I'm trying to build my own custom authenticate system on this framework. I've set up RBAC of Yii. It's working well. It gives me roles. Later on I've edited the code and now I can get users id, and username also. But what I want is a bit more complicated. I don't like this role system of RBAC, because you have fixed roles written inside code.
My idea is a user having usergroup ID. and in database I can manipulate what can does each usergroup.
So for example user loggs in and wants to make new topic, While authenticate RBAC uses usergroup ID to connect to database and get all data according to this usergroup. then it creates something like:
$this->setState('create_new_topoic', <info from database);
$this->setState('edit_topic', <info from database);
$this->setState('view_topic'', <info from database);
And then during application in controllers and views I will just use everywhere
if (isset(Yii::app()->user->create_new_topoic) AND (Yii::app()->user->create_new_topoic>0))
{ show 'create new topic button' }
Is this normal practice? I'm interested in how this will react on load of server and MYSQL. I'm overloading my application or such system is ok for server to handle?
What you want is what RBAC exactly can do. In fact, you give a ROLE
to user instead of GROUP. Idea is:
Talking in code:
$rbac=Yii::app()->CAuthManager();
$rbac->createOperation('create','This is a description for this operation')
$rbac->createRole('modifier','This is a description for this role')
$rbac->assign('modifier','USER_ID')
$rbac->checkAccess('modifier')
Please do not limit yourself into RBAC methods provided by Yii. You can do every manipulations in your database and write your own customized methods. (I mean, while you are using rbac, you can customize the way you use it. For example considering groups as roles)
To be more clear, you can read Yii's RBAC document: