0

I'm developing a website in php with Yii2 and I have a problem with Rbac issue. I've followed the offical guide, I run the migrations and now I have in my db the four default tables which define my roles and permissions. Now I don't know how to integrate these roles in my project, I mean I would like to have some views only visible to users with specific permissions but can't understand the way to implement this.

I have also a problem with login, I don't know how to discriminate a button click.

login (view):

<div class="form-group">
    <div class="col-lg-offset-1 col-lg-11">
        <?= Html::submitButton('Login', ['class' => 'btn btn-primary', 'name' => 'login-button', 'value' => 'login']) ?>
        <?= Html::submitButton('Register', ['class' => 'btn btn-primary', 'name' => 'register-button', 'value' => 'register']) ?>
    </div>
</div>

SiteController: 

public function actionLogin()
{
    if (!Yii::$app->user->isGuest) {
        return $this->goHome();
    }

    $model = new LoginForm();
    if (isset($_POST['submit']) && $_POST['submit']=='login') {
        return $this->goBack();
    }
    if (isset($_POST['submit']) && $_POST['submit']=='register') {

        return $this->render('register');
    }
    return $this->render('login', [
        'model' => $model,
    ]);
}

I just need to render in a different views the user after the right button click. If Login button is clicked I want to be redirected in login view, if Register button is clicked, I want to be redirected in register view.

Hossein Golshani
  • 1,847
  • 5
  • 16
  • 27
gipsy
  • 85
  • 2
  • 15
  • Does the Button Register work? Do you have an actionRegister? – Sfili_81 Oct 11 '18 at 06:49
  • Button Register doesn't work, it makes the same thing as Login button. I don't have an actionRegister, just actionLogin you see. – gipsy Oct 11 '18 at 11:02
  • it's better to use Yii::$app->request->post() and you have 2 buttons submit for the same form? isn't a good idea. – Sfili_81 Oct 11 '18 at 11:43

1 Answers1

0

This seems to be a two-in-one question.

First, RBAC.

This is explained very well in the docs. You can use AccessControl to only allow certain actions to be accessed by a role or permission. If you need to show some content in a view based on a role or permission, use if(Yii::$app->user->can('permission_or_role)) echo "I can"; (docs).

Second, buttons

Check this link, the name of the button must be the name you check for in the controller (not login-button/register-button and check submit).

Jørgen
  • 3,467
  • 6
  • 33
  • 49