I went through a couple Auth tutorials and the guides, but I think I may have missed something. I can login and logout just fine. I can see all the pages an authenticated user can, but when I go to a page an admin user is supposed to have access to I always get a prompt telling me I do not have access.
This returns true:
var_dump(Yii::app()->user->checkAccess('admin')); //returns bool(true) on var_dump
My authManager component is setup in my main.config like this:
I ran some sql and have 3 auth tables. They all have data in them except for AuthItemChild. That table is empty. I also ran a script that does the following:
The only odd thing is I don’t have a user table or Model. Instead it’s called member, only because I’ve integrated phpBB with my yii app which also has a user object so there was a conflict. Thanks in advance. Any suggestions?
I went tracing through the source. I got to this point where it seems to break. It returns true for all those methods in the conditionals but $this->allow is false and returns -1.
It seems like if I remove the deny rules from my accessRules method in the Controller stops me from getting the message and I can access the page. Then all users admin or not can access the page.
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('index','view'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update'),
'users'=>array('@'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('admin'),
'users'=>array('admin'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
It seems like the allow that isn’t working in my last post is set here in CAccessControlFilter
public function setRules($rules)
{
foreach($rules as $rule)
{
if(is_array($rule) && isset($rule[0]))
{
$r=new CAccessRule;
$r->allow=$rule[0]==='allow';
Maybe I missed a step in setting everything up? Any suggestions?
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('index','view'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update'),
'roles'=>array('authenticated'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('admin'),
'roles'=>array('admin'),
),
array('deny', // deny all users
'users'=>array('*'),
),