# SOPHIA Framework 2 Yii Guide

Sophia 2 is Yii 1.1 with layered overrides.

Skill routing:
- For Sophia Framework 2 / Yii 1.1 implementation, debugging, CRUD, RenderSettings, FrmGridView, controllerMap, Cruge/RBAC, Gii, exports, DB scripts, or PHP/Yii review, use `mcp-sophia-yii-developer`.
- For ticket + docs + commits + DB reconstruction, use `mcp-technical-analyst` as primary and `mcp-sophia-yii-developer` as sidecar.
- For multi-phase execution with DB/browser/git validation, use `mcp-master-orchestrator` as primary and `mcp-sophia-yii-developer` for the Sophia/Yii implementation phase.

Layers:
- `FRM`: base framework logic, common anagrafiche, system tables. Controllers `protected/controllers/frm/`; models `protected/models/frm/`.
- `APP`: project/business specialization extending FRM. Controllers `protected/controllers/app/`; models `protected/models/app/`.
- `CLI`: batch/background tasks. Controllers `protected/controllers/cli/`; models `protected/models/cli/`.

Controller override:
- `protected/config/config_frm.php`: default `controllerMap`.
- `protected/config/config_app.php`: APP overrides mapping FRM routes to APP controllers.
- Before editing, identify actual mapped controller and lowest correct layer.

Config load order in `protected/config/main.php`:
1. `protected/config/environment/{AMBIENTE}.php` from root `environment.php`
2. `protected/config/config_frm.php`
3. `protected/config/config_app.php`
4. `protected/config/config_client.php`
5. DB/mailer files under `protected/config/db/` and `protected/config/mailer/`

Conventions:
- DB models extend `frmCActiveRecord`.
- APP models extend matching FRM models.
- `tr()` wraps `Yii::t()`.
- Controllers define UI through `RenderSettings` and `initfields($model, $rendertype)` for `renderfilter`, `renderadmin`, `renderform`.
- `rootviews` selects view folder, e.g. `frmAnaArticoli`.

Assets:
- `js/frm*.js`: framework scripts.
- `js/app*.js`: application scripts.
- `js/framework.js`: core utilities.
- `js/custom.js`: global customizations.
- `css/global.css`: main stylesheet loaded by base controller.

Ops/security:
- Console via `protected/yiic`; custom scheduler under `/sophiascheduler/`.
- Cruge handles auth/RBAC; tables prefixed `frm_cruge_`.
- `hasrole($role)` exists in `global.php`, but prefer central permission patterns for new work.
- Global helpers: `protected/global.php`; app helpers: `protected/global_app.php`.
