and what was the problem?
and what was the problem?
Well there was a two problem in my case.
1.Exception for AuthWebuser Class.:- i have fixed it by checking a component class alias.
2.Permission access issue :- Well actually admins array values are not present in the database and i was logged with the other user.That is why that error was occurring.So i have just define the default admins in database too which can access the Auth management. 
codesutra, please explain more fully. I can’t understand what did you do to solve the problem.
cappadochian, thank you, but you settings to main.php didn’t help me.
And another error - CWebApplication and its behaviors do not have a method or closure named "getLanguages".
Think something wrong with Bootstrap. There is “$languages = Yii::app()->getLanguages();” but in main.php I have no ‘getLanguages’. Did you make it work with bootstrap?
SOLVED! - Just dont use components/LanguageMenu.php and turn off it in views/layouts/main.php
Chris, what’s difference between ‘yiistrap’ and ‘yii-bootstrap’ extensions? Why do you become use yiistrap?
And what’s best - use CPhpAuthManager or use CDbAuthManager?
With the new version (1.6.0) I have a problem.
Property "AuthWebUser.admins" is not defined.
With version 1.4.1 everything is fine (with same config).
Hi Chris,
I’ve modified the view files to function without requiring bootstrap. In addition to the view files, I also had to modify a number of the files in the “widgets” directory, as they also used bootstrap-specific widgets.
Do you think others would be interested in a “strapless” version of auth? I’m happy to provide my changes if you would like to include them as an alternate set of view/widget files.
Does anybody know how to automatically assign role "Authenticated" when user registers himself, as it was in Rights?
Chris, in Rights you declare in RightsModule
/**
* @property string the name of the guest role.
*/
public $authenticatedName = 'Authenticated';
and we could use, for example, in modules/user/AdminController line: Rights::assign($authenticatedName, $model->id);
public function actionCreate()
{
$model=new User;
$profile=new Profile;
$this->performAjaxValidation(array($model,$profile));
if(isset($_POST['User']))
{
$model->attributes=$_POST['User'];
$model->activkey=Yii::app()->controller->module->encrypting(microtime().$model->password);
$profile->attributes=$_POST['Profile'];
$profile->user_id=0;
if($model->validate()&&$profile->validate()) {
$model->password=Yii::app()->controller->module->encrypting($model->password);
if($model->save()) {
$profile->user_id=$model->id;
$profile->save();
// assign user the 'Authenticated' role for Rights module
$authenticatedName = Rights::module()->authenticatedName;
Rights::assign($authenticatedName, $model->id);
}
$this->redirect(array('view','id'=>$model->id));
} else $profile->validate();
}
$this->render('create',array(
'model'=>$model,
'profile'=>$profile,
));
}
using method assign from modules/rights/components/Rights.php:
public static function assign($itemName, $userId, $bizRule=null, $data=null)
{
$authorizer = self::getAuthorizer();
return $authorizer->authManager->assign($itemName, $userId, $bizRule, $data);
}
I know it’s easy to change but why isn’t it possible to choose a role as a child of another role ?
Also, why isn’t it possible to manage bizrule/data columns ? Is it for security concerns ?
Just set strictMode to false for choosing role as a child:
‘modules’ => array(
'auth' => array(
'strictMode' => false, // when enabled authorization items cannot be assigned children of the same type.
'userClass' => 'Users',Ok thanks.
I don’t want to use bizrule in db + eval.
In our apps, we need to store that a given user has a given permission over 1 or n specific records of any given table.
Something like that, just for instance:
user1 can edit posts 1,34,45
user2 can edit any post
user3 can edit posts 3,34,56
user3 can edit comments 2,45,46
Do you think we can achieve that with the extension without using bizrule+data column ?
jpj, i use this auth - https://github.com/kakousis/yii-auth. It’s with bizrule, but not up to date. you need setup it yourself with last release of Chris.
It’s with OR without bizrule ? Because I try to avoid bizrule. Not secure.
It seems to me the link you gave leads to yii auth extension, classic one.
Chris’s Auth doesn’t have bizrule field in backend. And https://github.com/kakousis/yii-auth has. Or what do you need. What code is unsecure?
I need to manage something like the example I gave but without bizrule. It’s not serious to store PHP code in DB and process it with eval, even more for auth management.
Maybe I’ll do this:
Store in authAssignment.data a serialized array storing all the records ID associated with the authitem assigned.
I create a class that inherits CdbAuthManager to override checkAccess or I create another method to check the access, that doesn’t call evaluateBizrule() so it’s more secure, and it will perform the job the function I would have called in the bizrule would have done !
In case I do that, I’ll extend the extension: when creating an assignment, it’ll be possible to choose a table of the db, then it’ll be possible to choose 1 or more records of the chosen table. Their ID will be stored in authAssignment.data in a serialized array.
Thanks jpj, i was thinking about the same problem. Your idea is suitable in my opinion.
Hi GAdam,
please paste your related configs here if the problem goes on.
My question is not really about the extension: I’ve noticed that in your views, at the top of the files, you have a declaration of the vars used in the view, for example:
/* @var $this AssignmentController */
/* @var $model User */
/* @var $authItemDp AuthItemDataProvider */
/* @var $formModel AddAuthItemForm */
/* @var $form TbActiveForm */
/* @var $assignmentOptions array */
You write it manually or there’s a way to generate that ?
Thanks !
It did. Thanks.
One problem I am having with these RBAC modules is that there isn’t a user search. I find this to be a problem especially when a website grows very large, and you must search for a member in order to grant specific permissions.
Do you think you can add search/filter functionality in the next update?
Assign another user (from database) full access to the module yii-auth
By comments:
http://www.yiiframework.com/extension/auth/#c12898
http://www.yiiframework.com/extension/auth/#c12067
http://www.yiiframework.com/extension/auth/#c12065
I did this as follows way:
Create user admin2 in the database.
Create operation auth.* and assign it to the role Administrator.
Assign the Administrator role to the users admin and admin2.
Comment out the following code in auth/AuthModule.php:
/*
public function beforeControllerAction($controller, $action)
{
if (parent::beforeControllerAction($controller, $action))
{
$user = Yii::app()->getUser();
if ($user instanceof AuthWebUser)
{
if ($user->isAdmin)
return true;
}
else
throw new CException('WebUser component is not an instance of AuthWebUser.');
}
throw new CHttpException(401, Yii::t('AuthModule.main', 'Access denied.'));
}
*/
protected function preFilter($filterChain)
{
...
if (($module = $controller->getModule()) !== null){
$itemName .= $module->getId() . '.';
if (Yii::app()->user->checkAccess($itemName.'*')) return true;//Add this line
}
...
class AssignmentController extends AuthController
{
// Add this code
public function filters()
{
return array(
array('auth.filters.AuthFilter'),
);
}
...
Finish. Now it works as I want. Users admin and admin2 have access to the module yii-auth.
Also the following line in config/main.php no longer needed and I comment out it:
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=>true,
'class' => 'auth.components.AuthWebUser',
'behaviors' => array(
'auth' => array(
'class' => 'auth.components.AuthBehavior',
//'admins' => array('admin','admin2'), // Comment out it
)
),
),
Does anyone know of correct method to do this?
Best regards.