you! But, I have a question about rbac. In your book you are showind how to tie roles to database users. And I lost the thread at the moment when the roles are assigned to the users: # protected/models/User.php public function afterSave() { if (!Yii::app()->authManager->isAssigned( $this->type,$this->id)) { Yii::app()->authManager->assign($this->type, $this->id); } return parent::afterSave(); When a user is created - the role pointed at "type" attribute is assigned to the actual role in database. The question is - what if I need to change user's role after she has been created? For example, administartor would want to change any specific user's role to "moderator" or to "author"? This code would not work, right? How do I implement it? I can guess that I just need to delete "if" condition, so the rest of code would work when user is updated. But I feel that is wrong.... Sorry, if this question was already asked, I tried to find it. And thank you in advance!
  • Create New...