I'm developing a website in php with Yii2 and I have a problem with Rbac issue. I've followed the offical guide, I run the migrations and now I have in my db the four default tables which define my roles and permissions. Now I don't know how to integrate these roles in my project, I mean I would like to have some views only visible to users with specific permissions but can't understand the way to implement this.
I have also a problem with login, I don't know how to discriminate a button click.
login (view):
<div class="form-group">
<div class="col-lg-offset-1 col-lg-11">
<?= Html::submitButton('Login', ['class' => 'btn btn-primary', 'name' => 'login-button', 'value' => 'login']) ?>
<?= Html::submitButton('Register', ['class' => 'btn btn-primary', 'name' => 'register-button', 'value' => 'register']) ?>
</div>
</div>
SiteController:
public function actionLogin()
{
if (!Yii::$app->user->isGuest) {
return $this->goHome();
}
$model = new LoginForm();
if (isset($_POST['submit']) && $_POST['submit']=='login') {
return $this->goBack();
}
if (isset($_POST['submit']) && $_POST['submit']=='register') {
return $this->render('register');
}
return $this->render('login', [
'model' => $model,
]);
}
I just need to render in a different views the user after the right button click. If Login button is clicked I want to be redirected in login view, if Register button is clicked, I want to be redirected in register view.
This seems to be a two-in-one question.
First, RBAC.
This is explained very well in the docs. You can use AccessControl to only allow certain actions to be accessed by a role or permission. If you need to show some content in a view based on a role or permission, use if(Yii::$app->user->can('permission_or_role)) echo "I can"; (docs).
Second, buttons
Check this link, the name of the button must be the name you check for in the controller (not login-button/register-button and check submit).