A beta version with some bug fixes is available
http://www.yiiframework.com/extension/srbac
or
http://code.google.com/p/srbac/downloads/list
Main changes:
Enhancements
Bug Fixes
Updates
[Problem solved]
Hi all,
First, Spyros THANK YOU VERY MUCH for that fantastic module, it’s really good.
Well, I discovered SRBAC yesterday. I read the docs, I downloaded the files (1.2 and 1.3beta) and I tested them. It seems easy but… I setted ‘debug’ to false and it was impossible to do anything I hadn’t permissions to do nothing. I looked for the problem but… all the steps were well executed. I tried v1.2 and 1.3beta, but nothing.
I’m using Yii 1.1.8, SQLite, and so… What’s wrong? Well I decided to trace, debug and… FIGHT with the module. Finaly, I solved the problem. Basically, my problem is the line 30 of “/protected/modules/srbac/components/SDbAuthManager.php”:
$command->bindValue(':userid', $userId);
Well, the param “$userId” of ‘checkAccess’ is given to the method by CWebUser::getId() and i guess checkAccess expect to get a Integer value (the id of the user), but in my App CWebUser::getId() returns a string value (the login name of the user), I have a different MyCWebUser class (which extends CWebUser) i don’t know if that the problem. But don’t worry, I have replaced the above line with:
$user = Yii::App()->getModule('srbac')->getUserModel()->findByAttributes(array(Yii::App()->getModule('srbac')->username => $userId));
$command->bindValue(':userid', $user[Yii::App()->getModule('srbac')->userid]);
Notice that :userid now is replaced with the integer value of the users table.
Hope it will be helpful.
Regards from Spain,
Fine if you could solve the problem but maybe you could achive a simplier/better solution if you are simple returning an integer value from your getId() method. It is not very clear if you return the name of the user with a getId() function cause I would expect to return an id.
Also look at the Authentication section of the guide and check if you have overridden the getId() method of your UserIdentiy class. I’m not sure but maybe this could also solve the problem without touching the module code.
Thank you for your response. I haven’t overridden getId() method of mi UserIdentity class. In fact, the problem isn’t UserIdentity::getId(), is CWebUser::getId(). I use a class which extends CWebUser but this class don’t override getId() method neither. Curiously CWebUser::getId() returns a string, not a (numerical) id, and that was my problem. I’d really like to find the ‘basis’ problem with getId() but I’m a newbie in Yii.
Need help.
Thx all!
Hi again,
Diving into CWebUser, CUserIdentity and so… I’ve discovered a curious issue. We can read at the API (CWebUser page) this:
So… what about the implementation of my identity class? Well I use a UserIdentity which extends CUserIdentity (only to add some extrafields to session vars on login). That class implements 3 methods:
public function authenticate();
public function getUser();
public function setUser(array $user);
Ok, let’s go to CUserIdentity. Look at this (notice that i’m using Yii 1.1.8r3324):
/**
* Returns the unique identifier for the identity.
* The default implementation simply returns {@link username}.
* This method is required by {@link IUserIdentity}.
* @return string the unique identifier for the identity.
*/
public function getId()
{
return $this->username;
}
/**
* Returns the display name for the identity.
* The default implementation simply returns {@link username}.
* This method is required by {@link IUserIdentity}.
* @return string the display name for the identity.
*/
public function getName()
{
return $this->username;
}
… getId() returning ‘username’
? Is it correct?
Well, I got it. Overriding getId() in my UserIdentity class to do what it must to do (return de id value) has solved it. It now works like a charm.
Does it mean that ‘extending’ CUserIdentity and ‘overriding’ getId() is a MUST? Maybe but, I think it would be documented.
Thanks all
That was the point I have thought about when I wrote my last answer 
. Nice that you could solve it by simply overriding the getId() method.
getId() of UserIdentiy always returns the username by default but don’t ask what is the benefit of it. In nearly every authentication tutorial/wiki I have seen there is often the hint to override the getId() function.
So the answer to your question would be YES. It is a must to override the getId() method if you use an ID as unique identifier for your users.
Perfect. Now it’s clear.
Thank you for your time Kokomo.
Hey there, great extension. At first it wasnt clear to me that the userId get filled in automatically when you call checkaccess.
Hey, guys!
I’m trying to use SRBAC in my application which is modularized and i’ve got no success with submodules.
I see modules and its webcontroller, but I cannot see submodules and its controllers.
I have a BaseController which extends SBaseController, a BaseControllerBack which extends BaseController and a controller inside a submodule as:
modules.core.backend.ManageController, which extends BaseControllerBack
In autocreate authitems, SRBAC shows
Module*: core
WebController
but no signal of core.backend submodule and its controllers
Is there anything I’m missing?
Thanks in advance
Regards!!
I’ve changed my app structure to use subfolders for controllers under modules instead of submodules
Now SRBAC lists all the controllers, but cannot generate actions for controllers in subfolders of modules, for example:
/modules/core/controllers/backend/ThemeController.php
Firebug lists:
POST http://local.kmcms.com/srbac/authitem/scan/module/core/controller/backend.ThemeController
500 PHP Error
66ms
jquery.js (linha 7829)
CabeçalhosPostarRespostaHTML
<h1>PHP Error [2]</h1>
<p>include(backend.ThemeController.php): failed to open stream: No such file or directory (/srv/www/vhosts/kmcms/protected/yii118r3324/framework/YiiBase.php:421)</p>
<pre>#0 /srv/www/vhosts/kmcms/protected/yii118r3324/framework/YiiBase.php(421): CWebApplication->handleError()
#1 /srv/www/vhosts/kmcms/protected/yii118r3324/framework/YiiBase.php(421): autoload()
#2 unknown(0): autoload()
#3 /srv/www/vhosts/kmcms/protected/modules/srbac/controllers/AuthitemController.php(763): spl_autoload_call()
#4 /srv/www/vhosts/kmcms/protected/modules/srbac/controllers/AuthitemController.php(679): AuthitemController->_getControllerInfo()
#5 /srv/www/vhosts/kmcms/protected/yii118r3324/framework/web/actions/CInlineAction.php(50): AuthitemController->actionScan()
#6 /srv/www/vhosts/kmcms/protected/yii118r3324/framework/web/CController.php(300): CInlineAction->runWithParams()
#7 /srv/www/vhosts/kmcms/protected/yii118r3324/framework/web/CController.php(278): AuthitemController->runAction()
#8 /srv/www/vhosts/kmcms/protected/yii118r3324/framework/web/CController.php(257): AuthitemController->runActionWithFilters()
#9 /srv/www/vhosts/kmcms/protected/yii118r3324/framework/web/CWebApplication.php(277): AuthitemController->run()
#10 /srv/www/vhosts/kmcms/protected/yii118r3324/framework/web/CWebApplication.php(136): CWebApplication->runController()
#11 /srv/www/vhosts/kmcms/protected/yii118r3324/framework/base/CApplication.php(158): CWebApplication->processRequest()
#12 /srv/www/vhosts/kmcms/index.php(13): CWebApplication->run()
</pre>
Could anybody please give a hand on this? I have been using SRBAC for about 2 years but never used it with subfolders and now it is a must…
Again, thank you very much for any help.
Regards
Hello to all
I am using the srbac access control in my project.
I configured all the operations, tasks and roles, and then assigned some roles to a user.
But, the user can run all actions in the controller ( i think the permissions that assigned to the user have been ignored).
can you help me to solve this problem ?
best regards,
M. E.
Hi!
I started to use your SRBAC module and though the views shown on a test application were the one you provide, at my app there was no way to use it.
Followed step by step your configuration, but I use themes assigned on beforeAction of /protected/components/controller.php
Later on the 1.2 SRBAC documents (I use 1.3 Beta) you suggest to inherit from SBaseController to use all SRBAC power of my models.
I’ve modified init of your SrbacModule to assign Yii theme i use instead of layout property.
Yii::app()->theme = 'myTheme';
/*
if($this->layout =="") {
$this->layout = "application.views.layouts.main";
}
*/
The question here is:
How should i modify your SrbacModule init to be able to contribute with the little bit a know about themes?
My idea is: if there is not a defined theme (but where define that?, you never know my controller, and your init it’s before “beforeAction”), use the configuration indicated layout… if it’s not set, use the default one (application.views.layouts.main)
This need it’s because I pretend the user be able to select themes without compromising functionality…
Any suggestion?
Thanks in advance!!!
E.
Fantastic extension. Thank you very much for providing this to the Yii community.
I see a comment on the SRBAC extension page:
Click here to see comment
Are there any plans for the incorporation of roles consisting of other roles or operation, tasks consisting of other tasks, etc?
Thanks again. (My first post, but I am already starting work on the world’s best and most powerful Yii application. Or at least it will be to me!)
Hi All,
This might be a really stupid question but how do I specify that an action is allowed for any user who is authenticated? e.g. only logged in users may post a comment. I want this action to be available from signup rather than me having to go in and adding the new user to a postGroup for example.
One other thing I found. When I add an alwaysAllow through the GUI it writes it to the allowed.php as ‘club@ClubMembersIndex’ but when the check comes along the $access = ‘club@ClubmembersIndex’ (lowercase m). This fails the always allow check. Found out this happens if you use an urlManager and have caseSensitive=false. Just in case this helps anyone.
Many thanks!
Ross
Anyone!??
Hello all, I have the same error as Jose H. Milán. I’m stuck in the UserId & UserName Error Configuration. I was trying Jose’s solution but it doesn’t work .
I’m enclosing pictures, I’m using Yii 1.1.10, MySql , WAMP Server 2.1 .
Any help is appreciated.
Regards,
Diego.
I’m struggling with the installation off the SRBAC module in Yii.
I’ve recently had a server crash which forced me to host my website on another server. I took a complete copy off the db and htdocs and got the Yii application up and running on my new server.
Everything is working except for the SRBAC module which promps the message "Install SRBAC - SRBAC must be in debug mode".
When i put SRBAC in debug mode i get the install page of SRBAC. After i press the "intall" button on the bottom of the page It said my installation was complete, but it just redirects me to the install page again.
I’ve tried removing/clearing the srbac tables, I don’t get any errors while installing and I’m using an exact copy of my previous application/database.
Hi all
thank you for great job Spyros.
please help me with configuring SRBAC.
I have auto create tasks and operations, assigned roles to users, and removed control access.
But when I’m setting debug to true it gives me an error Property “IndexController.breadcrumbs” is not defined."
and when I’m setting it to false it gives me another error “Error:403 ‘You are not authorized for this action’”
hear is my configurations
<?php
return array(
'basePath' => dirname(__FILE__) . DIRECTORY_SEPARATOR . '..',
'name' => 'TicketBox',
'defaultController' => 'index',
// preloading 'log' component
'preload' => array('log'),
// autoloading model and component classes
'import' => array(
'application.models.*',
'application.components.*',
'application.modules.srbac.controllers.SBaseController',
),
'modules' => array(
// uncomment the following to enable the Gii tool
'admin_1995',
'gii' => array(
'class' => 'system.gii.GiiModule',
'password' => 'admin',
// If removed, Gii defaults to localhost only. Edit carefully to taste.
'ipFilters' => array('192.168.1.101', '::1', '192.168.1.155', '192.168.1.188'),
),
'srbac' => array(
'userclass'=>'User', //default: User
'userid'=>'id', //default: userid
'username'=>'username', //default:username
'delimeter'=>'@', //default:-
'debug'=>false, //default :false
'pageSize'=>10, // default : 15
'superUser' =>'Authority', //default: Authorizer
'css'=>'srbac.css', //default: srbac.css
'layout'=>'application.views.layouts.main', //default: application.views.layouts.main,
'notAuthorizedView'=> 'srbac.views.authitem.unauthorized', // default:
//srbac.views.authitem.unauthorized, must be an existing alias
'alwaysAllowed'=>array( //default: array()
'SiteLogin','SiteLogout','SiteIndex','SiteAdmin',
'SiteError', 'SiteContact'),
'userActions'=>array('Show','View','List'), //default: array()
'listBoxNumberOfLines' => 15, //default : 10
'imagesPath' => 'srbac.images',// default: srbac.images
'imagesPack'=>'noia', //default: noia
'iconText'=>true, // default : false
'header'=>'srbac.views.authitem.header', //default : srbac.views.authitem.header,
//must be an existing alias
'footer'=>'srbac.views.authitem.footer', //default: srbac.views.authitem.footer,
//must be an existing alias
'showHeader'=>true, // default: false
'showFooter'=>true, // default: false
'alwaysAllowedPath'=>'srbac.components', // default: srbac.components
// must be an existing alias )
),
),
// application components
'components' => array(
'user' => array(
// enable cookie-based authentication
'allowAutoLogin' => true,
// 'class' => 'Auth',
'loginUrl' => array('index/login'),
),
'authManager' => array(
// Path to SDbAuthManager in srbac module if you want to use case insensitive
//access checking (or CDbAuthManager for case sensitive access checking)
'class'=>'application.modules.srbac.components.SDbAuthManager',
// The database component used
'connectionID'=>'db',
// The itemTable name (default:authitem)
'itemTable'=>'items',
// The assignmentTable name (default:authassignment)
'assignmentTable'=>'assignments',
// The itemChildTable name (default:authitemchild)
'itemChildTable'=>'itemchildren',
),
'simpleImage' => array(
'class' => 'application.extensions.CSimpleImage.CSimpleImage',
),
// uncomment the following to enable URLs in path-format
'urlManager' => array(
'urlFormat' => 'path',
'rules' => array(
'<controller:\w+>/<id:\d+>' => '<controller>/view',
'<controller:\w+>/<action:\w+>/<id:\d+>' => '<controller>/<action>',
'<controller:\w+>/<action:\w+>' => '<controller>/<action>',
),
),
// 'db'=>array(
// 'connectionString' => 'sqlite:'.dirname(__FILE__).'/../data/testdrive.db',
// ),
// uncomment the following to use a MySQL database
'db' => array(
'class'=>'CDbConnection',
'connectionString' => 'mysql:host=localhost;dbname=ticketbox',
'emulatePrepare' => true,
'username' => 'root',
'password' => '',
'charset' => 'utf8',
),
'errorHandler' => array(
// use 'index/error' action to display errors
'errorAction' => 'index/error',
),
'log' => array(
'class' => 'CLogRouter',
'routes' => array(
array(
'class' => 'CFileLogRoute',
'levels' => 'error, warning',
),
// uncomment the following to show log messages on web pages
/*
array(
'class'=>'CWebLogRoute',
),
*/
),
),
),
// application-level parameters that can be accessed
// using Yii::app()->params['paramName']
'params' => array(
// this is used in contact page
'adminEmail' => 'webmaster@example.com',
),
);
regards
Artur
Try and drop the three tables and try again.
Yes PLEASE SOMEBODY HELP ON THIS.
Same problem with me i had drop the three tables but still says
[font=Verdana]
[/font]
[font=Verdana]Install Srbac[/font]<br style="font-family: Verdana; ">[font=Verdana]Error while installing srbac.[/font]<br style="font-family: Verdana; ">[font=Verdana]Please check your database and try again [/font]
Can someone help me out of here.
Trying to install srbac
This error message comes up
[color=#555555][font=Arial, Helvetica, sans-serif][size=2]Error while installing srbac.[/size][/font][/color]<br style="color: rgb(85, 85, 85); font-family: Arial, Helvetica, sans-serif; font-size: 13px; ">[color=#555555][font=Arial, Helvetica, sans-serif][size=2]Please check your database and try again[/size][/font][/color]
[color=#555555][font=Arial, Helvetica, sans-serif][size=2]
[/size][/font][/color]
[color=#555555][font=Arial, Helvetica, sans-serif][size=2]I had drop the three table before i do the installation.[/size][/font][/color]