Hello ClaCS,
This is a known bug which has been fixed in the newest release (r147), please update to fix this issue. Sorry for the late reply and the inconvenience caused by this.
Hello ClaCS,
This is a known bug which has been fixed in the newest release (r147), please update to fix this issue. Sorry for the late reply and the inconvenience caused by this.
Hi, I’m new in Yii and intend to use rights 1.3
So, I created ‘user’ table and with gii create its model class
Then, I got error message and can’t access rights page, in 1.2 no error message like this
is this what you mean in log
"Fixed the problem that access was granted to Rights when no superuser were found"?
Error 403
There must be at least one superuser!
How can I fix this? Should I insert one user first manually? just in ‘user’ table? what about other tables like authassignment,authitem,authitemchild, and rights?
is there any relationship with user table that I created?
thanks.
Hello feby_lho,
You need to run the installer because it seems that you do not have a superuser.
I’ve run the installer, but it just create authassignment, authitem, authitemchild, and rights, the user table did not created automatically, is this correct?
when I first run the installer, it show error message about user class, so I create user table manually first,
id, username, password, salt, email…
and then generate user model from gii. I run the installer again and show 403 about superuser, is there something wrong? or I have to configure any file first besides the configuration settings listed in docs?
thanks
Hi
I use rights and install it
all thing work good but only create action work with any users loged in to system.
for example i use model CVPost with create,index,admin,view,update .
i create two user one user have access create,index,admin,view and update
but user two only access update and view action.
my problem is user two can access to create action too.
what is problem?
i test it for general model and model in modules and its work same and not different
regards
Alex
You could try dropping all tables related to rights, set the install property to true (in your app config) and re-run the installer by going to the route /rights/install/. Let me know if this solves your problem.
Also, the user table/model is not related to Rights in any way. If you want a module for the user you could try out the yii-user. I haven’t tried if but I’ve heard that it’s great.
Hi Chris,
I’m trying to install Rights on a clean and empty environment. The DB only contains one table :
[sql]CREATE TABLE user (
id int(11) NOT NULL AUTO_INCREMENT,
name varchar(45) DEFAULT NULL,
PRIMARY KEY (id)
) [/sql]
… so I want to install Rights and so, set the corresponding parameter : install => true. Here is the Rights module declaration I use :
'rights'=>array(
'install'=>true,
'superuserName'=>'admin', // I have inserted it in the 'user' table
'userNameColumn'=>'name',
),
All other default parameter values are ok : the user model is ‘User’, column names are ok, etc …
But of course, when I go to rights, I get the following error :
[color="#555555"][font="Arial, Helvetica, sans-serif"][size="2"]
Error 403
There must be at least one superuser!
[/size][/font][/color]
[color="#555555"][font=“Arial, Helvetica, sans-serif”][/font][/color][font=“Arial, Helvetica, sans-serif”] [/font]I may have missed something but I can’t see what, so any help will be appreciated 
thanks for your help
Raoul
ps: one thing I’ve noticed is that accessRules in the InstallerController/Run , check for assignments (getAssignmentsByItemName) for the superUser (in my case ’ admin’). … but how come rights is looking for assignments when it is in the process of installing itself ? … forget it, I may have missed something 
I’ve tried this and re-run, then redirected to rights/install/ready, but the result still the same… 403 superuser
generated 4 MyISAM tables,
authassignment
itemname userid bizrule data
Admin admin NULL N;
authitem
name type description bizrule data
Admin 2 NULL NULL N;
Authenticated 2 NULL NULL N;
Guest 2 NULL NULL N;
authitemchild => empty
rights => empty
this is my configuration in config/main.php
<?php
// uncomment the following to define a path alias
// Yii::setPathOfAlias('local','path/to/local-folder');
// This is the main Web application configuration. Any writable
// CWebApplication properties can be configured here.
return array(
'basePath'=>dirname(__FILE__).DIRECTORY_SEPARATOR.'..',
'name'=>'Webapp',
// preloading 'log' component
'preload'=>array('log'),
// autoloading model and component classes
'import'=>array(
'application.models.*',
'application.components.*',
'application.modules.rights.*',
'application.modules.rights.components.*',
),
'modules'=>array(
// uncomment the following to enable the Gii tool
'gii'=>array(
'class'=>'system.gii.GiiModule',
'password'=>'gii',
// If removed, Gii defaults to localhost only. Edit carefully to taste.
'ipFilters'=>array('127.0.0.1','::1'),
),
'rights'=>array(
'install'=>true, // Enables the installer.
),
),
// application components
'components'=>array(
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=>true,
'class'=>'RWebUser',
),
// uncomment the following to enable URLs in path-format
'urlManager'=>array(
'urlFormat'=>'path',
'rules'=>array(
'<controller:\w+>/<id:\d+>'=>'<controller>/view',
'<controller:\w+>/<action:\w+>/<id:\d+>'=>'<controller>/<action>',
'<controller:\w+>/<action:\w+>'=>'<controller>/<action>',
),
),
/*
'db'=>array(
'connectionString' => 'sqlite:'.dirname(__FILE__).'/../data/testdrive.db',
),
*/
'authManager'=>array(
'class'=>'RDbAuthManager',
),
// uncomment the following to use a MySQL database
'db'=>array(
'connectionString' => 'mysql:host=localhost;dbname=skripsi2',
'emulatePrepare' => true,
'username' => 'root',
'password' => '',
'charset' => 'utf8',
),
'errorHandler'=>array(
// use 'site/error' action to display errors
'errorAction'=>'site/error',
),
'log'=>array(
'class'=>'CLogRouter',
'routes'=>array(
array(
'class'=>'CFileLogRoute',
'levels'=>'error, warning',
),
// uncomment the following to show log messages on web pages
/*
array(
'class'=>'CWebLogRoute',
),
*/
),
),
),
// application-level parameters that can be accessed
// using Yii::app()->params['paramName']
'params'=>array(
// this is used in contact page
'adminEmail'=>'feby_lho@mail.com',
),
);
thanks
… I tried again a fresh install and confirm that following tables are created :
They are also populated, however the problem seems to be that the authassignment table contains :
… Now if I manually edit the userid column and set its value to 1 (which is the id of the ‘admin’ user in the ‘user’ table) everything works fine.
Regards
The superuserName property is the name of the Role not the name of the user. The users are mapped to authorization items by their id (using the userIdColumn). You get that message if you don’t have any users that has the superuser role assigned to them.
Hi,
please add the fact to the documentation, that while installing ‘rights’ your current (logged in) user gets superuser privileges, see line 126, RInstaller.php:
// Assign the logged in user the superusers role.
$sql = "INSERT INTO {$assignmentTable} (itemname, userid, data)
VALUES (:itemname, :userid, :data)";
$command = $this->db->createCommand($sql);
$command->bindValue(':itemname', $this->superuserName);
$command->bindValue(':userid', Yii::app()->getUser()->id);
$command->bindValue(':data', 'N;');
$command->execute();
Or did I just overlook it?
And another little thing, I think the property $superuserName and $authenticatedName is a bit misleading, because they are roles?! I first thought I need a user called ‘Admin’.
/**
* @property string the name of the role with superuser privileges.
*/
public $superuserName = 'Admin';
/**
* @property string the name of the guest role.
*/
public $authenticatedName = 'Authenticated';
Keep up the good work!
Best regards,
schmunk
PS: Sorry if I am repeating things here, I haven’t read all 18 pages completely
Hi again,
I am playing around with rights and created a database migration for it:
<?php
class m110402_195159_init extends CDbMigration {
public function up() {
echo "*** WARNING ***\nJust for debugging - Primary Key definitions missing!\n\n";
$this->createTable("AuthAssignment", array(
"itemname" => "varchar(64) not null",
"userid" => "varchar(64) not null",
"bizrule" => "text",
"data" => "text",
), "");
$this->insert("AuthAssignment", array(
"itemname" => "Admin",
"userid" => "1",
"bizrule" => "",
"data" => "N;",
));
$this->createTable("AuthItem", array(
"name" => "varchar(64) not null",
"type" => "integer NOT NULL",
"description" => "text",
"bizrule" => "text",
"data" => "text",
), "");
$this->insert("AuthItem", array(
"name" => "Admin",
"type" => "2",
"description" => "",
"bizrule" => "",
"data" => "N;",
));
$this->insert("AuthItem", array(
"name" => "Authenticated",
"type" => "2",
"description" => "",
"bizrule" => "",
"data" => "N;",
));
$this->insert("AuthItem", array(
"name" => "Guest",
"type" => "2",
"description" => "",
"bizrule" => "",
"data" => "N;",
));
$this->createTable("AuthItemChild", array(
"parent" => "varchar(64) not null",
"child" => "varchar(64) not null",
), "");
$this->createTable("Rights", array(
"itemname" => "varchar(64) not null",
"type" => "integer NOT NULL",
"weight" => "integer NOT NULL",
), "");
}
public function down() {
$this->dropTable('AuthAssignment');
$this->dropTable('AuthItem');
$this->dropTable('AuthItemChild');
$this->dropTable('Rights');
}
/*
// Use safeUp/safeDown to do migration with transaction
public function safeUp()
{
}
public function safeDown()
{
}
*/
}
NOTE: Primary Keys currently missing! And a fixed SuperUserId at the moment! *** debug only ***
Would this be (also) an option for installing the module?
Because I am working on a unified way of installing module schemas.
Best regards,
schmunk
Hi Chris,
thanks for your fast reply.
[color="#1C2837"][size="2"]
[/size][/color]
[size=“2”][color="#1C2837"]Ok then, the superuserName refers to the Role name that should be assigned to the super user. To make things clear, I’ve change the config to : [/color][/size]
[size="2"][color="#1C2837"]
'rights'=>array(
'install'=>true,
'superuserName'=>'adminRole',
'userNameColumn'=>'name',
),
[/color][/size]
[size="2"][color="#1C2837"]After installation, the authassignment table has one single row for assigning the adminRole to the admin user ,[/color][/size]
[size=“2”][color="#1C2837"]However, the userid col value for this row is ‘admin’… where I think it should be 1 (which is the id of the user called admin in my DB).[/color][/size]
[size=“2”][color="#1C2837"]If I manually change it to 1 everything works fine …but I don’t understand why I had too. Did I do something wrong ?[/color][/size]
[size=“2”][color="#1C2837"][/color][/size]
[size="2"] [/size]
Hi Raoul,
I stumbled upon the same problem.
Which user identity do you use?
If you’re using the default one created by yii’s webapp skeleton your id is likely to be ‘admin’, because of:
public function authenticate()
{
$users=array(
// username => password
'demo'=>'demo',
'admin'=>'admin',
);
....
And http://www.yiiframework.com/doc/api/1.1/CUserIdentity#id-detail
If you’re using another user module (e.g. yii-user) you usually have a database model with a numeric id.
When installing ‘rights’ it creates a superuser for the currently logged in user. See http://www.yiiframework.com/forum/index.php?/topic/10556-extension-rights/page__view__findpost__p__89769
Please correct me if I am wrong.
Best regards,
schmunk
[size="3"]yesssss !!! you are 100% right schmunk !! [/size]
… I’m testing rights on a skeleton app and so I’m using the default UserIdentity class. I can now continue testing ‘Rights’
Thanks for your help !!
Ah yes, if you’re using the default user identity it won’t work because it uses the username as the user id, therefore it’s not suitable if you have a proper user table and active record.
You can use the UserIdentity -class from the Yii blog demo. Here’s a link to the source:
http://code.google.com/p/yii/source/browse/trunk/demos/blog/protected/components/UserIdentity.php
Also, Rights requires you to have a database because it’s built on the CDbAuthManager.
I tried and it works… so it’s related to id in user table in this case?
thank you so much both of you, this is what I’ve been searching for, I think you should add these notes on your docs Chris83, just my opinion 
Hi chris
please advice me for solve problem
thankx
Hello Chris83 thank you for answer You’re RIGHT 
The bug is solved in the r147 version … but the links in the first post in the first page aren’t updated 
http://www.yiiframework.com/forum/index.php?/topic/10556-extension-rights/
regards