[EXTENSION] Rights

Yii 1.1 Extensions
461

help me somebody plz :unsure:

462

getName is the same like ->name

this is the yii magic getters and setters

463

Rights can now be forked on Bitbucket.

https://bitbucket.org/Crisu83/yii-rights

As a side-note I can mention that I have plans to take a look at Rights as soon as I can find the time and fix the reported issues and do some improvements. I won’t promise any date because I’m quite busy at work atm.

464

Hello there,

how can I get the bizRule and data of the current user role?

Thanks!

cbi

465

Hi,

i would like to populate a drop down list with users of a given role. Is there an easy way to do so? Did not find anything within this extension to list all users of a AuthItem.

Ideas?

  • Directly use SQL?

  • Adding AuthAssignment (table) as relation to the user model?

Cheers

Kano

466

Hi,

i am using rights and user extensions together. If user is logged in, how can i get his assigned role?

I want to generate menu items depending on user role. For example, if user has ‘Admin’ role, then backoffice link will be added etc.

I found that there is getIsSuperuser() function. But this is not execly what i am looking for.

467

Hey smck,

You can get the roles assigned to the currently logged in user by calling:




Rights::getAssignedRoles();
468

Thanks! Small example of how i proccess all assigned role names:




                    // Somewhere in menu layout

                    $userRoles=Rights::getAssignedRoles();


                    foreach($userRoles as $i)

                    {

                        switch($i->name)

                        {

                            case 'Admin':

                                echo '<li>'.CHtml::link(Yii::t('app', 'Backoffice'),array('/backoffice')).'</li>';

                                break;

                        }

                    }

Chris, maybe you can help me with my problem. I use CRUD to generate controllers and my CRUD template generates 2 classes for each controller:

[list=1]

[*]BaseNameController

[*]NameController

[/list]

BaseNameController gets all basic actions like admin, index, view, create, update etc. NameController extends BaseNameController and is empty by default. The problem appears when i try to generate auth items for my controllers and their actions. Rights module can generate auth items only for base controllers, because all child controllers don’t have actions at all. So i get list of items for base controllers, but i never access them directly. Is there some way to generate auth items for child controllers using actions from base controllers ? :huh:

469

Thanks for share! grettings from México :rolleyes:

470

Hi! well i am newbie in yii framework , i just see your post and also test your extension and i love it also i read you manual but still dont understand how can i implement in my project :-[ , so if you cant tell me step by step (please) i will apreciate,thanks man.

471

Hey again smck,

This is unfortunately not supported but nothing hinders you from creating those auth items manually.

472

I see, anyway thanks for great module.

473

Hi,

I have installed rights module and works fine.But I want to know why it doesn`t generate actions for right module itself? In the code I saw action generation skipped for right module. Is there any way to assign rights module actions to users?

Thanks

474

Property "CWebApplication.authManager" is read only.

Pls help me how do i solve this problem.

Thanks!!

475

Thanks for this extension!

I translated the core to dutch. (Netherlands / NL)

Cheers,

Jeroen

476

A few questions about Rights:

  • I understand ‘rights’ is the only filter I need to set? ‘accessControl’ is not needed anymore, correct?

  • Do I still need the accessrules() public function? If so, why?

  • I can’t use the following anymore (example), is there an alternative? Yii::app()->user->checkAccess(‘deleteUser’)

Thanks for helping me get a better understanding!

Edit: For #3, I see that it should be “Yii::app()->user->checkAccess(‘User.Delete’)”. I can’t find this in the documentation. (1.2.0) Maybe this would be a good addition? :)

Edit 2: I found a bug, the superuser can remove its own superuser rights. This shouldn’t be possible in an UAC application, only other superusers should have that right. (obvious reasons :))

477

Great extension!

The only extension for rights management which cares about usability. Other extensions have numerous tabs, controls, scary tables, drag-and-drop for primary functionality, expect dozens of clicks for trivial operations… It was a relief to find a concise, powerful extension with a simple (in a good way) interface. The permissions view is very helpful, especially in case of complex organization of auth items.

However, it’s still not an interface I’d give out to end-users. It’s very surprising for me that only one extension renders auth items as a tree (rbac-manager which I’m afraid to use, because it’s been released once and never updated since then).

I suggest the following interface for “rights/assignment/user” view. It renders a tree of auth items, with a checkbox next to each one. When a user clicks the submit button, newly checked items are assigned, newly unchecked items are revoked. When an auth item is checked, it’s children are grayed (and probably checked) to display that they’re inherited.

Depending on options, a tree can be completely expanded, expanded to a partilular level (either depending on auth item type (“expand roles”, “expand roles and tasks”), or number of levels (“expand up to level 2”)), as applications have different number of auth items.

I think it would be very convenient. First, it makes assignment or revocation of an auth item a matter of a single click. Second, no need for any additional confirmations, because before clicking “Assign” nothing is actually changed. Third, it would be easy to see what permissions the user actually has.

Second suggestion. List in the “rights/authItem/permissions” can also be turned into a tree. Currently, there’s no way to tell different types of auth items apart (they’re ordered by type, but that’s not sufficient). Also, considering the line height, the source of an inherited permission can be displayed below the “inherited” word.

Third suggestion. Reordering items by their “weight” is a good idea, but I’d rather see everything sorted by name. I don’t know about other RDBMS, but MySQL sorts by primary key which is name for all tables by default. However, it’s not reliable.

478

Constantly have a problem with timeout when I’m accessing the Rights.

Someone also has this problem or can help me solve it?

I am using XAMPP in the development environment.

479

Why are only superusers have access to the Rights module? Creating roles, tasks and operations is the developer’s task, so there’s nothing wrong with this attitude, but why not give users ability to manage assignments? This is what users do (admins that is), not the developer in most cases.

Oh well. It seems I have no choice. In order to let users manage assignments, I have to write my own code…

480

Can we combine rights with the solution described here?

http://www.yiiframework.com/wiki/63/organize-directories-for-applications-with-front-end-and-back-end-using-webapplicationend-behavior/

Because there might be controllers with the same name in frontend and backend I am wondering how we can assign different rules for frontend and backend. Any ideas?

BR

Sebastian