-1

I'm new to Yii2-usuario and Yii2 authentication.

Yii2 provides a builtin Yii::$app->user->isGuest but no Yii::$app->user->isAdmin.

I configured the user chef as adminstrators in config/web.php:

'user' => [
    'class' => Da\User\Module::class,
    'administrators' => ['chef'],
    ...
],

My database tables auth_* are empty.

How to check if the current user

  • is admin?
  • has admin permissions (role admin)?
WeSee
  • 3,158
  • 2
  • 30
  • 58
  • 1
    Do you have a role defined in the table `auth_item` with the `name` **admin** and `type` **1** , then `auth_assignment` should have the `user_id` of the admin user (**chef**) you added in the `user` table, against the role defined i.e **admin** ? if you implement the RBAC i dont think you need to specify any admin under the module config, as you would then check the access to any action,module or controller via `Yii::$app->user->can($route)` where `$route` is defined in the `auth_item` with `type` **2** – Muhammad Omer Aslam Aug 28 '19 at 08:40
  • @MuhammadOmerAslam Thank you. It works. Where can I read about that. Is there a Guide or sth like that? I have to specify ```admin``` as ```admnistrators `` in config because for the first login I need a user and an admin.. – WeSee Aug 28 '19 at 10:23
  • @MuhammadOmerAslam Make an answer out of your comment and I'll mark it as resolved. – WeSee Aug 28 '19 at 10:23

1 Answers1

2

What looks like you are missing the data in the relevant tables for RBAC. You should read the GUIDE about the advance RBAC and how you should go about building the authorization data i.e

  • defining roles and permissions;
  • establishing relations among roles and permissions;
  • defining rules;
  • associating rules with roles and permissions;
  • assigning roles to users.

So to get it working verify if you have a role defined in the table auth_item with the name admin and type 1, then auth_assignment should have the user_id of the admin user (chef) you added in the user table, against the role defined i.e admin.

See the images from one of my application where the admin role is defined and one route that needs to be defined and checked later using the Yii::$app->user->can()

auth_item

enter image description here

auth_assignment

enter image description here

**User **

enter image description here

If you implement the advance RBAC according to the guide I don't think you need to specify any admin under the module config, as you would then check the access to any action,module or controller via Yii::$app->user->can($route) where $route is defined in the auth_item with type 2.

Note there is auth_item_child table too which is used when your application expands and you have multiple roles defined, mainly it is the table for storing authorization item hierarchy. you can read about it in the link mentioned on top.

Muhammad Omer Aslam
  • 22,976
  • 9
  • 42
  • 68
  • Thanks, great! 1) If I don't specify 'administrators' => ['chef'] in config/web.php, who is allowed to login with an empty database? 2) Can users (e.g.chef) be added by migrations? – WeSee Aug 29 '19 at 05:52
  • 1
    2) Yes, you can create a separate migration for adding the admins. 2) About property `administrators`, it configures the usernames of those users who are considered **admininistrators**. The administrators can be configured here **OR** through `RBAC` with a special permission name(as we did). The recommended way is through using the property `administratorPermissionName` for the `Module` as they can be set dynamically throughout the RBAC interface, but use this attribute for simple backends with static administrators that won't change throughout time. @WeSee – Muhammad Omer Aslam Aug 30 '19 at 01:02
  • 1
    means if there are not going to be random assignments of the admins then you can specify the admins here but if there are multiple roles and assignments of admin roles can change over time then use `adminstratorPermissionName` then you can use the `AccessRuleFilter` too as described [here](https://yii2-usuario.readthedocs.io/en/latest/installation/rbac/) for a complete list of configurations options you can see [this](https://yii2-usuario.readthedocs.io/en/latest/installation/configuration-options/) @WeSee – Muhammad Omer Aslam Aug 30 '19 at 01:09