How i set permission for accesscontrol of mdmsoft/yii2-admin

Question

I created a permission for my system and by this extension others working fine. As example I set permission for Page module then I used below code

  if(\Yii::$app->user->can('page_module')){}else{
        throw new ForbiddenHttpException("You are not authorized to perform this action.", 403);
    } 

and it provides me restriction. I used these lines pf code in extension controller, then it restricted but it vulnerable cause if I update extension then code will remove. And i didn't understand how I extend all controller and set permission. If there is another way its unknown to me.

Answer 1

Once you have setup the mdmsoft/yii2-admin extension access is denied to all the routes until you grant it. Rather than hard coding yii::$app->user-can('permission') utilize the RBAC which should be the only reason you installed mdmsoft/yii2-admin.

As Access Setup Hopefully your using Yii2's advanced template. Initially, setup the as access in your frontend/config/main.php :

'as access' => [
    //This access behavior must be in frontend and backend.
    //The 'as access' behavior will interfere with migrations if put in common.
    'class' => 'mdm\admin\components\AccessControl',
    'allowActions' => [
        'site/*',  //Allow by default to all.
        'debug/*',
        //'admin/*', //Leave commented out, unless setting up admin roles initially.
        //Allow guests to do:
        'ticket/ticket/index', 
    ]
],

Setup RBAC

Go to the admin URL, something like ... app:port/admin

The RBAC hierarchy is like this:

User->Roles->Permissions->Routes

Example

-Joey

--Admin_Role

---- Admin_Permission

-------- app/controller1/*

-------- app/controller2/view

Setup RBAC

1. First add your routes.
2. Add your permissions.
3. Assign routes to your permissions.
4. Create your roles.
5. Assign permissions to your roles.
6. Assign roles to your users.