0

I want to implement rbac in frontend and backend separate. I have a table for admins in backend and admin users work with this table. Also a table for normal users and they work with this table (for login, signup etc).

In the rbac related table (auth_assignment) the 'user_id' field must be valued from another table (user or admin) and this is not possible to get value from both admin and users table.

Is it possible to implement rbac for frontend and backend separate? if yes how?

Hash
  • 4,517
  • 5
  • 19
  • 36
mojtaba.sln
  • 51
  • 1
  • 7

2 Answers2

1

It is possible. RBAC DbManager tables can be configured so you can prepare two RBAC components, one for frontend and second for backend, with different tables.

This is the attribute for assignment:

public $assignmentTable = '{{%auth_assignment}}';
Bizley
  • 15,937
  • 5
  • 43
  • 53
0

Check out this link. Its very useful for RBAC.

https://github.com/yiisoft/yii2/blob/master/docs/guide/security-authorization.md

The RBAC componet are base on common part .. typically if they are base on DB you use common models and shared the related db table ..

You can declare this element in component section of main.php in cofig area and if you do this in common dir this component si correctly shared between both the enviroment (frontend , backend).

eg : common/config/main.php

 'components' => [
    .....
    'authManager' => [
        'class' => 'yii\rbac\DbManager',
        'cache' => 'cache',
          ....
    ],

this mean they could be naturally shared between frontend and backend ..

vijay nathji
  • 1,490
  • 11
  • 22
  • 1
    In this case config can not be shared because it should use two different `user` tables for RBAC assignment. – Bizley Aug 16 '16 at 06:33