Check accessibility of routes by role

[kwazaro]

What steps will reproduce the problem?

1. Create some roles ('admin', 'editor', 'author' etc);
2. Add yii\widgets\Menu;
3. Configure items array for Menu (e.g. ['label' => 'Posts', 'url' => ['/post/edit', 'id' => 25]])

What is the expected result?

It would be better, if Menu will show only items, which are accessible by current user's role. Maybe there is some Helper or Filter, to process items array, before adding it to Menu configuration?

What do you get instead?

How to achieve this?

[maxxer]

'visible' => Yii::$app->user->can("admin")

https://www.yiiframework.com/doc/api/2.0/yii-web-user#can()-detail

[maxxer]

https://www.yiiframework.com/doc/api/2.0/yii-widgets-menu#$items-detail

[kwazaro]

Hey, I know about this. This is not what I mean. There should be some helper function in component, to check, if ROUTE is accessible by current user. Something like User::canRoute(['/post/edit']) which returns TRUE if current user can access post/edit, or FALSE, if not. I can't use 'visible' property of Menu widget items, I need Yii do it automatically, based on RBAC. Check the webvimark/user-management and it's canRoute() method. Not everytime we can use conditions for widget configurations, in my case, I can pass to Menu widget only LABEL and URL for items, and I need Yii to check URL (route) for access by RBAC

[maxxer]

Thanks for clarification.

If canRoute return false? What do you get in the url?

[kwazaro]

canRoute() can be used not only for Menu widget, it can be useful to determine, which routes are accessible for current user. Menu widget is just for example.

[tonydspaniard]

@kwazaro do you mind proposing a pull request?