What is the best way to do query with filters based on roles from RBAC.
Objective: each user role see different results.
It's good create a sequence of "ifs" or is there another good organization for this?
Table auth_item
:
id | name
-------+---------
1 | boss
2 | chef
3 | employe
Table contacts
id | name | id_department | contact
-------+-------------+----------------+-------------
1 | John | 2 | 999 999 999
2 | Angela | 4 | 999 452 998
3 | Bea | 5 | 999 678 997
4 | Monique | 4 | 999 125 923
My current code:
public function actionIndex()
{
$searchModel = new Contacts();
$dataProvider = $searchModel->search(Yii::$app->request->queryParams);
if (\Yii::$app->user->can('employe')) {
$dataProvider->query->andFilterWhere(['id_department' => 4]);
} elseif (\Yii::$app->user->can('chef')) {
$dataProvider->query->andFilterWhere(['id_department' => 2]);
} elseif (\Yii::$app->user->can('boss')) {
$dataProvider->query->andFilterWhere(['IN', 'id_department', [1, 2, 3, 4, 5]]); //all results
}
return $this->render('index', [
'searchModel' => $searchModel,
'dataProvider' => $dataProvider,
]);
}