Extending RBAC

[rkhe]

Hi,

Is there a way to extend the Simple RBAC plugin?
My scenario is that I need a user to allow multiple roles but not a full admin.

Example:
The App has multiple non-related modules. Example: an Article module and a Video Catalog module.
The user can have an 'Author' role so it can Create, Edit, Update, or Delete an Article, however it can also have a 'Visitor' role so that he can access the Video Catalog module as a View Only access.

I wonder if I can extend the existing Simple RBAC plugin to allow multiple (maybe comma delimited) roles.

Any suggestions?

Thanks.

[rkhe]

Got this solved using the allowed special key.

Posting the solution below for others who might need it.

On permissions.php,
[ 'role' => '*', 'prefix' => '*', 'extension' => '*', 'plugin' => '*', 'controller' => 'YourController', 'action' => ['index', 'view'], 'allowed' => function ($user, $role, \Cake\Http\ServerRequest $request) { $array_role = explode(',', $role); foreach ($array_role as $item) { if (in_array($item, ['roleA', 'roleB'])) { return true; } } return false; }, ],

The users.role is comma delimited string. Example: "roleA,roleB".

Closing this ticket.
Thanks.