====== System autoryzacji ======
===== Struktura tabel =====
CREATE TABLE `auth_assignment` (
`item_name` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`user_id` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`created_at` int(11) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='Użytkownicy';
CREATE TABLE `auth_item` (
`name` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`type` smallint(6) NOT NULL,
`description` text COLLATE utf8_unicode_ci,
`rule_name` varchar(64) COLLATE utf8_unicode_ci DEFAULT NULL,
`data` blob,
`created_at` int(11) DEFAULT NULL,
`updated_at` int(11) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='';
CREATE TABLE `auth_item_child` (
`parent` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`child` varchar(64) COLLATE utf8_unicode_ci NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='';
CREATE TABLE `auth_rule` (
`name` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
`data` blob,
`created_at` int(11) DEFAULT NULL,
`updated_at` int(11) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='Użytkownicy';
ALTER TABLE `auth_assignment`
ADD PRIMARY KEY (`item_name`,`user_id`),
ADD KEY `auth_assignment_user_id_idx` (`user_id`);
ALTER TABLE `auth_item`
ADD PRIMARY KEY (`name`),
ADD KEY `rule_name` (`rule_name`),
ADD KEY `idx-auth_item-type` (`type`);
ALTER TABLE `auth_item_child`
ADD PRIMARY KEY (`parent`,`child`),
ADD KEY `child` (`child`);
ALTER TABLE `auth_rule`
ADD PRIMARY KEY (`name`);
ALTER TABLE `auth_assignment`
ADD CONSTRAINT `auth_assignment_ibfk_1` FOREIGN KEY (`item_name`) REFERENCES `auth_item` (`name`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE `auth_item`
ADD CONSTRAINT `auth_item_ibfk_1` FOREIGN KEY (`rule_name`) REFERENCES `auth_rule` (`name`) ON DELETE SET NULL ON UPDATE CASCADE;
ALTER TABLE `auth_item_child`
ADD CONSTRAINT `auth_item_child_ibfk_1` FOREIGN KEY (`parent`) REFERENCES `auth_item` (`name`) ON DELETE CASCADE ON UPDATE CASCADE,
ADD CONSTRAINT `auth_item_child_ibfk_2` FOREIGN KEY (`child`) REFERENCES `auth_item` (`name`) ON DELETE CASCADE ON UPDATE CASCADE;
===== Opis tabel =====
**auth_item**\\
Podstawowe pola: name, type, description\\
* **name:** nazwa roli\\
* **type:** 1-role główne, 2-role szczegółowe (numeracja służy do rozróżnienia i jest dowolna)\\
* **description:** opis\\
**auth_item_child**\\
Przyporządkowanie rolom innych ról np: roli głównej(parent) roli szczegółowej (child)\\
* **parent:** name roli głównej z auth_item\\
* **child:** name roli szczegółowej (lub głównej) z auth_item\\
**auth_assignment**\\
Przypisanie roli użytkownikowi\\
* **item_name:** name roli z auth_item\\
* **user_id:** id usera z modelu User
===== common/config/main.php =====
...
'components' => [
...
'authManager' => [
'class' => 'yii\rbac\DbManager',
],
...
===== Controller =====
use yii\filters\VerbFilter;
use yii\filters\AccessControl;
...
public function behaviors() {
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'allow' => true,
'roles' => ['super_user'],
],
[
'allow' => true,
'actions' => ['index','view'],
'roles' => ['rodzaje_index','rodzaje_zajec_edycja'],
],
[
'allow' => true,
'actions' => ['create','update','delete','zmiena'],
'roles' => ['rodzaje_edycja'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'delete' => ['POST'],
],
],
];
}