could permissions be assigned to user directly? about yii2-admin HOT 9 CLOSED

Its by design. you should create role and assign permision to role then assign user to role.

from yii2-admin.

do we have the plan to do the feature in the future?

------------------ 原始邮件 ------------------
发件人: "Misbahul D Munir";[email protected];
发送时间: 2014年10月21日(星期二) 中午11:25
收件人: "mdmsoft/yii2-admin"[email protected];
抄送: "朱升平"[email protected];
主题: Re: [yii2-admin] could permissions be assigned to user directly?(#57)

Its by design. you should create role and assign permision to role then assign user to role.

—
Reply to this email directly or view it on GitHub.

from yii2-admin.

I dont think so, explain your reason why we need to implement it.

from yii2-admin.

Thanks your patience.‍
Sometimes we need to modify permission for a single user.
To achieve the goal i have two choices, create a new role or change the permissions of the role
The first choice , i may have to face a lot of roles to manage,and some role is used only by one user, a little bit wasteful‍ .
The second choice , some other guy will have the permission ,too. and this is not allowed.

so I wander if i can assign permission to a user directly.
Hope i explain the reason clearly. :)

------------------ 原始邮件 ------------------
发件人: "Misbahul D Munir";[email protected];
发送时间: 2014年10月21日(星期二) 中午12:07
收件人: "mdmsoft/yii2-admin"[email protected];
抄送: "朱升平"[email protected];
主题: Re: [yii2-admin] could permissions be assigned to user directly?(#57)

I dont think so, explain your reason why we need to implement it.

—
Reply to this email directly or view it on GitHub.

from yii2-admin.

And if permission can be directly assigned to user, you dont need to manage lot of "permission"? what diferent with manage lot of roles. If you need implement this, submit this issue to Yii2 dev.

from yii2-admin.

I think this is a valid request.
Everything our apps do with authorization is under Lock and Key. If you have the Key, you have Access... (if you have the Permission, you Can, otherwise you Can't). You don't gain access through a door with a Role, as Roles are fluid and susceptible to being changed (permissions added or removed). We can only test against the Permission ie: can('deleteUser').
This is very granular but Rock Solid practice.

It's VERY simple in practice. ie:-
Role has many Permissions.
User has many Permissions (via Roles or Not).
Assign a User a Role and they inherit all that Roles' permissions.
Assign a User to many Roles and they inherit the combined Roles' Permissions.
Provide a User an extra Permission because we trust them or this is 1 person that requires it. (doesn't require a new Role because we don't test against Roles, only Permissions in our application).

So in effect, Roles are purely Permission containers for our applications. You got the key (Permission), you got the access.

You should not have to create a new Role to accommodate a unique User. You only have to assign him the Permission required.

Submitting with respect and exception.

from yii2-admin.

@drew1two I agree with u.
If permissions can be assigned to user besides roles, it would be convinent

from yii2-admin.

I think its true, but be carefully in create UI, because current UI with many role and many permision will make administrator headace

from yii2-admin.

i also need the feature in which i can assign specific permission to a particular user .any solution ?

from yii2-admin.