i’ve noticed strange issue but maybe it’s only lack of my knowledge about rbac
srbac uses userid which is identifier of user.
My user model has:
id,
username,
password,
etc.
so i set up ‘userid’ => ‘id’ in my config.
in AuthAssignment i’ve got an entry:
itemname, userid, bizrule, data
Administrator, 1, , s:0:"";
and the user is:
id, username, …
1, Administrator
It works fine in srbac admin module, but access to all other controllers actions is denied. I can’t do nothing.
I found that in CDbAuthManager.php:89 $command->bindValue(’:userid’,$userId); - the $userId is NAME of the already logged user - Administrator in that case.
So does srbac userid should be the same as username?
Thanks Spyros for a great module
[edit]
I will post Polish translation in few days.
[edit2 - almost solved]
The userId problem reason is in CUserIdentity.php:64 class. By default the Id of user is equal to it’s name:
public function getId()
{
return $this->username;
}
In my extending class i had to overwrite it to return my model’s id.
in protected/modules/srbac/views/authitem/tabViews/operationToTask.php file
is not work well in some browser.(in ie8,firefox,chrome,opera is work well,but in SogouExplorer ,Maxthon ,360safe which are made in china can’t work well).
and when I change the function’s third parameter to CClient:: POS_HEAD,it can work well in all above browser.
I could have sworn I was using the r165 version, but I must have accidentally copied the wrong directory to my server. Thanks, Spyros, love the work you’re doing.
I reported a defect through the submission, but apparently can not submit more than one as I now receive:
Forbidden
Your client does not have permission to get URL /p/srbac/issues/entry from this server.
Would you please also look at the following?
In IE8, Chrome FF3.5 on Vista the auto-complete in the manage view fails after three characters.
In IE8, Chrome FF3.5 on Vista clicking search or hitting enter does not return search results, but simply the full item list.
In IE8, Chrome FF3.5 on Vista choosing an item type from the dropdown does not filter the results (however if you click to a different page after selecting a type, the filter takes effect ‘most of the time’).
I Just installed the Extension and hat a problem with the SiteCaptcha and the SitePage when I used the always allow gui. Those two don’t have a action function.
Here my solution:
I created the file srbac/components/allowed_manual.php
In the manage/list view, the autocomplete widget uses match case at line 61. In AuthItemController, the autocomplete function uses the parameter (now toLower) to add a like condition at line 572. In postgres at least, I believe ‘auth’ !like ‘Auth’, the db field needs to be cased to lower as well.
In AuthItemController, an exception is thrown at line 578 if there were no results to loop through and assign to $valuesArray. Should the variable be assigned outside the conditional loop, or check the variable is set before echoing the results?
In AuthItemController, an exception is thrown in the list action because, in postgres at least, the condition ‘1’ does not evaluate to a boolean at line 460. Either ‘1=1’ or ‘true’ are acceptable.
Also, let me know if I can provide additional context for issue 48 in your google code tracker.
A couple additional google searches reveal these are indeed DB issues. I do not know what your ‘official’ supported list is, but here are the details for postgresql.
Reference:
Boolean evaluation of 1 would have to be quoted as ‘1’ to be valid, unlike MySQL
However, I have my config set to gui - here’s a snippet:
'modules'=>array(
'srbac' => array(
'userclass'=>'User', //optional defaults to User
'userid'=>'user_oid', //optional defaults to userid
'username'=>'email', //optional defaults to username
'debug'=>true, //optional defaults to false
'pageSize'=>10, //optional defaults to 15
'superUser' =>'Authority', //optional defaults to Authorizer
'layout'=>'application.views.layouts.main', //optional defaults to empty string
// must be an existing alias
'alwaysAllowed'=>array( //optional defaults to gui
'gui'
),
...
If I remove the ‘alwaysAllowed’ option from the configuration, I get this error:
Fatal error: Call to a member function getControllerPath() on a non-object in C:\xampplite\htdocs\agapeProject\app\protected\modules\srbac\controllers\AuthitemController.php on line 698