How to setup Role Based Access Control (RBAC) and Authentication in Yii2

Hey Guys,

As you know, data based applications almost always require access restrictions in place for users, since not everyone can be allowed to access all the data in the data in the application. Administrators, content writers, marketers, reporters, viewers, translators, you name it, everyone has different access rights depending on their role’s privileges. This is where Role based Access Control (RBAC) comes into play, which is, the ability of application to authorize users access to data, based on their role. PHP Yii2 based applications are no different when it comes to role based access to data, and in this post we’re going to look at how you can setup Role Based Access Control (RBAC) and authentication for users in Yii2.

 

The Yii2 framework provides rich features and detailed documentation for authorization and access control of user accounts. Depending on the specific requirements of the application, you can build a user management module with the tools Yii2 provides or you can use one of the general purpose user management modules that are available in the Yii2 community. In this tutorial we’re going to use one of these pre-built user management modules (which can be customized by the way), to save time and quickly develop our app.

I’ve spent quite a lot of time searching for a good Role Based Access Control management system and after installing and trying out many of the modules available within the community, I’ve managed to find a few that are better than others. In this tutorial we’re going to be using Dektrium’s yii2-user and yii2-rbac modules, which are specifically designed to perfectly interconnect with each other. The reason these two modules are built separately, is to provide simple user authentication functionality with just the yii2-user module for applications where Role Based Access Control is not needed. So let’s get to it.

Steps

To implement Role Based Access Control in yii2 you’ll first need to visit https://github.com/dektrium/yii2-user and download the yii2-user module. It’s better to use the composer (which is basically a dependency manager for PHP) for this purpose. Just add the yii2-user to the required section of composer.json as shown below:

{
    "require": {
        "dektrium/yii2-user": "0.9.*@dev"
    }
}

Next, add the user module to both the web and console config files as depicted below:

...
'modules' => [
    ...
    'rbac' => [
        'class' => 'dektrium\rbac\Module',
    ],
    ...
],
...

Now, update the user component in the web config file as follows:

...
'modules' => [
    ...
    'user' => [
        'class' => 'dektrium\user\Module',
    ],

    'rbac' => [
        'class' => 'dektrium\rbac\Module',
    ],
    ...
],
...

Next, update your database schema by applying the migrations. Just make sure that you have a properly configured dB application component and run the following command:

$ php yii migrate/up –migrationPath=@vendor/dektrium/yii2-user/migrations

When you do that the User Authentication module will be initialized and will start running. For detailed documentation on this user module, please see https://github.com/dektrium/yii2-user/blob/master/docs/README.md .

Now download the Role Based Access Control module from https://github.com/dektrium/yii2-rbac and put it under a vendor like this:

“vendor\dektrium\yii2-rbac\{Module-files}”.

Now add the Role Based Access Control module to both the web and console config files below (or above) the user module as follows:

...
'modules' => [
    ...
    'user' => [
        'class' => 'dektrium\user\Module',
    ],

    'rbac' => [
        'class' => 'dektrium\rbac\Module',
    ],
    ...
],
...

Then you’ll need to configure the authManager module in both the web and console config files (as shown below).

...
[
    'components' => [
        'user' => [
            'identityClass' => 'dektrium\user\models\User',
            'enableAutoLogin' => true,
        ],
	'authManager' => [
            'class' => 'yii\rbac\DbManager',
        ],
    ],
]
...

Now, apply the migrations:
$ php yii migrate/up –migrationPath=@yii/rbac/migrations

There you go! The yii2-user and yii2-rbac modules are fully setup. You only need to configure the behaviors() for these modules in the yii2-user\controllers\AdminController.php and yii2-rbac\Module.php files with your own rules to start utilizing the Role Based Access Control functionality.

About Folio3

As a leading software development company, we specialize in developing enterprise and consumer oriented web applications and websites. We also provide website and web application UI and UX design services. If you have a website development or web application development project that you’d like to discuss or would like to know more about our web development expertise, please Contact Us