0

How I can use Rbac in the following scenario.

for example - There are three locations and having Location Manager for each location. and each location then have two departments. Sales and production Sales department - Sales Manager, Sales Employee Production department - Production Manager, production employee. now say employee makes a leave request from either department.

EmployeeRole - can create and view requests.

ManagerRole - can update requests like approve/reject.

In the above circumstances, Manager can view all requests from Sales and product department. How I can restrict Manager to view/update records only from his/her department and as well as location.

That is Location manager can view or update from his/her location and not from other location.

One way I can think of can be achieved by getting the employee department,location and filtering the records based on requests from which department.

I wanted to know if and how this can be implemented using RBAC.

Joshi
  • 2,539
  • 5
  • 24
  • 53
  • you need to read the docs on [RBAC](https://yii2-framework.readthedocs.io/en/stable/guide/security-authorization/#role-based-access-control-rbac) as the actual question you have asked is on the very last line and that is too broad, and you wouldnt have asked if you read the concept of RBAC and how it works – Reborn Apr 12 '20 at 21:23
  • @Joshi Create a 3 `special` roles reflecting 3 departments, and assign for needed manager specific department `role` and `can` roles. After that you can check if the manager `can` access specific department. All information needed is located here: https://www.yiiframework.com/doc/guide/2.0/en/security-authorization – Serghei Leonenco Apr 12 '20 at 21:55
  • @SergheiLeonenco and @Omer say I create one special role as `manager-sales`, how I create permission which only `manager-sales` can access and is restricted to his/location. I cannot make-out how to create that sort of permission. as I stated that leave-request controller is common between departments and locations. – Joshi Apr 13 '20 at 18:05

0 Answers0