I did a major code review during which I improved the code quality a bunch and even rewrote almost all comments. The overall quality of the module’s source code should now be pretty good.
The module documentation has also been updated and can be found at:
This is an interesting idea but it could result in a potential security risk and would you really want to assign all index and view actions to one role/user instead of assigning them separately?
I could think of making a operation for accessing all actions within a controller, but I’m not sure that is needed either. What do you think?
As noted on the project page there is an error in the documentation. Please change your authManager to use the class RightsAuthManager and it should work. I’ve already corrected this in the documentation and it will be corrected in the next version.
I’ve been working pretty hard on getting it ready so I hope it work well. In case you happen to find a bug please report it on google code. The authorization item generator should be of assistance when installing the module so that you don’t need to create all the items for the filter by hand.
The generator can be accessed from:
rights/setup/generate
The documentation has again been updated and can be found at:
I love the generator feature! It will save a lot of time to set up the whole access control.
I am very new to yii and I am trying to do something as bellow:
I have a button that calls to a action. Instead of user going to the page display the decline message, I try to hide the button from displaying.
e.g. on Post/Admin page, every record has "View", "Edit", "Delete" buttons. If user has no permission to "Edit", then this user can not see the "Edit" button at all.
I’m not sure how can it be done normally, but this is just my thought. Maybe there can be a API that returns true or false value, like:
Yii::app()->rights->isPermit
Or references of other approaches or tutorials will be highly appreciated.
Right after I installed Rights following the installation guide from your PDF, Rights was not working. I had to create the Auth… tables myself. I am using Yii 1.1.3.r2247.
Did you install the latest version (0.9.8) or? I haven’t had any problems like yours while testing and I’ve tested it quite a lot, reinstalled and set up on different projects atleast a dozen of times.
What kind of problems did you encounter?
Also what version of the documentation did you follow?
I used Rights 0.9.8.r56 and I used this guide to install. When I visited /index.php?r=rights I got directly redirected to /index.php. I was logged in as admin.
In order for the install to when accessed it requires you to not have any of the tables for the Authorization Manaager (authitem, authchild, authassignment). If you do you need to drop them to install Rights.
I installed Rights 0.9.8. The installation and the automatic generation of authorization items worked without any problem.
However to make the ACAC (rights filter) work I had to change my user table setting the id = username.
If I leave the id of the User table set to autogenerated values (1,2,3…n) what happens is that the auth items are assigned to the id, and the checkAccess performed in the RightsFilter is done aginst the username, and therefore always fails.
I am new to Yii, so maybe something in my setup is wrong: I would appreciate any suggestion.
In any case, thanks for a great piece of code, very useful!
Seems like a minor bug has slipped through testing. To correct this problem please open the InstallController.php under the controllers directory, scroll down to line 37 and change: