How to implement rbac in yii2-YII-php.cn

Home

PHP Framework

YII

How to implement rbac in yii2

(*-*)浩

Dec 30, 2019 am 09:42 AM

yii2

RBAC (Role-Based Access Control) role-based access control.

1. Basic idea: Introduce the concept of roles between users and access permissions, connect users and roles, and control user access to system resources through authorization of roles. Compared with traditional access control, the introduction of roles greatly simplifies the management of permissions. (Recommended learning: yii framework )

1). Role: It can be understood as a collection of permissions and permissions. For example: in a forum system, "super administrator" and "moderator" are roles.

2).Permissions: Moderators can manage posts in the forum, users in the forum, etc. These are permissions.

Implementation of rbac in Yii2

1.Yii2 implements a general layered RBAC, and the model it follows is also the NIST RBAC model.

2. The concept of rule is added in yii2. What is rule?

For example: For the article system, we have administrators and ordinary users, which allow administrators to perform any operations on articles, but only ordinary users are allowed to create articles and modify articles they create, that is to say Ordinary users have the permission to modify articles, but the restriction of Extra is that they can only modify their own articles. This verification of Extra is what the rules are responsible for.

3. The permission management implementation of yii2 supports two carriers: file and db. The core of the db-based implementation is four tables:

1) Storage roles or permissions Table: auth_item (type: 1 represents role; 2 represents permission)

CREATE TABLE `auth_item` (
`name` varchar(64) NOT NULL,
`type` int(11) NOT NULL,
`description` text,
`rule_name` varchar(64) DEFAULT NULL,
`data` text,
`created_at` int(11) DEFAULT NULL,
`updated_at` int(11) DEFAULT NULL,
PRIMARY KEY (`name`),
KEY `rule_name` (`rule_name`),
KEY `type` (`type`),
CONSTRAINT `auth_item_ibfk_1` FOREIGN KEY (`rule_name`) REFERENCES `auth_rule` (`name`) ON DELETE SET NULL ON UPDATE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8

2) The superior and subordinate association table of permissions and roles: auth_item_child

(includes the relationship: Roles can contain roles, roles can contain permissions, and permissions can contain permissions, but permissions cannot contain roles)

CREATE TABLE `auth_item_child` (
`parent` varchar(64) NOT NULL,
`child` varchar(64) NOT NULL,
PRIMARY KEY (`parent`,`child`),
KEY `child` (`child`),
CONSTRAINT `auth_item_child_ibfk_1` FOREIGN KEY (`parent`) REFERENCES `auth_item` (`name`) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT `auth_item_child_ibfk_2` FOREIGN KEY (`child`) REFERENCES `auth_item` (`name`) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8

3) Assignment table of users and permissions (roles): auth_assignment

CREATE TABLE `auth_assignment` (
`item_name` varchar(64) NOT NULL,
`user_id` varchar(64) NOT NULL,
`created_at` int(11) DEFAULT NULL,
PRIMARY KEY (`item_name`,`user_id`),
CONSTRAINT `auth_assignment_ibfk_1` FOREIGN KEY (`item_name`) REFERENCES `auth_item` (`name`) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8

4) Rule table: auth_rule

CREATE TABLE `auth_rule` (  
  `name` varchar(64) NOT NULL,  
  `data` text,  //存的是一个序列化的实现了yii\rbac\Rule接口的类的一个对象实例
  `created_at` int(11) DEFAULT NULL,  
  `updated_at` int(11) DEFAULT NULL,  
  PRIMARY KEY (`name`),  
  KEY `name` (`name`),  
  KEY `created_at` (`created_at`),  
  KEY `updated_at` (`updated_at`)  
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT=&#39;权限规则表&#39;;

The above is the detailed content of How to implement rbac in yii2. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Yii: The Rapid Development FrameworkApr 14, 2025 am 12:09 AM

Yii is a high-performance framework based on PHP, suitable for rapid development of web applications. 1) It adopts MVC architecture and component design to simplify the development process. 2) Yii provides rich functions, such as ActiveRecord, RESTfulAPI, etc., which supports high concurrency and expansion. 3) Using Gii tools can quickly generate CRUD code and improve development efficiency. 4) During debugging, you can check configuration files, use debugging tools and view logs. 5) Performance optimization suggestions include using cache, optimizing database queries and maintaining code readability.

The Current State of Yii: A Look at Its PopularityApr 13, 2025 am 12:19 AM

YiiremainspopularbutislessfavoredthanLaravel,withabout14kGitHubstars.ItexcelsinperformanceandActiveRecord,buthasasteeperlearningcurveandasmallerecosystem.It'sidealfordevelopersprioritizingefficiencyoveravastecosystem.

Yii: Key Features and Advantages ExplainedApr 12, 2025 am 12:15 AM

Yii is a high-performance PHP framework that is unique in its componentized architecture, powerful ORM and excellent security. 1. The component-based architecture allows developers to flexibly assemble functions. 2. Powerful ORM simplifies data operation. 3. Built-in multiple security functions to ensure application security.

Yii's Architecture: MVC and MoreApr 11, 2025 pm 02:41 PM

Yii framework adopts an MVC architecture and enhances its flexibility and scalability through components, modules, etc. 1) The MVC mode divides the application logic into model, view and controller. 2) Yii's MVC implementation uses action refinement request processing. 3) Yii supports modular development and improves code organization and management. 4) Use cache and database query optimization to improve performance.

Yii 2.0 Deep Dive: Performance Tuning & OptimizationApr 10, 2025 am 09:43 AM

Strategies to improve Yii2.0 application performance include: 1. Database query optimization, using QueryBuilder and ActiveRecord to select specific fields and limit result sets; 2. Caching strategy, rational use of data, query and page cache; 3. Code-level optimization, reducing object creation and using efficient algorithms. Through these methods, the performance of Yii2.0 applications can be significantly improved.

Yii RESTful API Development: Best Practices & AuthenticationApr 09, 2025 am 12:13 AM

Developing a RESTful API in the Yii framework can be achieved through the following steps: Defining a controller: Use yii\rest\ActiveController to define a resource controller, such as UserController. Configure authentication: Ensure the security of the API by adding HTTPBearer authentication mechanism. Implement paging and sorting: Use yii\data\ActiveDataProvider to handle complex business logic. Error handling: Configure yii\web\ErrorHandler to customize error responses, such as handling when authentication fails. Performance optimization: Use Yii's caching mechanism to optimize frequently accessed resources and improve API performance.

Advanced Yii Framework: Mastering Components & ExtensionsApr 08, 2025 am 12:17 AM

In the Yii framework, components are reusable objects, and extensions are plugins added through Composer. 1. Components are instantiated through configuration files or code, and use dependency injection containers to improve flexibility and testability. 2. Expand the management through Composer to quickly enhance application functions. Using these tools can improve development efficiency and application performance.

Yii Theming and Templating: Creating Beautiful & Responsive InterfacesApr 07, 2025 am 12:03 AM

Theming and Tempting of the Yii framework achieve website style and content generation through theme directories and views and layout files: 1. Theming manages website style and layout by setting theme directories, 2. Tempting generates HTML content through views and layout files, 3. Embed complex UI components using the Widget system, 4. Optimize performance and follow best practices to improve user experience and development efficiency.

See all articles