Mixing ACF and RBAC

ACF contains a property named role that is usually filled with ? to indicate that access is available for all users, and @ to indicate that access is restricted to authenticated ones. But there is a third option that refers its content to the role name of the RBAC system.

For each controller, therefore, it is enough to overwrite behaviors() by specifying the roles that can access the actions inside the controller and then to associate users to the role, in order to allow or deny access.

Example – managing users' roles to access rooms, reservations, and customers

In this example, we will show you how to manage the access to the controller actions using ACF and RBAC.

We will use the foo user to simulate an authenticated user for ...

Get Yii2 By Example now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Yii2 By Example by Fabrizio Caldarelli

Mixing ACF and RBAC

Example – managing users' roles to access rooms, reservations, and customers

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly