Jump to content
Larry Ullman's Book Forums

Suggestions/extensions For Simplifying Rbac (Access Control) ?

Recommended Posts

Everything about Yii is so straight-forward that I'm surprised that access control continues to appear difficult and complicated to me. So far I've avoided any need to do any authentication or user login (because the sites are locked down to an internal network). That will soon change.


I expect to need a number of user logins, with a small number of roles. I'll have 10-20 logins spread across 6-8 roles. It's very small scale in that sense.


1. Does anyone have recommendations for an RBAC user management extension? I'd like the client to be able to manage users, and assignment of roles to users, without programmer intervention.


2. It seems like I should be able to implement a simple strategy for tying either entire controllers or specific controller actions to those roles. I'm not sure what that strategy is, but I haven't tried to do this yet either. Practice makes perfect!

Link to post
Share on other sites
  • 2 weeks later...

I added some yii extensions in the beginning like YiiBooster but later decided to pull it out later, the problem is they are only maintained for so long then you are left to handle it for yourself. I think using extensions also depends on the size of your project, if you are building something small then using them is okay but if you are building something large which will need continually updated i think using your own code is better. I try to write my own code for everything i really hate to use extensions i like to know how things are working exactly and don't like to depend on others unless of course they have a lot of reputation and people to backup like using the Yii Framework does. It would be impossible for one to write a framework plus develop a large scale site both of these are separate issues.


If you are looking to use others extensions you need to make sure they are actively maintained and updated i think that is the most important issue in regards to them.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...