Need help understanding the permissions.
I have a test app setup along the guidelines of the Trackstar app.
Data
The roles are owner, member, reader and admin
ProjectUserForm.php via function assign() adds the bizRule to the tbl_auth_assignment to get the following data
itemname, userid, bizrule, data
‘admin’, ‘8’, NULL, ‘N;’
‘member’, ‘10’, ‘return isset($params[\“project\”]) && $params[\“project\”]->allowCurrentUser(\“member\”);’, ‘N;’
‘owner’, ‘9’, ‘return isset($params[\“project\”]) && $params[\“project\”]->allowCurrentUser(\“owner\”);’, ‘N;’
‘reader’, ‘11’, ‘return isset($params[\“project\”]) && $params[\“project\”]->allowCurrentUser(\“reader\”);’, ‘N;’
In the tbl_auth_item_child I have
owner createProject
admin owner
Problem
When I am in the context of a project
The following code in project/view.php works fine.
if(Yii::app()->user->checkAccess('readProject',array('project'=>$model)))
{
$this->menu[] = array('label'=>'List Project', 'url'=>array('index'));
}
But if I’m in project/index.php, the following code doesn’t work as expected.
if(Yii::app()->user->checkAccess('createProject'))
{
$this->menu[] = array('label'=>'Create Project - Auth', 'url'=>array('create'));
}
how to get this to work as there is no project in context.
The only role that shows this menu is ‘admin’ I would expect owner to as well.