This package provides an interface for checking if certain user has certain permission. Optional parameters could be passed for fine-grained access checks.
composer require yiisoft/access
An access checker such as RBAC implements the interface. A user identity may use it then for checking access:
namespace App;
use Yiisoft\Access\AccessCheckerInterface;
class UserService
{
private AccessCheckerInterface $accessChecker;
public function __construct(AccessCheckerInterface $accessChecker)
{
$this->accessChecker = $accessChecker;
}
public function can(string $permissionName, array $parameters = []): bool
{
return $this->accessChecker->userHasPermission($this->getCurrentUser()->getId() ?? '', $permissionName, $parameters);
}
public function getCurrentUser(): User
{
// ...
}
}
In the handler it may look like the following:
public function actionList(UserService $userService)
{
if (!$userService->can('list_posts')) {
// access denied
}
// list posts
}