[Extension] Auth

Yii 1.1 Extensions
8

Hi, I would first like to thank you for providing this awesome extension. I haven’t had much time with php and even less time with yii so I hope you can bear with me.

While following the documentation I ran into the following:

public function filters()

{

return array(

array('auth.components.AuthFilter'),

)[color="#FF0000"],[/color]

}

I am not really sure if this is a typo but the comma(,) after the last parenthesis should be replaced by a semicolon (;)? (just want to make sure since I got errors with the comma)

Also I got an error:

protected\modules\auth\components\AuthFilter.php(41): YiiBase::t("AuthModule.main", "Access denied.")

     $itemName .= '.' . $controller->action->getId();


     if ($user->checkAccess($itemName))


        return true;


     


     throw new CHttpException(401, Yii::t('AuthModule.main', 'Access denied.'));


 }

}

I am not really sure why it caused the error but I tried replacing it with:

throw new CHttpException(401,‘Access denied.’);

This seemed to fix the error but now only the superuser had access to the tasks (although other roles were configured to have permission).

In the end, instead of using array(‘auth.components.AuthFilter’) I tried using ‘rights’ (filter from your Rights Extension extending Rcontroller). Although I haven’t tested it much it seems to work perfectly.

Again I haven’t had much time with php and yii so maybe everything I said might be completely wrong.

9

Just wanted to say “THANK YOU” for this great extension. Very useful and saves me a lot of time :)

10

You must define




'import'=>array(

     'application.modules.auth.*',

     'application.modules.auth.components.*',

	),

in "protected/config/main.php"

11

You must define




'import'=>array(

     'application.modules.auth.*',

     'application.modules.auth.components.*',

	),

in "protected/config/main.php"

[/quote]

Thanks a lot!

Now everything works perfectly :D

12

CDbAuthManager and its behaviors do not have a method or closure named "getItemsPermissions".

I am getting this, does anyone have any ideas?

13

how I can set the permission of a page to guest

14

in Yii auth

AuthAssignmentItemsColumn.php

have problem its check whether logined user is admin instead of user of that row.

so even for non-admin user it will show ‘Administrator’ instead of Assigned items

15

A trivial question but is there a tutorial of how to setup this extension with CPhpAuthManager. To be honest I am struggling to understand how it all fits together and each time I go to the guide to search for guidance I’m thrown away.

[list=1]

[*]I previously was using the basic authentication method using the accessRules() of the Controller and with accessControl in filters.

[*]I managed so far to install the extension along with Bootstrap, set it up to use the bootstrap theme and configure the main.php as per the instructions.

[*]I created a user table with id,name,username,password and role fields and updated the UserIdentity.php authenticate() method to check for the user in the DB. That’s working fine.

[]I went into r=auth with user <<admin>>, and setup several operations like this: item.

[]I created a task name itemAdmin whose child is the item. operation

[*]I created a role named admin whose child is itemAdmin.

[*]I assigned this role to my <<someuser>> user.

[/list]

When loging in as <<someuser>> and trying to access any of the controller actions it says Error 401 Permission denied.

What do I do with the accessControl and accessRules? Do I have to change that?

Now how do I move forward from here?

16

Well this might be kind of embarrassing since for many this might have been obvious but for the few others that could be struggling these are the steps I took to get it to work. Hope it helps someone.

These are the steps I followed to achieve the use of Auth with CPhpAuthManager.

  1. Create a table and model user with id,name,username,password,role.

  2. Add one user:

[indent]

name= Administrator

username = admin

password = admin

role = admin

[/indent]

  1. Create a basic auth.txt and auth.php file in protected/data (follow Wiki mentioned below)

  2. Install Auth and Bootstrap

Configure the authManager component




'authManager' => array(

	'class'=>'CPhpAuthManager',

	'behaviors' => array(

		'auth' => array(

			'class' => 'auth.components.AuthBehavior',

			'admins'=>array('admin'), // users with full access

		),

	),

),

  1. Copy the Bootstrap theme into application themes and rename as bootstrap

  2. For theming only the Auth module had to configure Auth to use the theme layout located in themes/bootstrap/views/layouts/main.php

  3. Modify UserIdentity




private $_id=null;


public function getId()

{

	return $this->_id;

}

In the authenticate() function:




$this->_id=$user->id;

$this->username=$user->username;




$auth=Yii::app()->authManager;

if(!is_null($user->role)){

    if(!$auth->isAssigned($user->role,$this->_id))

    {

        if($auth->assign($user->role,$this->_id))

        {

            Yii::app()->authManager->save();

        }

		

    }

}
  1. Modify Controllers:



public function filters()

{

	return array(

		//'accessControl',

		array('auth.filters.AuthFilter'),

		'postOnly + delete',

	);

}

	

public function accessRules()

{

        /* ..... */

}

  1. Login as admin

  2. navigate to r=auth

  3. Create some operations in the form controllerId.*

  4. Create tasks and add operations to them

  5. Create roles and add tasks or operations to them

  6. Assign roles to the users (the Auth module reads them from the Database).

  7. In a wiki (http://www.yiiframework.com/wiki/65/how-to-setup-rbac-with-a-php-file#hh4) read that you should revoke all assigned operations to the user upon logout, not sure if really needed.

17

yes i found this problem too.

i remove the if check (on line 36 of AuthAssignmentItemsColumn.php) and the problem seem to solve

18

Me too solved the porblem by editng widgets/AuthAssignmentItemsColumn.php

i used it with Yii user extension so i changed it like below





$userArr=Yii::app()->getModule('user')->getAdmins();

		if (in_array($data->username, $userArr)) 

			echo Yii::t('AuthModule.main', 'Administrator');

		else

		{
19

I use the following in config/main.php




return array(

  'modules' => array(

    'auth',

  ),

  'components' => array(

    'authManager' => array(

      .....

      'behaviors' => array(

        'auth' => array(

          'class' => 'auth.components.AuthBehavior',

          'admins'=>array('admin', 'foo', 'bar'), // users with full access

        ),

      ),

    ),

    'user' => array(

      'class' => 'auth.components.AuthWebUser',

    ),

  ),

);

I get error

If I comment line

‘admins’=>array(‘admin’, ‘foo’, ‘bar’), // users with full access

error goes off. Is this a bug?

20

You can remove specific actions from the access filtering like this:




public function filters()

{

    return array(

        array('auth.components.AuthFilter - guestAction1, guestAction2, ...'),

    );

}

Likewise you can specify which actions should be filtered by changing the minus sign to plus.

21

Update your authManager array like this


'authManager' => array(

    'behaviors' => array(

        array(

            'class' => 'auth.components.AuthBehavior',

            'admins' => array('admin', 'foo', 'bar'), // users with full access

        ),

    ),

),
22

Hello,

Somone knoe how to extends the class AuthWebUser ?

I did that :

main.php




'user'=>array(

            'class' => 'QWebUser',// 'auth.components.AuthWebUser',//'QWebUser',

			// disable cookie-based authentication

			'allowAutoLogin'=>false,

            'authTimeout'=>120000,

		),

and I extends My class QWebUSer :




class QWebUser extends AuthWebUser

{

I got this error :

HOw can I do?

Thanks

Nath

23

In srbac there is an option to set ‘debug’=>true in module config, which is very useful when I run benchmark tests for instance. Is there any way to do something similar in auth?

24
  1. Download the latest release from Yii extensions Auth.

and placed under folder protected/modules, if not please create one folder named modules

2)Then protected/config/main.php

on module array add




	'modules'=>array(

      		.........

      		'auth', 

      		

  		),

OR





'modules'=>array(

 	.........


  'auth' => array(

	'strictMode' => true, // when enabled authorization items cannot be assigned children of the same type.

	'userClass' => 'User', // the name of the user model class.

	'userIdColumn' => 'id', // the name of the user id column.

	'userNameColumn' => 'name', // the name of the user name column.

 	'appLayout' => 'application.views.layouts.main', // the layout used by the module.

	'viewDir' => null, // the path to view files to use with this module.

  ),


  ),

in components array





  'components' => array(

    'authManager' => array(

 	......

      'behaviors' => array(

        'auth' => array(

          'class' => 'auth.components.AuthBehavior',

          'admins' => array('admin', 'foo', 'bar'), // users with full access

        ),

      ),

    ),

    'user' => array(

      'class' => 'auth.components.AuthWebUser',

    ),

  ),

Please note that while the module doesn’t require you to use a database, if you wish to use CDbAuthManager you need it’s schema (it can be found in the framework under web/auth/schema-mysql.sql(if mysql is using), and it import to your db).

	also change the authManager array to 




   'authManager' => array(

  		'class' => 'CDbAuthManager',

  		'connectionID' => 'db',

  		'behaviors' => array(

			'auth.components.AuthBehavior',

  		),

      	),

and in main controller please use




	public function filters()

	{

  	return array(

    	array('auth.filters.AuthFilter'),

  	);

	}

auth module will ready to use index.php?r=auth with normal template

  1. if you want to use bootstrap pleas do as below

    download bootstrap from http://www.yiiframew…nsion/bootstrap and placed under protected/extension/bootstrap

    then copy the theme from bootstrap to theme folder under you webapplication/themes/

    Top of the protected/config/main.php add


	Yii::setPathOfAlias('bootstrap', dirname(__FILE__).'/../extensions/bootstrap');

in components array




   'bootstrap'=>array(

				'class'=>'bootstrap.components.Bootstrap',

  		),


and change appLayout from auth array as below




    modules =array(

		

		auth=>array(

  		......

		'appLayout' => 'webroot.themes.theme.views.layouts.main', // the layout used by the module.

				)

    	),
25

Is there a way to get the Role of the logged in user just like you could in Rights with


$roles=Rights::getAssignedRoles(Yii::app()->user->Id);

I need it in order to show a different layout depending on the user role

26

I could not find any where how to get to the admin panel of the module, as in the demo mode.

27

Hi seoboot,

just to access the route ‘auth’: For instance http://localhost/fol...ndex.php?r=auth

ciao

8)