Yii Basic + RBAC in php 7.2

photowebstyle · January 21, 2020, 3:25pm

Hi everyone, I’m not an expert on the framework, but by testing the various extensions for using RBAC with a BASIC template, I have not found any system working properly.
Would anyone know how to give me a tip? I am interested in a simple BASIC template with the implementation of RBAC as I need different solutions for accessing levels of responsibility.
Thank you in advance.
On GITHUB I have tried various solutions, but nothing stable.

samdark · January 21, 2020, 8:31pm

Do you mean UI extension for managing roles?

photowebstyle · January 24, 2020, 8:28am

First of all sorry for the delay of my answer but I wanted to try to solve using the most common extensions for RBAC and user management. Here are the data and the operations made:

Software used:
- Laragon Full 4.0.16
- Apache 2.4.41 x64
- Mysql 5.7.24 x64
- Php 7.2.19 ts x64 (originally I had version 7.4.1)
Framework
- Yii2 basic 2.0.32
Extensions installed
- yii2-usuario (installed through composer and performed the migrations, including the one created as a guide for the extension for creating the admin user and assigning the role)
Problem
- user / admin / index returns Forbidden 403 error, previously I checked the database if the admin user and assignments actually existed and after that I also tested the login successfully.

I don’t really understand where I’m wrong, here are the changes made:

config/console.php

   <?php

$params = require DIR . ‘/params.php’;
$db = require DIR . ‘/db.php’;

$config = [
‘id’ => ‘basic-console’,
‘basePath’ => dirname(DIR),
‘bootstrap’ => [‘log’],
‘controllerNamespace’ => ‘app\commands’,
‘aliases’ => [
‘@bower’ => ‘@vendor/bower-asset’,
‘@npm’ => ‘@vendor/npm-asset’,
‘@tests’ => ‘@app/tests’,
],
‘modules’ => [
‘user’ => [
‘class’ => Da\User\Module::class,
]
],
‘components’ => [
‘cache’ => [
‘class’ => ‘yii\caching\FileCache’,
],
‘log’ => [
‘targets’ => [
[
‘class’ => ‘yii\log\FileTarget’,
‘levels’ => [‘error’, ‘warning’],
],
],
],
‘db’ => $db,
‘authManager’ => [
‘class’ => ‘Da\User\Component\AuthDbManagerComponent’,
],
],
‘params’ => $params,
‘controllerMap’ => [
‘migrate’ => [
‘class’ => \yii\console\controllers\MigrateController::class,
‘migrationPath’ => [
‘@app/migrations’,
‘@yii/rbac/migrations’,
],
‘migrationNamespaces’ => [
‘Da\User\Migration’,
],
],
],
];

if (YII_ENV_DEV) {
// configuration adjustments for ‘dev’ environment
$config[‘bootstrap’][] = ‘gii’;
$config[‘modules’][‘gii’] = [
‘class’ => ‘yii\gii\Module’,
];
}

return $config;

config/web.php

<?php

$params = require DIR . ‘/params.php’;
$db = require DIR . ‘/db.php’;

$config = [
‘id’ => ‘basic’,
‘basePath’ => dirname(DIR),
‘bootstrap’ => [‘log’],
‘aliases’ => [
‘@bower’ => ‘@vendor/bower-asset’,
‘@npm’ => ‘@vendor/npm-asset’,
],
‘modules’ => [
‘user’ => [
‘class’ => Da\User\Module::class,
]
],
‘components’ => [
‘request’ => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
‘cookieValidationKey’ => ‘*****************************************’, --> secret key hide
],
‘cache’ => [
‘class’ => ‘yii\caching\FileCache’,
],
‘errorHandler’ => [
‘errorAction’ => ‘site/error’,
],
‘authManager’ => [
‘class’ => ‘Da\User\Component\AuthDbManagerComponent’,
],
‘mailer’ => [
‘class’ => ‘yii\swiftmailer\Mailer’,
// send all mails to a file by default. You have to set
// ‘useFileTransport’ to false and configure a transport
// for the mailer to send real emails.
‘useFileTransport’ => true,
],
‘log’ => [
‘traceLevel’ => YII_DEBUG ? 3 : 0,
‘targets’ => [
[
‘class’ => ‘yii\log\FileTarget’,
‘levels’ => [‘error’, ‘warning’],
],
],
],
‘db’ => $db,
/*
‘urlManager’ => [
‘enablePrettyUrl’ => true,
‘showScriptName’ => false,
‘rules’ => [
],
],
*/
],
‘params’ => $params,
];

if (YII_ENV_DEV) {
// configuration adjustments for ‘dev’ environment
$config[‘bootstrap’][] = ‘debug’;
$config[‘modules’][‘debug’] = [
‘class’ => ‘yii\debug\Module’,
// uncomment the following to add your IP if you are not connecting from localhost.
//‘allowedIPs’ => [‘127.0.0.1’, ‘::1’],
];

$config['bootstrap'][] = 'gii';
$config['modules']['gii'] = [
    'class' => 'yii\gii\Module',
    // uncomment the following to add your IP if you are not connecting from localhost.
    //'allowedIPs' => ['127.0.0.1', '::1'],
];

}

return $config;

If I go to the links index.php?r=user/admin/* tells me that I am not authorized.

The login and logut works perfectly.

Thank you in advance in any case and congratulations on your fantastic project!

samdark · January 24, 2020, 11:42am

Sorry but I can’t help you with yii2-usuario. Haven’t used it personally. Maybe @tonydspaniard or @maxxer can…

photowebstyle · January 24, 2020, 11:46am

Thanks a lot!

maxxer · January 24, 2020, 4:14pm

You likely need to set the administrators config option. That should allow you to manage users.

photowebstyle · January 24, 2020, 8:01pm

Great! I modifiy in config/web.php:

    'modules' => [
    'user' => [
        'class' => Da\User\Module::class,
        'administrators' => ['admin'],
    ]
],

It works! Thanks!

maxxer · January 27, 2020, 7:42am

I’ve added a note to the docs