[Extension] Auth

Yii 1.1 Extensions
15

A trivial question but is there a tutorial of how to setup this extension with CPhpAuthManager. To be honest I am struggling to understand how it all fits together and each time I go to the guide to search for guidance I’m thrown away.

[list=1]

[*]I previously was using the basic authentication method using the accessRules() of the Controller and with accessControl in filters.

[*]I managed so far to install the extension along with Bootstrap, set it up to use the bootstrap theme and configure the main.php as per the instructions.

[*]I created a user table with id,name,username,password and role fields and updated the UserIdentity.php authenticate() method to check for the user in the DB. That’s working fine.

[]I went into r=auth with user <<admin>>, and setup several operations like this: item.

[]I created a task name itemAdmin whose child is the item. operation

[*]I created a role named admin whose child is itemAdmin.

[*]I assigned this role to my <<someuser>> user.

[/list]

When loging in as <<someuser>> and trying to access any of the controller actions it says Error 401 Permission denied.

What do I do with the accessControl and accessRules? Do I have to change that?

Now how do I move forward from here?

16

Well this might be kind of embarrassing since for many this might have been obvious but for the few others that could be struggling these are the steps I took to get it to work. Hope it helps someone.

These are the steps I followed to achieve the use of Auth with CPhpAuthManager.

  1. Create a table and model user with id,name,username,password,role.

  2. Add one user:

[indent]

name= Administrator

username = admin

password = admin

role = admin

[/indent]

  1. Create a basic auth.txt and auth.php file in protected/data (follow Wiki mentioned below)

  2. Install Auth and Bootstrap

Configure the authManager component




'authManager' => array(

	'class'=>'CPhpAuthManager',

	'behaviors' => array(

		'auth' => array(

			'class' => 'auth.components.AuthBehavior',

			'admins'=>array('admin'), // users with full access

		),

	),

),

  1. Copy the Bootstrap theme into application themes and rename as bootstrap

  2. For theming only the Auth module had to configure Auth to use the theme layout located in themes/bootstrap/views/layouts/main.php

  3. Modify UserIdentity




private $_id=null;


public function getId()

{

	return $this->_id;

}

In the authenticate() function:




$this->_id=$user->id;

$this->username=$user->username;




$auth=Yii::app()->authManager;

if(!is_null($user->role)){

    if(!$auth->isAssigned($user->role,$this->_id))

    {

        if($auth->assign($user->role,$this->_id))

        {

            Yii::app()->authManager->save();

        }

		

    }

}
  1. Modify Controllers:



public function filters()

{

	return array(

		//'accessControl',

		array('auth.filters.AuthFilter'),

		'postOnly + delete',

	);

}

	

public function accessRules()

{

        /* ..... */

}

  1. Login as admin

  2. navigate to r=auth

  3. Create some operations in the form controllerId.*

  4. Create tasks and add operations to them

  5. Create roles and add tasks or operations to them

  6. Assign roles to the users (the Auth module reads them from the Database).

  7. In a wiki (http://www.yiiframework.com/wiki/65/how-to-setup-rbac-with-a-php-file#hh4) read that you should revoke all assigned operations to the user upon logout, not sure if really needed.

17

yes i found this problem too.

i remove the if check (on line 36 of AuthAssignmentItemsColumn.php) and the problem seem to solve

18

Me too solved the porblem by editng widgets/AuthAssignmentItemsColumn.php

i used it with Yii user extension so i changed it like below





$userArr=Yii::app()->getModule('user')->getAdmins();

		if (in_array($data->username, $userArr)) 

			echo Yii::t('AuthModule.main', 'Administrator');

		else

		{
19

I use the following in config/main.php




return array(

  'modules' => array(

    'auth',

  ),

  'components' => array(

    'authManager' => array(

      .....

      'behaviors' => array(

        'auth' => array(

          'class' => 'auth.components.AuthBehavior',

          'admins'=>array('admin', 'foo', 'bar'), // users with full access

        ),

      ),

    ),

    'user' => array(

      'class' => 'auth.components.AuthWebUser',

    ),

  ),

);

I get error

If I comment line

‘admins’=>array(‘admin’, ‘foo’, ‘bar’), // users with full access

error goes off. Is this a bug?

20

You can remove specific actions from the access filtering like this:




public function filters()

{

    return array(

        array('auth.components.AuthFilter - guestAction1, guestAction2, ...'),

    );

}

Likewise you can specify which actions should be filtered by changing the minus sign to plus.

21

Update your authManager array like this


'authManager' => array(

    'behaviors' => array(

        array(

            'class' => 'auth.components.AuthBehavior',

            'admins' => array('admin', 'foo', 'bar'), // users with full access

        ),

    ),

),
22

Hello,

Somone knoe how to extends the class AuthWebUser ?

I did that :

main.php




'user'=>array(

            'class' => 'QWebUser',// 'auth.components.AuthWebUser',//'QWebUser',

			// disable cookie-based authentication

			'allowAutoLogin'=>false,

            'authTimeout'=>120000,

		),

and I extends My class QWebUSer :




class QWebUser extends AuthWebUser

{

I got this error :

HOw can I do?

Thanks

Nath

23

In srbac there is an option to set ‘debug’=>true in module config, which is very useful when I run benchmark tests for instance. Is there any way to do something similar in auth?

24
  1. Download the latest release from Yii extensions Auth.

and placed under folder protected/modules, if not please create one folder named modules

2)Then protected/config/main.php

on module array add




	'modules'=>array(

      		.........

      		'auth', 

      		

  		),

OR





'modules'=>array(

 	.........


  'auth' => array(

	'strictMode' => true, // when enabled authorization items cannot be assigned children of the same type.

	'userClass' => 'User', // the name of the user model class.

	'userIdColumn' => 'id', // the name of the user id column.

	'userNameColumn' => 'name', // the name of the user name column.

 	'appLayout' => 'application.views.layouts.main', // the layout used by the module.

	'viewDir' => null, // the path to view files to use with this module.

  ),


  ),

in components array





  'components' => array(

    'authManager' => array(

 	......

      'behaviors' => array(

        'auth' => array(

          'class' => 'auth.components.AuthBehavior',

          'admins' => array('admin', 'foo', 'bar'), // users with full access

        ),

      ),

    ),

    'user' => array(

      'class' => 'auth.components.AuthWebUser',

    ),

  ),

Please note that while the module doesn’t require you to use a database, if you wish to use CDbAuthManager you need it’s schema (it can be found in the framework under web/auth/schema-mysql.sql(if mysql is using), and it import to your db).

	also change the authManager array to 




   'authManager' => array(

  		'class' => 'CDbAuthManager',

  		'connectionID' => 'db',

  		'behaviors' => array(

			'auth.components.AuthBehavior',

  		),

      	),

and in main controller please use




	public function filters()

	{

  	return array(

    	array('auth.filters.AuthFilter'),

  	);

	}

auth module will ready to use index.php?r=auth with normal template

  1. if you want to use bootstrap pleas do as below

    download bootstrap from http://www.yiiframew…nsion/bootstrap and placed under protected/extension/bootstrap

    then copy the theme from bootstrap to theme folder under you webapplication/themes/

    Top of the protected/config/main.php add


	Yii::setPathOfAlias('bootstrap', dirname(__FILE__).'/../extensions/bootstrap');

in components array




   'bootstrap'=>array(

				'class'=>'bootstrap.components.Bootstrap',

  		),


and change appLayout from auth array as below




    modules =array(

		

		auth=>array(

  		......

		'appLayout' => 'webroot.themes.theme.views.layouts.main', // the layout used by the module.

				)

    	),
25

Is there a way to get the Role of the logged in user just like you could in Rights with


$roles=Rights::getAssignedRoles(Yii::app()->user->Id);

I need it in order to show a different layout depending on the user role

26

I could not find any where how to get to the admin panel of the module, as in the demo mode.

27

Hi seoboot,

just to access the route ‘auth’: For instance http://localhost/fol...ndex.php?r=auth

ciao

8)

28

is there any way to auto generate task based on the action in controller using auth extension? like right extension.

29

Hi Guys,

fantastic extension!

  1. on Assignments page, all users are listed with Assigned items: Administrator

  2. I can’t see the CRUD buttons at the end of the lines

  3. there are no explanations of different items like on the demo site:

Authenticated: role

Administer posts: task

Post wildcard: operation

can you please try to explain me what can be the problem?

thanks for helping!

BR

c

30

Hi cappadochian,

The first problem is fixed on the lastest version (that you can from github). There’s no official release yet…

Then for the second problem, did you install the yii-bootstrap extension ? it is required for the page to display correctly.

Hope this helps

ciao

B)

31

Hi Raoul,

thank you so much. I’ll grab the latest release then from github. Yes of course, I have installed the yii bootstrap extension. I’ve got a notice “trying to get property of non-object” when I wanted to use the CSS but I’ve changed php.ini error reporting to … ~E_NOTICE so now it seems good. it seems the css is OK now, except the buttons. but maybe this notice has to do something with the missing CRUD buttons? I think the problem was something with


<link href="<?php echo Yii::app()->theme->baseUrl; ?>/css/...

should I turn back error reporting and try to find out what is wrong with this part? but I have no clue… that’s why I’ve turned error_reporting off… :/?

32

Hi I can’t login with the database users

My main.php





'import'=>array(

		'application.models.*',

		'application.components.*',

		'ext.giix-components.*', // giix components

		'application.modules.auth.*',

		'application.modules.auth.components.*',

		),


'modules'=>array(

		'auth' => array(

		'strictMode' => true, // when enabled authorization items cannot be assigned children of the same type.

		'userClass' => 'User', // the name of the user model class.

		'userIdColumn' => 'id', // the name of the user id column.

		'userNameColumn' => 'name', // the name of the user name column.

		'appLayout' => 'application.views.layouts.main', // the layout used by the module.

		'viewDir' => null, // the path to view files to use with this module.

		),

...


'components'=>array(

	

	'db'=>array(

			'class'=>'CDbConnection',

			'connectionString' => 'mysql:host=localhost;dbname=plataforma',

			'emulatePrepare' => true,

			'username' => 'root',

			'password' => '*******',

			'charset' => 'utf8',

			),

	

	'authManager' => array(

			'class' => 'CDbAuthManager',

			'connectionID' => 'db',

			'behaviors' => array(

                        'auth.components.AuthBehavior',

			),

			),

		

	'user'=>array(

			'class' => 'auth.components.AuthWebUser',

			'allowAutoLogin'=>true,

			),

			

			...

The UserIdentity.php




class UserIdentity extends CUserIdentity

{

	/**

	 * Authenticates a user.

	 * The example implementation makes sure if the username and password

	 * are both 'demo'.

	 * In practical applications, this should be changed to authenticate

	 * against some persistent user identity storage (e.g. database).

	 * @return boolean whether authentication succeeds.

	 */

	private $_id;

    public function authenticate()

    {

        $record=User::model()->findByAttributes(array('username'=>$this->username));

        if($record===null)

            $this->errorCode=self::ERROR_USERNAME_INVALID;

        else if($record->password!==md5($this->password))

            $this->errorCode=self::ERROR_PASSWORD_INVALID;

        else

        {

            $this->_id=$record->id;

            $this->setState('title', $record->title);

            $this->errorCode=self::ERROR_NONE;

        }

        return !$this->errorCode;

    }

 

    public function getId()

    {

        return $this->_id;

    }

}

My User table




CREATE TABLE `user` (

  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,

  `name` varchar(200) DEFAULT NULL,

  `username` varchar(100) DEFAULT NULL,

  `password` varchar(100) DEFAULT NULL,

  `role` varchar(100) DEFAULT NULL,

  PRIMARY KEY (`id`)

) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;

I always get "Incorrect username or password."

33

Hi,

I ever got this problem. In my case was that the password was md5 twice since I made a mistake on the saving process. I always md5 my password, so every time I save the model, the password is being md5 again and again. Check your saving process of your user.

Cheers,

Daniel

34

do you have a User model? UPDATE: I have checked and it seems it’s not really necessary, at least for me.

Yes, if you use auth, CWebUser handles login.

if you have this:


`username` varchar(100) DEFAULT NULL,

i guess this is not okay:


'userNameColumn' => 'name',

and should be this:


'userNameColumn' => 'username',

but maybe it has nothing to do with “Incorrect username or password.” I don’t know that.

UPDATE:


'userNameColumn' => 'username',

the documentation is a little bit confusing, it definitely has to be like this, but it’s only for the proper working of the auth module it has nothing to do with user login.