PHPackages deadmantfa/yii2-rbac - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. deadmantfa/yii2-rbac ActiveYii2-extension[Authentication & Authorization](/categories/authentication) deadmantfa/yii2-rbac ==================== Yii2 RBAC Module, updated for PHP 8 and above v2025.08.22(8mo ago)056BSD-3-ClausePHPPHP >=8.2.0 Since Jan 3Pushed 8mo agoCompare [ Source](https://github.com/deadmantfa/yii2-rbac)[ Packagist](https://packagist.org/packages/deadmantfa/yii2-rbac)[ RSS](/packages/deadmantfa-yii2-rbac/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (4)Versions (11)Used By (0) Yii 2 JustCoded RBAC Extension (Forked) ======================================= [](#yii-2-justcoded-rbac-extension-forked) [![Yii2](https://avatars0.githubusercontent.com/u/993323)](https://github.com/yiisoft) This is a fork of the Yii 2 RBAC extension by JustCoded. It extends the RBAC Manager with a route-based access control system, offering additional features and compatibility with modern PHP versions. --- Features -------- [](#features) ### Pre-defined Roles and Permissions [](#pre-defined-roles-and-permissions) The extension provides the following pre-defined roles and permissions: **Permissions:** - **`*` (master permission)**: A parent permission for all other permissions. - **`administer`**: Permission to check access to the admin panel. **Roles:** - **`Guest`**: Not authenticated users. - **`Authenticated`**: Authenticated users (add this to your users manually). - **`Administrator`**: Users with `administer` permission, granting access to the admin panel. - **`Master`**: Superuser role with access to everything via `*` permission. --- ### Routes Scanner [](#routes-scanner) The extension includes a feature to scan your project files and automatically import permissions for: - **Controller-wide permissions**: `{controller->uniqueId}/*` - **Action-specific permissions**: `{controller->uniqueId}/{action->id}` You can create or assign roles and permissions to configure your application's high-level access control. --- ### Route Access Filter [](#route-access-filter) Easily restrict access to specific parts of your site based on roles or permissions. The extension provides a filter similar to Yii's `AccessControl`, enabling route-based permissions checks. If access is denied, a `403 Forbidden` error is triggered. --- ### GUI for Managing Roles and Permissions [](#gui-for-managing-roles-and-permissions) A simple GUI is included to manage roles and permissions directly from the application. > **Note:** The GUI is in alpha. Avoid sharing access to this interface with end-users. --- Installation ------------ [](#installation) Install the extension via Composer: ``` composer require deadmantfa/yii2-rbac ``` Alternatively, add the following to your `composer.json`: ``` "deadmantfa/yii2-rbac": "*" ``` --- Configuration ------------- [](#configuration) ### Component Setup [](#component-setup) Add the RBAC module and `authManager` configuration in your application: ``` 'modules' => [ 'rbac' => [ 'class' => 'deadmantfa\yii2\rbac\Module', ], ], 'components' => [ 'authManager' => [ 'class' => 'deadmantfa\yii2\rbac\components\DbManager', //'class' => 'deadmantfa\yii2\rbac\components\PhpManager', ], ], ``` --- ### Bootstrap 4 Themes Support [](#bootstrap-4-themes-support) By default, the views use Bootstrap 3 via `yii2-bootstrap`. For Bootstrap 4 support, update the container configuration: ``` 'container' => [ 'definitions' => [ 'deadmantfa\yii2\rbac\widgets\RbacGridView' => [ 'class' => \app\modules\admin\widgets\RbacGridView::class, ], 'deadmantfa\yii2\rbac\widgets\RbacActiveForm' => [ 'class' => \yii\bootstrap4\ActiveForm::class, ], ], ], ``` > **Note:** Add `yiisoft/yii2-bootstrap4` to your `composer.json`. --- ### Basic RBAC Configuration [](#basic-rbac-configuration) Follow the [official Yii 2 RBAC documentation](https://www.yiiframework.com/doc-2.0/guide-security-authorization.html#configuring-rbac)to configure RBAC storage (e.g., create necessary files or database tables). For `DbManager`, initialize the database tables with the following migration command: ``` yii migrate --migrationPath=@yii/rbac/migrations ``` --- ### Initialize Base Roles [](#initialize-base-roles) Run the following commands to set up default roles and permissions: ``` # Initialize base roles and permissions php yii rbac/init # Assign the master role to a user (replace 1 with the user ID) php yii rbac/assign-master 1 # Scan application routes for permissions php yii rbac/scan ``` For **Advanced Template**: ``` php yii rbac/scan -p='@vendor/deadmantfa/yii2-rbac' -b='rbac/' ``` For **Basic Template**: ``` php yii rbac/scan -p='@vendor/deadmantfa/yii2-rbac' -b='admin/rbac/' ``` --- Usage ----- [](#usage) ### GUI Interface [](#gui-interface) Access the RBAC GUI by navigating to the module's configured route. Use the GUI to manage roles and permissions. > **Note:** The role-permission selector is a temporary solution and may not display a proper tree structure. This will be addressed in future updates. --- ### Route Access Filter [](#route-access-filter-1) Use the `RouteAccessControl` filter to enforce route-based access control. The filter checks permissions during each request and throws a `403 Forbidden` error for unauthorized routes. #### Per Controller [](#per-controller) ``` public function behaviors() { return [ 'routeAccess' => [ 'class' => 'deadmantfa\yii2\rbac\filters\RouteAccessControl', ], ]; } ``` #### Globally [](#globally) ``` 'as routeAccess' => [ 'class' => 'deadmantfa\yii2\rbac\filters\RouteAccessControl', 'allowActions' => [ 'site/*', ], 'allowRegexp' => '/(gii)/i', // Optional ], ``` --- Example Project --------------- [](#example-project) You can see an example of this RBAC extension in action in the [Yii2 Starter Kit](https://github.com/justcoded/yii2-starter). --- ### Health Score 36 — LowBetter than 82% of packages Maintenance59 Moderate activity, may be stable Popularity10 Limited adoption so far Community10 Small or concentrated contributor base Maturity57 Maturing project, gaining track record Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~25 days Recently: every ~57 days Total 10 Last Release 263d ago Major Versions 2.0.8 → v2025.08.222025-08-22 PHP version history (2 changes)2.0.0PHP >=8.0.0 2.0.7PHP >=8.2.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/273b16723bec678f1ab9863eb3de2b31f2aa2390b5d872e547fda0dcfc427e61?d=identicon)[deadmantfa](/maintainers/deadmantfa) --- Top Contributors [![aprokopenko](https://avatars.githubusercontent.com/u/1842666?v=4)](https://github.com/aprokopenko "aprokopenko (31 commits)")[![deadmantfa](https://avatars.githubusercontent.com/u/1812611?v=4)](https://github.com/deadmantfa "deadmantfa (24 commits)")[![oberest](https://avatars.githubusercontent.com/u/65777866?v=4)](https://github.com/oberest "oberest (10 commits)")[![yvecherskiy](https://avatars.githubusercontent.com/u/31924576?v=4)](https://github.com/yvecherskiy "yvecherskiy (1 commits)") --- Tags rbacyii2rbac guiroutes access ### Code Quality Static AnalysisRector ### Embed Badge ![Health badge](/badges/deadmantfa-yii2-rbac/health.svg) ``` [![Health](https://phpackages.com/badges/deadmantfa-yii2-rbac/health.svg)](https://phpackages.com/packages/deadmantfa-yii2-rbac) ``` ### Alternatives [dektrium/yii2-rbac RBAC management module for Yii2 237395.1k17](/packages/dektrium-yii2-rbac)[yii2mod/yii2-rbac RBAC management module for Yii2 150351.4k7](/packages/yii2mod-yii2-rbac) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)