How to add role to user?

Solved!

================ create role ============

use yii\rbac\PhpManager;
$r=new PhpManager;
$r->init();
$r->createRole("admin","Администратор"); 
$r->save();

=============== assign ==================

$r->assign('1','admin');   //1 is user id

For database version of RBAC use DbManager (quote frm: Alexufo):

use yii\rbac\DbManager;
$r=new DbManager;
$r->init();
$r->createRole("admin","Administrator");
$r->save();

$r->assign('1','admin');   //1 is user id 

Example Access rules:

<?php
namespace backend\controllers;

use yii;
use yii\web\AccessControl;
use yii\web\Controller;

class SiteController extends Controller
{
    public function behaviors()
    {
        return [
            'access' => [
                'class' => AccessControl::className(),
                'rules' => [
                    [
                        //'actions' => ['login', 'error'], // Define specific actions
                        'allow' => true, // Has access
                        'roles' => ['@'], // '@' All logged in users / or your access role e.g. 'admin', 'user'
                    ],
                    [
                        'allow' => false, // Do not have access
                        'roles'=>['?'], // Guests '?'
                    ],
                ],
            ],
        ];
    }

    public function actionIndex()
    {
        return $this->render( 'index' );
    }
}
?>

Don't forget to add this to your configuration file (config/main.php):

'components' => [
    'authManager'=>array(
        'class' => 'yii\rbac\DbManager',
        'defaultRoles' => ['end-user'],
    ),
    ...
]

Tables:

drop table if exists `tbl_auth_assignment`;
drop table if exists `tbl_auth_item_child`;
drop table if exists `tbl_auth_item`;

create table `tbl_auth_item`
(
   `name`                 varchar(64) not null,
   `type`                 integer not null,
   `description`          text,
   `biz_rule`              text,
   `data`                 text,
   primary key (`name`),
   key `type` (`type`)
) engine InnoDB;

create table `tbl_auth_item_child`
(
   `parent`               varchar(64) not null,
   `child`                varchar(64) not null,
   primary key (`parent`,`child`),
   foreign key (`parent`) references `tbl_auth_item` (`name`) on delete cascade on update cascade,
   foreign key (`child`) references `tbl_auth_item` (`name`) on delete cascade on update cascade
) engine InnoDB;

create table `tbl_auth_assignment`
(
   `item_name`            varchar(64) not null,
   `user_id`              varchar(64) not null,
   `biz_rule`              text,
   `data`                 text,
   primary key (`item_name`,`user_id`),
   foreign key (`item_name`) references `tbl_auth_item` (`name`) on delete cascade on update cascade
) engine InnoDB;

You can also find this information in the "yii/rbac" directory (including other SQL files). For functionality and more details:

https://github.com/yiisoft/yii2/blob/master/docs/guide/security-authorization.md


A really simple way to achieve an admin role is to add this to your controller:

use yii;
/**
 * @inheritdoc
 */
public function behaviors()
{
    return [
        'access' => [
            'class' => AccessControl::className(),
            'rules' => [
                [
                    'allow' => true,
                    'actions' => ['index'],
                    'roles' => ['@'],
                ],
                [
                    'allow' => !Yii::$app->user->isGuest && Yii::$app->user->identity->isAdmin(),
                    'actions' => ['view', 'create', 'update', 'delete'],
                ],
            ],
        ],
    ];
}

Then add to your User model an isAdmin() which returns true for your admin user(s) and false for everyone else. Personally, I use:

public function isAdmin() {
    return Self::ROLE_ADMIN === $this->role;
}

Admittedly, this is not "by the book". But it is simple, quick and effective.


$user_id = 1;

$auth = new DbManager;
$auth->init();
$role = $auth->createRole('editor');
$auth->add($role);

$auth->assign($role, $user_id);

========================================================================= if you want to select role instead creating then

$auth = new DbManager;
$auth->init();
$role = $auth->getRole('admin');
$auth->assign($role, $user_id);

100% worked!

Tags:

Php