Book Image

Web Application Development with Yii 2 and PHP

By : Mark Safronov, Jeffrey Winesett
Book Image

Web Application Development with Yii 2 and PHP

By: Mark Safronov, Jeffrey Winesett

Overview of this book

<p>Yii is a high performance PHP framework used for rapid web application development. It is well designed, well supported, easy to learn, and easy to maintain. This book embraces the learn-by-example methodology to show you the most important features of the Yii 2 framework. Throughout the course of this book, you will build a simple real-world application; each chapter will introduce you to a new functionality and show you how to tweak your application. Instead of trying to be an all-encompassing reference about the framework, this is a walkthrough of the really important pieces of information that you have to understand in detail.</p> <p>You will learn how to use Yii's active record and CRUD scaffolding to manage the data in your database. Authentication, extensions, events and behaviors, and route management are just some of the many other features of Yii that you will learn from this book. By the end of this book, you will have a basic CRM application that is all set for service!</p>

Related Content you might be interested in

Current Title:

Small book image
Web Application Development with Yii 2 and PHP
Mark Safronov | Jeffrey Winesett
Sep, 2014 | 406 pages
No titles found
Table of Contents (22 chapters)
Web Application Development with Yii 2 and PHP
Web Application Development with Yii 2 and PHP
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Getting Started
Getting Started
A basic application
An advanced application
Summary
2
Making a Custom Application with Yii 2
Making a Custom Application with Yii 2
The design stage
Initial preparations
Introducing the Yii framework into our application
Making the data and application layers
Creating the user interface
Using the application
Summary
3
Automatically Generating the CRUD Code
Automatically Generating the CRUD Code
Definition of the model to work with
Using Gii
Finishing touches
An overview of the generated CRUD UI
Pros and cons of generated classes over manually created ones
Summary
4
The Renderer
The Renderer
Anatomy of Yii rendering
The Yii application components
The View component
Custom renderers
A custom response formatter
The asset bundles
Themes
Widgets
Summary
5
User Authentication
User Authentication
Anatomy of the user login in Yii
Password-based login mechanics in general
Making the user management interface
Hashing a password upon saving a user record
Making a user record into an identity
Making the login interface
Summary
6
User Authorization and Access Control
User Authorization and Access Control
Access control using the state of user authentication
Role-based access control
Protecting the CRM management from CRM users
Summary
7
Modules
Modules
FEATURE – Yii modules
Building the API module
Retrospective on the modules mentioned in previous chapters
Summary
8
Overall Behavior
Overall Behavior
FEATURE – message log
FEATURE – profiling
Error handling details
Caching
Minimizing the assets
Summary
9
Making an Extension
Making an Extension
Extension idea
Creating the extension contents
Making the extension installable as... erm, extension
Summary
10
Events and Behaviors
Events and Behaviors
Automatically marking database records with the timestamp and user ID
FEATURE – behaviors
FEATURE – events
Built-in events
Summary
11
The Grid
The Grid
Dismissing of the domain layer
Designing for the customers' index
FEATURE – widgets
Creating the index page for customers
Summary
12
Route Management
Route Management
Yii 2 routing 102
FEATURE – routing using names of modules, controllers, and actions
Custom routes using a configuration
Custom routes using custom URL rule classes
Summary
13
Collaborative Work
Collaborative Work
Configuration construction
Console application
Database migrations
Summary
Deployment Setup with Vagrant
Deployment Setup with Vagrant
Planning
Initial setup
Fine-tuning the virtual machine
Using the virtual machine as a local deploy target
The Active Form Primer
The Active Form Primer
Making the Edit form for customer
Index
Index

Protecting the CRM management from CRM users

We have differentiated the CRM manager and CRM user roles since the very beginning in our specifications for the application. So far, each acceptance test began with some work on the side of database management and ended with either usage of public interface or checking some assumptions right in the management UI.

Now, it's time to really prohibit the CRM user from accessing the database management UI pages. We are going to implement the following business ruleset:

  • Unauthenticated (guest) users should not be able to access anything except the home page and the login form.

  • User-level users should be able to access the Query Customer By Phone UI.

  • Manager-level users should be able to access everything except the User Management UI.

  • Administrator-level users should be able to access everything.

Have a look at the following scheme:

We already have tests for the login and logout functionality without testing for access rights afterwards. However, now we...

Previous Section
End of Section 4
Next Section