Well, as far as I know, both modules come with an own web user class so you need to change either RWebUser to extend the yii-user’s web user or vice versa. If you need an own web user class you need to extend your application web user from the one extending the other. Please let me know if you don’t understand what I mean.
Thanks Chris. I got it working by extending RWebUser and loading the user model from yii-user. Since yii-user doesn’t use its own web user class, seemed easier that way
So, turns out it wasn’t resolved by updating to the current version, but I did figure out the problem. I thought I would share for the benefit of the forum.
I had logged in, enabled right, created roles, and assigned people to the roles (including admin). At that time, I hadn’t assigned operations to the roles yet.
Then left and came back the next day (and consequently logged out).
That is where the infinite redirect loop happened. To resolve, I commented out the filters in the primary controller, went into rights and added operations to the roles, logged out, uncommented the filters in the primary controller, and logged back in.
So another question for you Chris83… I have situation where I have an Accounts Model. An account will have multiple users. A user can be on multiple accounts as well. Here is the kicker, I would love to some how give a user a ROLE, based on their relationship with an Account.
i.e.
Account ACME
John Doe - Role: A
Jane Doe - Role: B
Jack Doe - Role: C
Account XYZ
Jack Doe - Role: B
Jane Doe - Role: D
Would that be possible? How would you approach it?
this is post is awesome, it has helped me setup rights & users together. though some contents are outdated, but using some best judgement and latest documentation from both, it worked like a charm!
‘application.modules.rights.components.*’, // Correct paths if necessary.
),
'modules'=>array(
// uncomment the following to enable the Gii tool
'gii'=>array(
'class'=>'system.gii.GiiModule',
'password'=>'xxx',
// If removed, Gii defaults to localhost only. Edit carefully to taste.
'ipFilters'=>array('127.0.0.1','::1'),
),
'user',
'rights'=>array( 'install'=>false, // Enables the installer.
),
),
'components'=>array(
'user'=>array(
// enable cookie-based authentication
'allowAutoLogin'=>true,
'loginUrl' => array('/user/login'),
'class'=>'RWebUser',
),
'authManager'=>array( 'class'=>'RDbAuthManager',
'defaultRoles'=>array('Guest'),
),
'rights'=>array( 'superuserName'=>'Admin', // Name of the role with super user privileges.
'authenticatedName'=>'Authenticated', // Name of the authenticated user role.
'userIdColumn'=>'id', // Name of the user id column in the database.
'userNameColumn'=>'username', // Name of the user name column in the database.
'enableBizRule'=>true, // Whether to enable authorization item business rules.
'enableBizRuleData'=>false, // Whether to enable data for business rules.
'displayDescription'=>false, // Whether to use item description instead of name.
'flashSuccessKey'=>'RightsSuccess', // Key to use for setting success flash messages.
'flashErrorKey'=>'RightsError', // Key to use for setting error flash messages.
'baseUrl'=>'/rights', // Base URL for Rights. Change if module is nested.
'layout'=>'rights.views.layouts.main', // Layout to use for displaying Rights.
'appLayout'=>'application.views.layouts.main', // Application layout.
'cssFile'=>'rights.css', // Style sheet file to use for Rights.
'install'=>false, // Whether to enable installer.
'debug'=>false, // Whether to enable debug mode.
),
),
follow rights documentation to make controller extend from RController as well as changing/removing your controller’s accessControl lines - this is also in rights documentation
hello, I did all that and it works fine…apparently !! I came across a series of thoughts when using these two modules. At first i thought I could avoid modifying the code of an extension to be able to update with no problem. But that is not possible. The yii user code must be modified if you want, for example, assign a default role to a freshly registered user or have multiple profiles by roles.
Secondly, I’ve created Authorization items for the user module so no user other then admin is able to see the default list given by index.php/user/ (index action). Without success ! However, this task is assigned to no role ! So only the admin should see the list, right ?
Furthermore, i’ve noticed that by seeing the list the user could also click on an item and go to the view detail !!!
What I did is edit the userController.php and modify the filter to comply with rights
return array(
'rights',
);
and remove the rule part.
Then there was an improvement, the list was still visible but not the view detail anymore.
So I have two questions :
Is changing the controllers of the user extension the right move or is there another way ?
Why the user.default.index is still accessible after having
a.Created the tasks related to these action in rights and assigned it to none
b.Modified the userController to the ‘rights’ sauce ?
guys, i have a funny problem, think anyone of you can fix it . i changed my default controller to my home controller and also ‘errorAction’=>‘home/error’, in my main config file after i install the ‘rights’ module. the module works fine but when i call any non permissioned action, it shows site/login in the url of the browser. but there is no controller named, ‘site’ in my application. please please can you guys help me a little ? <thanks, tanim>
calling a non permissioned action will redirect you to login page, which is determined by user component, it has nothing to do with errorHandler, so just try to specify correct login page in main config file like this:
'user'=>array(
.....
'loginUrl' => array('home/login'), // change this to proper location
),
I have such an error when try assign any user to any assignment:
CDbCommand не удалось исполнить SQL-запрос: SQLSTATE[23000]: Integrity constraint violation: 1452 Cannot add or update a child row: a foreign key constraint fails (events.authassignment, CONSTRAINT authassignment_ibfk_1 FOREIGN KEY (itemname) REFERENCES AuthItem (name) ON DELETE CASCADE ON UPDATE CASCADE). The SQL statement executed was: INSERT INTO AuthAssignment (itemname, userid, bizrule, data) VALUES (:itemname, :userid, :bizrule, :data)
what could be wrong?
Edit - Solved this problem by deleting all “rights” module’s tables, and then install rights module again (don’t touch yii-user module, it works ok). Error happened when foreign key has been deleted (it happens when i change table name by hands for example)
Try deleting the database tables, make your changes to the files (i.e. download, extract rights, make necessary changes to the config) and then navigate to http://yourdomain/rights. I’ve only installed this particular extension once a couple of months ago, but from memory you shouldn’t have to manually create the tables (I believe it does that for you).