Using srbac

Hi, I have successfuly installed the srbac extension (srbac_1.1.1_r209.zip) and created model and controller called Post which extends SBaseController. Then, I used the "Autocreate auth items" function in the srbac administration and assigned PostViewing task, which consists of PostIndex and PostView$id operations, to User, Authority and Administrator roles.

But it doesn’t work, I always get Error:403 ‘You are not authorized for this action’. What did I do wrong?

Is the user assigned one of those roles?

Yes, he is.

Verify if nothing went wrong when assigning the tasks and roles by checking the user’s assignments.

You can also try logging out and in again to renew you session cookie. Although it’s normally not necessary.

You should also check if the accessRules() method is empty in your postController.

Now I assigned all the roles, tasks and operations to the user and it still doesn’t work. I give up.

Ok, I did a fresh install of yii and the srbac module. I followed the instructions exactly step by step and I still get the same Error:403 ‘You are not authorized for this action’

Unless the author assumes I do something that is not written in the instructions…

Have you checked if the accessRules() method is empty in your postController?

Is the ‘superUser’ from the config a declared role?

I ran into the same problem, though it was limited to ‘View$id’, ‘Updated$id’ and ‘Delete$id’ set of operations on the model, and not ‘Index’, ‘Create’ or ‘Admin’ set of operations. I used ‘Autocreate auth items’ to create these operations as well and the authorization error showed up for all operations that had a ‘$id’ in their name. The problem went away when I removed the ‘$id’ from the name of these operations. That might be the issue. Am going to look for the code segment that does this in AuthItemController.php to see if that is indeed the problem.

The pattern matching in AuthItemController::_getControllerInfo() needs to be changed I believe. In controller functions such as actionIndex($id), the brackets are removed but the parameter (’$id’ here) is not removed using preg_replace, which leads to a name called ‘actionIndex$id’.

But fundamentally, I am assuming that having ‘$’ in the action name would not work and hence the problem with autocreate. Please correct me if I’m wrong.

Why, oh why… Of course I deleted the operations with $id in them and the rest magically started working. Thank you.

Now I only have to figure out how to make srbac work with yii-user module.