Yii2 auth_rule usage (Yii2 RBAC)

Question

I am working with Yii2 basic templates and working on auth_manager.

I have read about this at below link :

Yii2 Authorization

and i have check this also

How can we use the auth_rule table in Yii2 RBAC?

And now i know these things:

1. how to assign user roles.

2. how to assign permission to any role.

3. i have understand the usage of 3 tables . i.e. auth_assignment , auth_item and auth_item_child .

Now I am not getting the usage of auth_rule table.

there are 4 columns in table

name

data

created_at

updated_at

now i am curious about

1. what should i need to store in these columns?

2. what how can i use these data later on?

I mean it is easy to understand about only two columns i.e. created_at and updated_at but what goes in name and data columns.

I did not able to find anything about it over web. so if someone know about this that will be very helpful for me and for them who also searching for same thing.

Thank You

Answer 1

I recommend reading this: http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#using-rules

You (probably) don't want to add data to this table manually. The name field will contain the name of the rule, this is also the foreign key in the auth_item table. The data column will contain a serialized version of the class that actually is the rule.

So, in the example from the docs, there is an AuthorRule:

namespace app\rbac;

use yii\rbac\Rule;
use app\models\Post;

class AuthorRule extends Rule
{
    public $name = 'isAuthor';

    public function execute($user, $item, $params)
    {
        return isset($params['post']) ? $params['post']->createdBy == $user : false;
    }
}

The auth items and rules are connected using the authManager component:

$auth = Yii::$app->authManager;

// add the rule
$rule = new \app\rbac\AuthorRule;
$auth->add($rule);

// add the "updateOwnPost" permission and associate the rule with it.
$updateOwnPost = $auth->createPermission('updateOwnPost');
$updateOwnPost->description = 'Update own post';
$updateOwnPost->ruleName = $rule->name;
$auth->add($updateOwnPost);

// "updateOwnPost" will be used from "updatePost"
$auth->addChild($updateOwnPost, $updatePost);

// allow "author" to update their own posts
$auth->addChild($author, $updateOwnPost);

When using the DbManager the data in the tables with automatically be populated with the correct values.

Answer 2

It's where it stores references to auth rule classes. http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#using-rules

There are 2 examples PhpManager and DbManager if you change the configuration from PHP to DB it will go like below.

return [
    // ...
    'components' => [
        'authManager' => [
            'class' => 'yii\rbac\DbManager',
            // uncomment if you want to cache RBAC items hierarchy
            // 'cache' => 'cache',
        ],
        // ...
    ],
];

DbManager uses four database tables to store its data:

• itemTable: the table for storing authorization items. Defaults to "auth_item".
• itemChildTable: the table for storing authorization item hierarchy. Defaults to "auth_item_child".
• assignmentTable: the table for storing authorization item assignments. Defaults to "auth_assignment".
• ruleTable: the table for storing rules. Defaults to "auth_rule".

You don't need to store anything here instead you're not using it directly. It is filled during usage of the same methods you're using for PHP manager.