[EXTENSION] Rights

Yii 1.1 Extensions
21

Hope i understood it well:

a task is a set of operations. I think about them as something like:

task (name = "forum management"){

operation (name = "create posts"),


operation (name = "update posts"),


operation (name = "delete posts"),

}

hope it helps! :)

22

Hello quangle,

You don’t need the Yii’s accessControl-method if you don’t use the accessControl-filter.

Also, in normal cases like yours, you don’t need to set any business rules.

Please read the “Role-Based Access Control”-section in Yii’s guide to Authentication and Authorization here:

http://www.yiiframework.com/doc/guide/topics.auth

23

Version 0.9.7 is now available.

New features are:

  • Flash messages

  • Support for module nesting

  • Sorting of authorization items

  • Hover functionality for the tables

  • Improved Installer

  • German translation (thanks g3ck0)

  • Italian translation (thanks joeysantiago)

I did a major code review during which I improved the code quality a bunch and even rewrote almost all comments. The overall quality of the module’s source code should now be pretty good.

The module documentation has also been updated and can be found at:

http://yii-rights.googlecode.com/files/yii-rights-doc.0.9.7.pdf

Enjoy!

24

Hello quangle,

This is an interesting idea but it could result in a potential security risk and would you really want to assign all index and view actions to one role/user instead of assigning them separately?

I could think of making a operation for accessing all actions within a controller, but I’m not sure that is needed either. What do you think?

25

Hi,

Maybe I’m doing something wrong, but installer fails with error Property “CDbAuthManager.itemWeightTable” is not defined.

And I’ve searched for this in google, no luck… Could tell me what am I doing wrong?

26

Hello speedster,

As noted on the project page there is an error in the documentation. Please change your authManager to use the class RightsAuthManager and it should work. I’ve already corrected this in the documentation and it will be corrected in the next version.

27

Version 0.9.8 is now available.

New features are:

  • Authorization item generator

  • Automated installer

  • Improved support for module nesting

  • Sorting of all types of authorization items

I’ve been working pretty hard on getting it ready so I hope it work well. In case you happen to find a bug please report it on google code. The authorization item generator should be of assistance when installing the module so that you don’t need to create all the items for the filter by hand.

The generator can be accessed from:

rights/setup/generate

The documentation has again been updated and can be found at:

http://yii-rights.googlecode.com/files/yii-rights-doc.0.9.8.pdf

Enjoy!

28

Great job, Chris!

I love the generator feature! It will save a lot of time to set up the whole access control.

I am very new to yii and I am trying to do something as bellow:

I have a button that calls to a action. Instead of user going to the page display the decline message, I try to hide the button from displaying.

e.g. on Post/Admin page, every record has "View", "Edit", "Delete" buttons. If user has no permission to "Edit", then this user can not see the "Edit" button at all.

I’m not sure how can it be done normally, but this is just my thought. Maybe there can be a API that returns true or false value, like:


Yii::app()->rights->isPermit

Or references of other approaches or tutorials will be highly appreciated.

Thanks again for your great effort.

Jun

29

We actually have that built in Yii’s access control.

With CMenu you can use:


'visible'=>Yii::app()->user->checkAccess('User.View')

or then you can of course put the link in an if-clause with a call to checkAccess.

You can read more about the checkAccess-method here:

http://www.yiiframework.com/doc/guide/topics.auth

If you wish to see how to use checkAccess in practice check out Yii’s blog demo with Rights which can be downloaded at:

http://yii-rights.googlecode.com/files/yii-blog-with-rights-0.9.8.r56.zip

Hopefully this helps. :)

30

Chris, thanks for the great work!

Right after I installed Rights following the installation guide from your PDF, Rights was not working. I had to create the Auth… tables myself. I am using Yii 1.1.3.r2247.

31

Hello Niels,

Did you install the latest version (0.9.8) or? I haven’t had any problems like yours while testing and I’ve tested it quite a lot, reinstalled and set up on different projects atleast a dozen of times.

What kind of problems did you encounter?

Also what version of the documentation did you follow?

32

I used Rights 0.9.8.r56 and I used this guide to install. When I visited /index.php?r=rights I got directly redirected to /index.php. I was logged in as admin.

33

In order for the install to when accessed it requires you to not have any of the tables for the Authorization Manaager (authitem, authchild, authassignment). If you do you need to drop them to install Rights.

34

I installed Rights 0.9.8. The installation and the automatic generation of authorization items worked without any problem.

However to make the ACAC (rights filter) work I had to change my user table setting the id = username.

If I leave the id of the User table set to autogenerated values (1,2,3…n) what happens is that the auth items are assigned to the id, and the checkAccess performed in the RightsFilter is done aginst the username, and therefore always fails.

I am new to Yii, so maybe something in my setup is wrong: I would appreciate any suggestion.

In any case, thanks for a great piece of code, very useful!

35

Hello Alichin,

Currently the user id column has to be id. However, in the next version it will be possible to configure the user id column name.

Glad you liked the module. I’m still working on it so there might still be some room for improvement.

36

Version 0.9.9 is now available.

New features are:

  • Separate views for creating operations, tasks and roles

  • Authorization item generation is now part of the modules core functionality

  • Installer can now be enabled/disabled and it’s possible to reinstall the module

  • Improved module configuration (e.g. flash message keys can now be set)

  • Rewritten style sheet to allow for easier styling

  • Updated translations

The documentation has been updated as well and can be found at:

http://yii-rights.googlecode.com/files/yii-rights-doc.0.9.9.pdf

Rights 1.0 is soon here. Thanks to everyone who’s taken part in testing the module.

I’d really like to get some feedback on the project. If you’ve tried the module please let me know what you think of it.

Enjoy!

37

Hi Chris,

I’ve installed and I’m ‘playing’ with your great Rights module and up to now everyting works just fine…

I thought I could contribute a little bit and so here is the french translation.

Hope this helps.

ciao

8)

38

Hi, I’m trying to install this extension but I’m getting this as an error instead:


The system is unable to find the requested action "install".
39

Hello Hallaj,

Seems like a minor bug has slipped through testing. To correct this problem please open the InstallController.php under the controllers directory, scroll down to line 37 and change:


$this->defaultAction = $this->_installer->isInstalled===true ? 'confirm' : 'install';

to:


$this->defaultAction = $this->_installer->isInstalled===true ? 'confirm' : 'run';

This issue has been fixed in 0.9.9b.

Sorry for the inconvenience.

40

Just a heads up.

Unpacking the 0.9.9 archive to ‘protected’ puts the ‘gii’ folder in another ‘protected’ folder like this:

/protected/protected/gii/

Just need to move ‘gii’ to /protected/gii/

Nice work by the way :)