Other uses and best practices for Yii rights module

Using checkAccess method

In order to be able to use rights' module infrastructure to check permissions for other things, like permission to view a menu, for example:

create an item called testing (operation; not role or task)

then assign that operation to user <my_user>

then log in with user <my_user>:

then, in any part of your app, write this:

var_dump(Yii::app()->user->checkAccess('testing')); /* will return true */

you can use that kind of access checking to fine tune permissions in your app, if you need your permissions to be deeper than action-level.

Editing bizRules (business rules) from Rights module GUI

There's another post on how to work with bizRules here: Using bizrules in Yii RBAC, but, if you want to do so from the Rights module GUI, make sure you:

• use return:

  • for example, write return 1==1; in the textInput, rather than just 1==1;

• enclose boolean expressions in parenthesis:

  • for example, write return ('foo'==='foo'); rather than just return 'foo'==='foo';

Permissions for submodules

If you ever need to declare permissions for submodules, you'll find that controllers don't get listed in the view where we get to generate permission items for all controllers in our app.

However, you can manually create an Operation for it, like this: as suggested in a forum post by user mintaraga

If you have a module OuterModule that has a submodule called InnerModule inside, you can declare permissions for a controller called FooController and a view called actionBar() like this:

Outer/Inner.Foo.Bar

Just manually create a new Operation with that name.

This is a w.i.p. (work in progress)