I started getting this same problem, as soon as I added the following to my Controller.php:
public function filters()
{
return array(
'rights',
);
}
There is probably a simple fix, can anyone help? Thanks!
I started getting this same problem, as soon as I added the following to my Controller.php:
public function filters()
{
return array(
'rights',
);
}
There is probably a simple fix, can anyone help? Thanks!
This error was because I hadn’t done all the necessary setup work. A guest role needed to be set up, and given access to the error action of the site controller. Also, it seems that the filters should be added to your individual controllers, not the main controller, Controller.php.
The following post and the 2 that follow it are very helpful in setting up yii-rights:
I have a question about setting up Yii-rights. The following code is supposed to be added to your controller.
public function filters()
{
return array(
'rights',
);
}
Is it OK to add it to the base controller (Controller.php) instead of having to add it to each controller? I assume then that the existing filter and access rules will still need to removed from each controller.
Thanks!
hi all, I got this problem when installation.
include(User.php): failed to open stream: No such file or directory
can anyone help? Thanks!
how to use rights from back end?
Thanks
Hi,
I am somewhat blocked.
$arrRoles = Rights::getAssignedRoles();
How do i capture the role or roles the current user?
Maybe something like this:
$arrRoles->getName;
But that does not work.
A quick help please.
Hi guys,
iv made the user class more comprehensive, i.e i have user management set up, what i need to do is link my user groups to rights’ roles automatically wen creating a new user i.e wen i create a new user using my user class, the assigned user group e.g manager should automatically be assigned to my manager role ive created with rights.
I translate the RIGHTS BD SCRIPT (blog-with-rights.sql) from MYSQL to MS SQL SERVER, i have one dude…
what is the equivalent in MS SQL SERVER to KEY FK_comment_post (post_id)
I actually set the script [blog-with-rights.sql] for MS SQL SERVER sintax:
--
-- Blog related queries.
--
CREATE TABLE blog_comment (
id int(11) NOT NULL IDENTITY(1,1),
content text NOT NULL,
status int(11) NOT NULL,
create_time int(11) DEFAULT NULL,
author varchar(128) NOT NULL,
email varchar(128) NOT NULL,
url varchar(128) DEFAULT NULL,
post_id int(11) NOT NULL,
PRIMARY KEY (id),
KEY FK_comment_post (post_id)
);
INSERT INTO blog_comment (id, content, status, create_time, author, email, url,
post_id) VALUES
(1, 'This is a test comment.', 2, 1230952187, 'Tester', 'tester@example.com', NULL, 2);
--
CREATE TABLE blog_lookup (
id int(11) NOT NULL IDENTITY(1,1),
name varchar(128) NOT NULL,
code int(11) NOT NULL,
type varchar(128) NOT NULL,
position int(11) NOT NULL,
PRIMARY KEY (id)
);
INSERT INTO blog_lookup (id, name, code, type, position) VALUES
(1, 'Draft', 1, 'PostStatus', 1),
(2, 'Published', 2, 'PostStatus', 2),
(3, 'Archived', 3, 'PostStatus', 3),
(4, 'Pending Approval', 1, 'CommentStatus', 1),
(5, 'Approved', 2, 'CommentStatus', 2);
--
CREATE TABLE blog_post (
id int(11) NOT NULL IDENTITY(1,1),
title varchar(128) NOT NULL,
content text NOT NULL,
tags text,
status int(11) NOT NULL,
create_time int(11) DEFAULT NULL,
update_time int(11) DEFAULT NULL,
author_id int(11) NOT NULL,
PRIMARY KEY (id),
KEY FK_post_author (author_id)
);
INSERT INTO blog_post (id, title, content, tags, status, create_time,
update_time, author_id) VALUES
(1, 'Welcome!', 'This blog system is developed using Yii. It is meant to demonstrate how to use Yii to build a complete real-world application. Complete source code may be found in the Yii releases.\r\n\r\nFeel free to try this system by writing new posts and posting comments.', 'yii, blog', 2, 1230952187, 1230952187, 1),
(2, 'A Test Post', 'Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.', 'test', 2, 1230952187, 1230952187, 1);
--
CREATE TABLE blog_tag (
id int(11) NOT NULL IDENTITY(1,1),
name varchar(128) NOT NULL,
frequency int(11) DEFAULT '1',
PRIMARY KEY (id)
);
INSERT INTO blog_tag (id, name, frequency) VALUES
(1, 'yii', 1),
(2, 'blog', 1),
(3, 'test', 1);
--
CREATE TABLE blog_user (
id int(11) NOT NULL IDENTITY(1,1),
username varchar(128) NOT NULL,
password varchar(128) NOT NULL,
salt varchar(128) NOT NULL,
email varchar(128) NOT NULL,
profile text,
PRIMARY KEY (id)
);
INSERT INTO blog_user (id, username, password, salt, email, profile) VALUES
(1, 'admin', '9401b8c7297832c567ae922cc596a4dd', '28b206548469ce62182048fd9cf91760', 'webmaster@example.com', NULL), -- password admin
(2, 'demo', '2e5c7db760a33498023813489cfadc0b', '28b206548469ce62182048fd9cf91760', 'webmaster@example.com', NULL); -- password demo
--
-- Rights related queries.
--
CREATE TABLE blog_authitem (
name varchar(64) NOT NULL,
type int(11) NOT NULL,
description text,
bizrule text,
data text,
PRIMARY KEY (name)
);
INSERT INTO blog_authitem (name, type, description, bizrule, data) VALUES
('Admin', 2, NULL, NULL, 'N;'),
('Authenticated', 2, 'Authenticated user', NULL, 'N;'),
('Comment.*', 1, 'Access all comment actions', NULL, 'N;'),
('Comment.Approve', 0, 'Approve comments', NULL, 'N;'),
('Comment.Delete', 0, 'Delete comments', NULL, 'N;'),
('Comment.Update', 0, 'Update comments', NULL, 'N;'),
('CommentAdministration', 1, 'Administration of comments', NULL, 'N;'),
('Editor', 2, 'Editor', NULL, 'N;'),
('Guest', 2, 'Guest user', NULL, 'N;'),
('Post.*', 1, 'Access all post actions', NULL, 'N;'),
('Post.Admin', 0, 'Administer posts', NULL, 'N;'),
('Post.Create', 0, 'Create posts', NULL, 'N;'),
('Post.Delete', 0, 'Delete posts', NULL, 'N;'),
('Post.Update', 0, 'Update posts', NULL, 'N;'),
('Post.View', 0, 'View posts', NULL, 'N;'),
('PostAdministrator', 1, 'Administration of posts', NULL, 'N;'),
('PostUpdateOwn', 0, 'Update own posts', 'return Yii::app()->user->id==$params["userid"];', 'N;');
--
CREATE TABLE blog_authitemchild (
parent varchar(64) NOT NULL,
child varchar(64) NOT NULL,
PRIMARY KEY (parent,child),
KEY child (child)
);
INSERT INTO blog_authitemchild (parent, child) VALUES
('Editor', 'Authenticated'),
('CommentAdministration', 'Comment.*'),
('Editor', 'CommentAdministration'),
('Authenticated', 'CommentUpdateOwn'),
('Authenticated', 'Guest'),
('PostAdministrator', 'Post.Admin'),
('Authenticated', 'Post.Create'),
('PostAdministrator', 'Post.Create'),
('PostAdministrator', 'Post.Delete'),
('PostAdministrator', 'Post.Update'),
('Guest', 'Post.View'),
('PostAdministrator', 'Post.*'),
('Editor', 'PostAdministrator'),
('Authenticated', 'PostUpdateOwn');
--
CREATE TABLE blog_authassignment (
itemname varchar(64) NOT NULL,
userid varchar(64) NOT NULL,
bizrule text,
data text,
PRIMARY KEY (itemname,userid)
);
INSERT INTO blog_authassignment (itemname, userid, bizrule, data) VALUES
('Admin', '1', NULL, 'N;'),
('Authenticated', '2', NULL, 'N;');
--
CREATE TABLE blog_rights (
itemname varchar(64) NOT NULL,
type int(11) NOT NULL,
weight int(11) DEFAULT NULL,
PRIMARY KEY (itemname)
);
INSERT INTO blog_rights (itemname, type, weight) VALUES
('Authenticated', 2, 1),
('Editor', 2, 0),
('Guest', 2, 2);
--
ALTER TABLE blog_authassignment
ADD CONSTRAINT blog_authassignment_ibfk_1 FOREIGN KEY (itemname)
REFERENCES blog_authitem (name) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE blog_authitemchild
ADD CONSTRAINT blog_authitemchild_ibfk_1 FOREIGN KEY (parent)
REFERENCES blog_authitem (name) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE blog_authitemchild
ADD CONSTRAINT blog_authitemchild_ibfk_2 FOREIGN KEY (child)
REFERENCES blog_authitem (name) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE blog_rights
ADD CONSTRAINT blog_rights_ibfk_1 FOREIGN KEY (itemname)
REFERENCES blog_authitem (name) ON DELETE CASCADE ON UPDATE CASCADE;
Hi Chris,
thanks for the great extension. I am trying to install it on the latest yii version.
Installing was fine, I can edit create and edit rights.
I have added following to one of my controllers
public function filters() {
return array('rights');
}
public function allowedActions() {
return 'index, view';
}
When I am calling the index action I get following exception:
Filter "rights" is invalid. Controller "ClubController" does not have the filter method "filterrights".
EDIT:
I forgot to extend Controller from RController (instead CController)!!!
SOLVED
Hi Sebastian,
I am guessing that you still need to have your controller extend RController instead of CController. At the top of Controller.php, change the first line to:
class Controller extends RController
Yours truly,
Bill
Hi Bill, thank you! Just in the moment of you post I was editing mine, because I saw the problem.
Your solution is correct!
Hi !!
Thanks for greate module !! I have small question, I’d like to setFlash messege any time user is redirect to page which need only authenticated users. At the moment user is redirected to my login page, but I’d like to sent a messege like ‘you need to login or whatever’. I’m using rights with yum, and I already did it for yum module. I had to change a bit my YumProfileController.
I also added this
<?php if(Yii::app()->user->hasFlash('info')): ?>
<div class="span-24">
<div class="flash-notice">
<?php echo Yii::app()->user->getFlash('info'); ?>
</div>
</div>
<?php endif; ?>
to my login view file. I’ve changed accessDenied in RController but didn’t help.
public function accessDenied($message=null)
{
if( $message===null )
$message = Rights::t('core', 'You are not authorized to perform this action.');
$user = Yii::app()->getUser();
if( $user->isGuest===true )
{
$user->loginRequired();
Yii::app()->user->setFlash('info','Dostep tylko dla zarejestrowanych uzytkowników. Zeby przejsc dalej prosze sie zalogowac, lub utworzyc nowe konto.');
}
else
throw new CHttpException(403, $message);
}
Does anyone know how to do it, if so please let me know.
Regards
lukBB
I’ve been going through the Agile Web Application Development with Yii 1.1 and PHP5 tutorial, and I’ve discovered that I cannot use the Rights extension with it.
Unfortunately, I only got the generic error message (“Error, An error occurred while installing Rights. Please try again or consult the documentation.”), so I had to trace through the code to figure out what’s wrong.
Apparently, installation failed because I already had the AuthItem, AuthChild, and AuthAssignment tables. The drop commands in the schema failed because of foreign key constraints.
I’m not quite sure what can be done about this, but I was thinking it would be nice to at least include the error message instead of displaying the generic one.
I could only help you with the foreign key issue. You can disable foreign checks with the following command
SET foreign_key_checks = 0;
DROP TABLE ...
SET foreign_key_checks = 1;
You don’t need to drop the tables if you already have the tables to be used by rights module. Just define the appropriate table name in your config/main.php just like this:
'authManager' => array(
'class' => 'RDbAuthManager',
'assignmentTable' => 'authassignment',
'itemTable' => 'authitem',
'itemChildTable' => 'authitemchild',
'rightsTable' => 'rights',
),
I have changed the names of rights module tables so as to be consistent with the other tables. You can do the same so there’s no need to drop the tables that you have setup.
But of course, compare the tables if they have the same columns.
Hey,
I’m currently really busy with another project of mine so I’m sorry if I haven’t been able to answer. Fortunately there seems to be enough people willing to help others solve their issues with Rights.
Thanks to everyone for keeping Rights alive. 
how to implement DeleteOwnPost ?, i try copy from UpdateOwnPost not working…
public function filters()
{
return array(
'updateOwn + update',
'deleteOwn + delete',
'rights',
);
}
public function filterUpdateOwn($filterChain)
{
$post=$this->loadModel();
if(Yii::app()->user->checkAccess('PostUpdateOwn', array('userid'=>$post->author_id)))
$filterChain->removeAt(1);
$filterChain->run();
}
public function filterDeleteOwn($filterChain)
{
$post=$this->loadModel();
if(Yii::app()->user->checkAccess('PostDeleteOwn', array('userid'=>$post->author_id)))
$filterChain->removeAt(1);
$filterChain->run();
}
public function actionDelete()
{
if(Yii::app()->request->isPostRequest)
{
$this->loadModel()->delete();
if(!isset($_GET['ajax']))
$this->redirect(array('index'));
}
else
throw new CHttpException(400,'Invalid request. Please do not repeat this request again.');
}
thanks for a great extension. rights?
Hey tuna,
Change the following line:
$filterChain->removeAt(1);
to…
$filterChain->removeAt(2);
This is kind of a hack but I haven’t figured out a better way to do this. The number given to the argument is the index of ‘rights’ in your filters. In your case the index is 2 not 1.
Let me know if it works.
hi chris, thanks for your response,
it’s work now, first code it’s right. sorry… maybe i miss something at permission or other,
but work using $filterChain->removeAt(1); at filterDeleteOwn
public function filters()
{
return array(
'updateOwn + update',
'deleteOwn + delete',
'rights',
);
}
public function filterUpdateOwn($filterChain)
{
$post=$this->loadModel();
if(Yii::app()->user->checkAccess('PostUpdateOwn', array('userid'=>$post->author_id)))
$filterChain->removeAt(1);
$filterChain->run();
}
public function filterDeleteOwn($filterChain)
{
$post=$this->loadModel();
if(Yii::app()->user->checkAccess('PostDeleteOwn', array('userid'=>$post->author_id)))
$filterChain->removeAt(1);
$filterChain->run();
}
i still don’t get it, argument index ‘rights’ filter removeAt(2) error
<p>List index "2" is out of bound. CList.php:207</p>