Comments (9)
Its by design. you should create role and assign permision to role then assign user to role.
from yii2-admin.
do we have the plan to do the feature in the future?
------------------ 原始邮件 ------------------
发件人: "Misbahul D Munir";[email protected];
发送时间: 2014年10月21日(星期二) 中午11:25
收件人: "mdmsoft/yii2-admin"[email protected];
抄送: "朱升平"[email protected];
主题: Re: [yii2-admin] could permissions be assigned to user directly?(#57)
Its by design. you should create role and assign permision to role then assign user to role.
—
Reply to this email directly or view it on GitHub.
from yii2-admin.
I dont think so, explain your reason why we need to implement it.
from yii2-admin.
Thanks your patience.
Sometimes we need to modify permission for a single user.
To achieve the goal i have two choices, create a new role or change the permissions of the role
The first choice , i may have to face a lot of roles to manage,and some role is used only by one user, a little bit wasteful .
The second choice , some other guy will have the permission ,too. and this is not allowed.
so I wander if i can assign permission to a user directly.
Hope i explain the reason clearly. :)
------------------ 原始邮件 ------------------
发件人: "Misbahul D Munir";[email protected];
发送时间: 2014年10月21日(星期二) 中午12:07
收件人: "mdmsoft/yii2-admin"[email protected];
抄送: "朱升平"[email protected];
主题: Re: [yii2-admin] could permissions be assigned to user directly?(#57)
I dont think so, explain your reason why we need to implement it.
—
Reply to this email directly or view it on GitHub.
from yii2-admin.
And if permission can be directly assigned to user, you dont need to manage lot of "permission"? what diferent with manage lot of roles. If you need implement this, submit this issue to Yii2 dev.
from yii2-admin.
I think this is a valid request.
Everything our apps do with authorization is under Lock and Key. If you have the Key, you have Access... (if you have the Permission, you Can, otherwise you Can't). You don't gain access through a door with a Role, as Roles are fluid and susceptible to being changed (permissions added or removed). We can only test against the Permission ie: can('deleteUser').
This is very granular but Rock Solid practice.
It's VERY simple in practice. ie:-
Role has many Permissions.
User has many Permissions (via Roles or Not).
Assign a User a Role and they inherit all that Roles' permissions.
Assign a User to many Roles and they inherit the combined Roles' Permissions.
Provide a User an extra Permission because we trust them or this is 1 person that requires it. (doesn't require a new Role because we don't test against Roles, only Permissions in our application).
So in effect, Roles are purely Permission containers for our applications. You got the key (Permission), you got the access.
You should not have to create a new Role to accommodate a unique User. You only have to assign him the Permission required.
Submitting with respect and exception.
from yii2-admin.
@drew1two I agree with u.
If permissions can be assigned to user besides roles, it would be convinent
from yii2-admin.
I think its true, but be carefully in create UI, because current UI with many role and many permision will make administrator headace
from yii2-admin.
i also need the feature in which i can assign specific permission to a particular user .any solution ?
from yii2-admin.
Related Issues (20)
- /admin get Class 'app\models\UserSearch' not found
- Error: Call to undefined method app\models\User::setInstance()
- is it possible to add route with parameter ?
- Access and Assignment issue with REST API
- bad request 400
- Problem With Routing URL HOT 1
- License inconsistent
- Support untuk PHP 8.1 HOT 1
- Can not instantiate when controller file is abstract or interface class
- Access control on master HOT 2
- Syntax error on file mdmsoft/yii2-admin/components/AccessControl.php HOT 3
- Menu with subitems didn't show up on Bootstrap5 HOT 1
- I keep getting errors when creating roles and keeping rules ampty HOT 1
- how to filter menu but using native navbar ?
- Clean Invalid routes (Permissions) HOT 1
- how about change the usernameField expression as a Column expression HOT 1
- can not auth HOT 1
- Error Class "yii\bootstrap\ActiveForm" not found in view mdmsoft\yii2-admin\views\user\login.php HOT 1
- migration on web HOT 1
- 'Cannot use yii\base\Object as Object because 'Object' is a special class name' HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from yii2-admin.