[EXTENSION] Rights

Hi Chris,

I read all posts but i cant locate a answer to my problem

I have screens working well but Permissions are not work

PHP Error


Undefined variable: permissions


C:\wamp\www\gu\protected\modules\rights\components\RAuthorizer.php(354)


342     {

343         if( $itemName!==null )

344         {

345             $item = $this->_authManager->getAuthItem($itemName);

346             $permissions = $this->getPermissionsRecursive($item);

347         }

348         else

349         {

350             foreach( $this->getRoles() as $roleName=>$role )

351                 $permissions[ $roleName ] = $this->getPermissionsRecursive($role);

352         }

353 

354         return $permissions;

355     }

356 

357     /**

358     * Returns the permissions for a specific authorization item recursively.

359     * @param CAuthItem the item for which to get permissions.

360     * @return array the section of the permissions tree.

361     */

362     private function getPermissionsRecursive(CAuthItem $item)

363     {

364         $permissions = array();

365          foreach( $item->getChildren() as $childName=>$child )

366          {

My config is

return array(

	'basePath'=>dirname(__FILE__).DIRECTORY_SEPARATOR.'..',

	'name'=>'XXXXX',	

	

    // user language (for Locale)

    'language'=>'pt_br',

 

	//language for messages and views

	'sourceLanguage'=>'pt_br',

 

    // charset to use

    'charset'=>'utf-8',


	// preloading 'log' component

	'preload'=>array('log'),


	// autoloading model and component classes

	'import'=>array(

		'application.models.*',

		'application.components.*',

		//YiiDebug

		'application.extensions.yiidebugtb.*', //our extension

		//rights extension

		'application.modules.rights.*', 

		'application.modules.rights.components.*', // Correct paths if necessary.

	),


	'modules'=>array(

		// uncomment the following to enable the Gii tool

		'gii'=>array(

			'class'=>'system.gii.GiiModule',

			'password'=>'1234',

		 	// If removed, Gii defaults to localhost only. Edit carefully to taste.

			'ipFilters'=>array('127.0.0.1','::1'),

		),

		//rights extension

		'rights'=>array( 

			'superuserName'=>'Admin', // Name of the role with super user privileges. 

			'authenticatedName'=>'Authenticated', // Name of the authenticated user role. 

			'userIdColumn'=>'id', // Name of the user id column in the database. 

			'userNameColumn'=>'username', // Name of the user name column in the database. 

			'enableBizRule'=>true, // Whether to enable authorization item business rules. 

			'enableBizRuleData'=>false, // Whether to enable data for business rules. 

			'displayDescription'=>true, // Whether to use item description instead of name. 

			'flashSuccessKey'=>'RightsSuccess', // Key to use for setting success flash messages. 

			'flashErrorKey'=>'RightsError', // Key to use for setting error flash messages. 

			//'install'=>true, // Whether to install rights. 

			'baseUrl'=>'/rights', // Base URL for Rights. Change if module is nested. 

			'layout'=>'rights.views.layouts.main', // Layout to use for displaying Rights. 

			'appLayout'=>'application.views.layouts.main', // Application layout. 

			//'cssFile'=>'rights.css', // Style sheet file to use for Rights. 

			'install'=>false, // Whether to enable installer. 

			'debug'=>true, // Whether to enable debug mode.

			//'defaultRoles'=>array('Guest'),

		),

	),




	// application components

	'components'=>array(

	

		'user'=>array(

			//rights extension

			'class'=>'RWebUser',

			// enable cookie-based authentication

			'allowAutoLogin'=>true,

		),

		//rights extension

		'authManager'=>array( 

		    'class'=>'CDbAuthManager',

			'connectionID'=>'db', // as in your database configuraiton

			'class'=>'RDbAuthManager', 	// provides support for authorization item sorting

										// assign default roles to all users, then use bizrules in Rights

			// to distinguish between 'Guest' and 'Authenticated' users

			'defaultRoles'=>array('Guest','Authenticated'), 

		),

		// uncomment the following to enable URLs in path-format

		/*

		'urlManager'=>array(

			'urlFormat'=>'path',

			'rules'=>array(

				'<controller:\w+>/<id:\d+>'=>'<controller>/view',

				'<controller:\w+>/<action:\w+>/<id:\d+>'=>'<controller>/<action>',

				'<controller:\w+>/<action:\w+>'=>'<controller>/<action>',

			),

		),

		*/

		

		'db'=>array(

			'connectionString' => 'sqlite:'.dirname(__FILE__).'/../data/testdrive.db',

		),

		// uncomment the following to use a MySQL database

		

		'db'=>array(

			'connectionString' => 'mysql:host=localhost;dbname=gudb',

			'emulatePrepare' => true,

			'username' => 'root',

			'password' => '',

			'charset' => 'utf8',

		),

		

		'errorHandler'=>array(

			// use 'site/error' action to display errors

            'errorAction'=>'site/error',

        ),

		'log'=>array(

			'class'=>'CLogRouter',

			'routes'=>array(

				array(

					'class'=>'CFileLogRoute',

					'levels'=>'error, warning, trace',

				),

				array( // configuration for the toolbar

					'class'=>'XWebDebugRouter',

					'config'=>'alignLeft, opaque, runInDebug, fixedPos, collapsed, yamlStyle',

					'levels'=>'error, warning, trace, profile, info',

					'allowedIPs'=>array('127.0.0.1','192.168.1.3'),

				),


				// uncomment the following to show log messages on web pages

				/*

				array(

					'class'=>'CWebLogRoute',

				),

				*/

			),

		),

	),


	// application-level parameters that can be accessed

	// using Yii::app()->params['paramName']

	'params'=>array(

		// this is used in contact page

		'adminEmail'=>'webmaster@example.com',

	),

	

	

);

Can you help me?

Thanks!

Dear Cris and All Friends,

I do not know what is happening, so I will spend as much information as possible in order to get help.

My Settings OS, Apache and PHP is:

• Linux desktop 2.6.35-22-generic #33-Ubuntu

• Apache/2.2.16 (Ubuntu)

• PHP 5.3.3-1ubuntu9.3 with Suhosin-Patch (cli)

First I tried installing the module using a standard application of rights generated by the console yiic. I used all the settings of the Manual version 1.2 issued by Cris and the module generates the error posted in the previous post.

Then I tried to use the blog module is already configured with the right to prevent configuration errors on my part and now the problem that arises is this:

The table "{{post}}" for active record class "Post" cannot be found in the database. 

/var/www/yiiRoot/framework/db/ar/CActiveRecord.php(2168)

The only thing I did was change the settings in the index.php and main.php file for connection to the database and uncomment the line to install the module and the problem keeps appearing.

I installed the database manually, but the error persists.

I’m not inexperienced in web programming and I’m not understand why all this is happening.

If anyone has any OS configuration, Apache, PHP, Yii Rights and that worked correctly, please be kind enough to pass for me to make my last attempt, before "throwing in the towel. "

Hugs to all

@Herbert,

I’m under the impression that your blog module used to work before installing Yii. Is this correct?

I would like to help, but I need more hints.

Could you please paste here the complete stack trace?

P.S.

Don’t throw your towel just yet.

@Herbert: Maybe this is again a case-sensitivity issue? Please make sure that table names and class names have the correct case. Your error would suggest that your post table is called "post" while the application is expecting it to be called "Post".

Hi, all Im just install Rights manager looks very very good

Great work

I was testing works great, but…

maybe is stupid question but I can`t figure out is possible in you manager :

• assign permission to role , then role to user.

I was trying to do in this way but for me doesn`t work only works if I assign permission or action to user ,

in this way if we have assign for each role some action is easy to assign just one role to user.

Forgive me if is this stupid question

Thank you

Darek

Hi, Chris83 thanks for good extension, it was easy to install and all work fine. Can you help me with question - how check has user this role or not. I mean something that:

if (Rights::userHasRoles($user_id,'role') {

...code... 

} else {

...another code...

}

I read manual and found func getAssignedRoles(), but how get role for compare with array that returned this function? Help, please.

Darek,

how? I’m not see on tab ‘permission’ any roles, only tasks and operations, but on tab roles you can group tasks and operations. Maybe I’m wrong…

Hi ShootNik thank you

I was fighting with rights all night yesterday :

My goal is to give role to user and role has permission to do some action is very simply but In rights manager it dosent work this I was trying everything…

I group

• operations to tasks

• then I add tasks to role and role to user

and for sure is not working in this way

I got message :

You are not authorized to perform this action.

Only is working when you add task to user and in task you have some operation …

thats working

But why you can`t add task to role …

Please is possible to do or not in rights manager …

Someone knows please help…

Darek

After group operations to tasks,tasks to role and role to user, on tab ‘permission’ assign task to role (by default it’s not assigned) - and must all work.

I can add task to role, but you wrote “permission to role” and I mistaken with terms… but may be I’m something not understand - my english not good.

Rights is now on Ohloh!

https://www.ohloh.net/p/yii-rights

@Darek & ShootNik: Could you please provide me steps to reproduce your problems and I’ll try to help you.

Chris83, there is no problem, only question how to implement a functional checking has user role or not. If it is offtopic - sorry…

Hi Chris. It’s the first time I use your module. I found it amazing. Thanks for the good work. O followed the docs instructions sharp. After i change the controller to extends RController and apply the filters rights the unauthenticated users lost access to the pages even if i go to permissions and assing it to guest users.

What am i doing wrong?

Hey ShootNik,

Actually you should not check for roles using CWebUser::checkAccess(), instead you should create an operation for what you want to check and assign that operation to the desired role.

All questions are welcome. I will try to help you as much as I can. Method Rights::getAssignedRoles() is mainly for situations such as when the role has been changed on the user update page you could get all the assigned roles, revoke them and assign the selected row.

Hey thiagovidal,

Have you configured your guest role as a default role for your authorization manager (authManager)? Also make sure that it’s not a case-sensitivity problem.

Hey dude. I just tried this

‘authManager’=>array(

'class'=>'application.modules.rights.components.RDbAuthManager',


'connectionID'=>'db',


'defaultRoles'=>array('Guest user', 'guest', 'Guest', 'guest user'),

),

Still not working! Any clues?

Sorry. My mistake. I tried to put a biz rule on guest role like Yii::app()->user->isGuest, I removed that and now it works.

Thanks. sorry for the Inconvenience.

No inconvenience. Good to hear that you got it sorted out.

Thanks for reply,

I want to check what content output to user, for example action Post.index:

if Autor - show articles, that written this user,

if Editor - show articles, that written by Autors, but still not published,

if Admin - show all articles as table,

if User - show last published article,

etc…

How this split by separate operation? In any case need to check role current user.

I am getting the following error after installing yii-rights…folder placed under…protected/modules/

Alias "rights.RightsModule" is invalid. Make sure it points to an existing PHP file

Is it possible to use Rights for access control across multiple subdomains? If so, how can this be accomplished?

Hello.

I have a fresh install of Yii and Rights and now anybody can access the Rights section, logged in or not.

How can I restrict acces to Rights only to a certain Role?