Yii 1.1: srbac

A web interface for administration of rbac (CDbAuthManager)
69 followers

Srbac is a module that adds a graphic web interface for the administration of Yii rbac It uses the CDbAuthManager so it needs a database (MySQL and SQlite are tested) In this first alpha version you can do: Create, update and delete Auth items (roles, tasks, operations) Assign operations to tasks, tasks to roles and roles to users. After version 1.0.2 you can automatically create operations/task for you controllers' actions and use them without modifying your controllers' code just by extending SBaseController in your controllers. Also srbac supports nested modules and nested controllers (v1.1)

Resources

Documentation

Download full srbac 1.2 guide in pdf format

srbac 1.1 guide

Download full srbac 1.0.3 guide in pdf format

srbac 1.0.3 guide

Change Log

July 27, 2011

srbac 1.3beta

Enhancements
Added autocomplete textbox for searching in users assignments

Bug Fixes
Fixed static function call (issue 76)
Fixed controllers in sub directory not working properly (issue 73)
Fixed clever assigning (issue 77)

Updates
Added Czezh translation
Remove access to srbac granted to all until Authority role is assigned.

srbac 1.2

Enhancements
Added $delimeter parameter to SrbacModule (default "-")
Added ReturnUrl feature for expired sessions


Bug Fixes
Fixed SQLite compatibility issue
Fixed multiple ajax submits
Fixed bug with auth item delete
Fixed bug caused by auto param binding in yii 1.1.4 and above
Fixed “/” delimeter between module and authitem name causing errors with some UrlManager configurations by adding a delimeter parameter to srbacModule
Fixed a bug with Helper not imported
Fixed clever assigning
Fixed bug with actions contain the string "action"

Updates
Removed checkDefaultRoles function that does not exist anymore in CDbAuthManager

June 07, 2010

srbac 1.1.1

Enhancements
Added srbac.components.SDbAuthManager.php .You can set this as your AuthManager class in main.php configuration file if you want case insensitive access checking.

Bug fixes
Fixed bug when allowed.php did not return an array.

Updates
Added Lithuanian translation
Added Ukranian translation
Updated Spanish and Russian translation

May 04, 2010

srbac 1.1.1rc2

Enhancements
Detect actions that belong in controller's actions function (captchas etc)

April 24, 2010

srbac 1.1.1rc1

Enhancements
Added button to check for authItems not belonging to existing controller(due to controller deletion etc) then select which authItems to delete.
Show always allowed actions in users assignments
If checking db fails , check for lower-upper case issues and display a message
Added Hungarian translation
Show message when exception occurs during install
Bug Fixes
Fixed always allowed tab view being too short when there are not many controllers
Updates
Changed always allowed.Now the gui is always enabled and its' array is merged with the one defined by alwaysAllowed attribute (which can be a string, array or file)

March 21,2010

srbac 1.1.0.3

Bug fixes Fixed a compatibility issue with Yii 1.1.1

March 18,2010

srbac 1.1.0.2

Enhancements
always allow acces when srbac is in debug mode
Auth items are auto created only for controllers that extend SBaseController
Bug Fixes
Fixed IE bug when tab selection was not allowed in assign page
Fixed bug when layout is set to ‘main’
Change the character that indentifies a module in authItems from _ to /

If upgrading When upgrading to Version 1.1.0.2 (r174) you should change in auth items the ‘_’ character that identifies the modules to ‘/’.

January 23,2010

srbac 1.1.0.1

Bug Fix
Removed attribute layout since there's already a layout attribute in CWebModule

January 19, 2010

srbac 1.1.0

Enhancements
•Addded alwaysAllowedPAth attribute.
•Added bredcrumbs (hard coded)

Bug Fixes
•Fix alwaysAllowed bug when using srbac as submodule (fixes issue 38)
•Fix AlwaysAllowedFile creation
•Fixed css publishing
•Fixed css for tabview

Updates
•Updated Spanish translation
•Added Portuguese translation

December 7, 2009

srbac 1.1 RC

Enhancements
•Support for table prefix.
•Autocreate scans in subdirectories of controller paths.
•GUI for editing the alwaysAllowed list.
•Added onUnauthorizedAccess protected method in SBaseController.
•alwaysAllowed attribute can also accept an alias to a file that returns an array.
•alwaysAllowed and userActions can now be an array or a coma delimeted string.
•Add clever assigning of operations to tasks.
•Add configuration checking of attributes userid, username, css, notAuthorizedView, layout, imagesPath, imagesPack before installation.

Bug Fixes
•Replaced deprecated function in php 5.3 ereg_replace and split with preg_replace and explode.
•Fixed scanning of modules when url formating is used
•All list boxes in assign tabview are sorted alphabetically.
•Fixed bug when using different databases for the main application and the AuthManager.
•Fixed bugs related to version checking and translations.
•Fixed process-working.gif to be a transparent gif.
•Fixed controller action scanning.
•Fixed using different db connections for CDbAuthManager and main application causes srbac to detect wrong auth database.

Updates
•Update all files for Yii 1.1 compatibility.
•Updated Greek translation.
•imagesPath attribute now accepts alias instead of url.
•Updated Spanish translation.

December 4, 2009

srbac 1.0.3.1

Bug Fixes
•Fixed installation bug.
•Fixed authitems order in assign tabviews

November 4, 2009

srbac 1.0.3

Enhancements:
•Added imagesPack attribute.User can choose which pack of images to use for the srbac icons.
•Hovering over an authItem in authItems manager will show its description.
•If an action is in alwaysAllowed array will be ignored during the autocreation of authItems.
•Added srbac attribute imagesPath to set the path to the srbac icons (create, delete, admin etc).
•Custom srbac css can be placed not only in srbac/css directory but also in default application/css directory.
•Auto create checks if task exist and displays them or not in the create tasks list.
•Auto creating of modules controllers actions.

Bug Fixes:
•Added a default unauthorized view in case the user has not defined one.
•Fixed an IE bug in autocreation view(Thanks to 'idle sign').
•Access is now always denied to guests, except if the current page is in alwaysAllowed array.
•Fixed php short tags in views/AuthItem/userAssignments.php.
•srbac should work now in linux os.
•Changed dataGrid class to srbacDataGrid so it won't conflict with Yii dataGrid class.

Updates:
•Added new icons and a control center top bar (Thanks to 'idle sign').
•Added new css styles and new ajax‐loader (thanks to 'idle sign').
•Added noia icons pack.
•Changed custom images path relative to webroot .
•Set default css to srbac.css.
•Changed allowedAccess() method in SBaseController to protected so it can be inherited.
•Updated spanish translation (Ricardo Obregon).

October 17, 2009

srbac 1.02.r13

Bug Fixes:
Fixed php short tags in views/AuthItem/userAssignments.php
srbac should work now in linux os
Enhancments:
listBoxNumberOfLines attributes controls the number of lines in assign tabview listboxes

Updates:
Updated spanish translation (Ricardo Obregon)

October 15, 2009

srbac 1.02.6

Bug Fixes:
Removed safe rule from authItem model
Changed view path to authitem instead of authItem due to case sensitivity errors in some operation systems.
Import SBaseController in modules init method.

October 13, 2009

srbac 1.02.5

Enhancements:
When auto creating/deleting operations a check is performed to see if the items already exist.
Bug Fixes:
Udefined variable in assignments.php (Thanks to idle sign)
ShowAssignments ajax call (Thanks to idle sign)
Updates:
Russian translation updated to v1.2 (Thanks to idle sign)

October 8, 2009

srbac 1.02.1

Bug fix
Fixed a bug that prevented installation of srbac

Enhancements:
Srbac attribute alwaysAllowed, to define which operations are always allowed
Srbac attribute userActions to define which actions are assigned to using task by default
layout attribute accepts path alias now

October 6, 2009

srbac 1.02

Enhancements:
Automatic creation of operations based on controllers' actions.
Also Creation of two tasks (using, administrating)
The operations are also assigned to these tasks based on the action's name (all operations assigned to administrating and you can choose which actions are assigned to using)
Mass delete of automatic created operations, tasks for each controller
Cannot revoke Authority role if there's no other user with that role
Custom not authorized page
srbac front page (just the links for authItems managing, assigning and user's assignments)
srbac isInstalled() method
Added an SBaseController that must be extended for the use of automatic created auth items.

September 30, 2009

srbac 1.01

Enhancements:
Custom layout for srbac (layout must be in default application's layout folder)
Add ajax indicators.
Can call user assignments directly from your user's controller by

$this->renderPartial('application.modules.srbac.views.authItem.assignments',
array("id"->$id),
false,
true);
//$id is the user's id

Spanish translation (Ricardo Obregon)
Russian translation (idle sign)

September 20, 2009

srbac v1.00

Enhancements:
Srbac can be installed as a child module too
Custom cssFile support
Bug fixes:
Fixed undefined variables (thanks to sebi, idle sign)
Fixed possible SQL-injections flaw (thanks to Anticon)
Fixed jquery requested twice (thanks to horizons)
Use Yii:app()->getRequest() instead of $_REQUEST (thanks to horizons)

August 17, 2009

srbac beta4

Bug Fixes
Fixed bug when when a not-Authorizer-user tries to access SRBAC (thanks to Anticon)
Fixed bug with deleting tables in wrong order (thanks to rabol)
Fixed bug with wrong column name resulting in errors while working with innoDB engine(thanks to sebi)

July 29, 2009

srbac beta3

Enhancements:
View Roles / Tasks / Operations assigned to users at index.php?r=srbac/authItem/assignments

July 27, 2009

srbac beta2

Enhancements:
1 Delete authItems
2 Ajax based web interface for administrating auth items at index.php?r=srbac/authItem/manage

July 23, 2009

srbac beta

Bug Fixes:
1 Fixed udefined variable errors
2 Fixed showing all items in the assigned and in the not assigned panels when accessing the assign page for the first time
3 Fixed errors when pressing '<<' or '>>' with a wrong selection of items
4 Wrong tab display after an assignment

Enhancements:
1 You can select if demo data will be created in install
2 All assignments calls are made in ajax
3 You can set the name of the Authorizer authItem
4 You can update the names of the auth Items

July 6, 2009

alpha 2 release

Small bug fix (srbac attribute should be pageSize not pagesize)

July 5, 2009

Initial alpha release.

Total 20 comments

#16795 report it
Fire at 2014/03/29 02:02am
Roles Documentation

Hi there, I searched through the documentation, but didn't find much about Roles. I can see that there is an Admin role, but how can I create an ALL-USERS role? I'd like an all-users role to be assigned to all users including anonymous users.

How can I assign an all users role to all users?

#15519 report it
coolPhp at 2013/11/18 09:31am
Alias "modules.srbac.components.SDbAuthManager" is invalid.

Hi

I am getting the error, and I have checked the directory and file is there.

Alias "modules.srbac.components.SDbAuthManager" is invalid. Make sure it points to an existing directory or file.

at url index.php?r=srbac/authitem/frontpage

config file

'import'=>array(
            .....
            'application.modules.srbac.controllers.SBaseController',
    ),

any ideas.

#14066 report it
jayasam at 2013/07/16 12:39pm
Pagination needed for user listing drowdown

All users are shown in Assign Roles to Users drop down. so need to do pagination. Need help to do it.

#10345 report it
Jgsaw at 2012/10/21 06:32pm
No more updates?

Is this extension no longer being maintained? Seems to be the best out there but seems to be missing some features like autocreate for nested modules?

#6639 report it
SteveK at 2012/01/24 12:22am
Published CSS File Bug

Thanks for the great extension! I'm using 1.2r228 and one issue I'm having is that the CSS files (srbac.css) is being published in all my Yii layouts/views, just by enabling the extension.

I'm guessing the intention is to only publish the SRBAC CSS while in an SRBAC route. For lack time or a better solution, I've added this code to SrbacModule.php:

before "//Publish css"

if(strpos($_SERVER['REQUEST_URI'], '/srbac/') !== false) {

and at end of init() function

}

I realize this is will not work for people that have srbac installed in a different directory, or who use "/srbac/" in other URLs.

#6003 report it
LiuXuan at 2011/12/05 06:25am
Does it have a installation for MS SQL Server

For some reason, I need use MS SQL Server 2008 as my application database, I want to integrate srbac into the application.

so, does it have a installation for using it on MS SQL Server? I appreciate for any guide or solution helping me on how to do (I am a newbie but I feel Yii is an awesome framework to use)

Thank you!

#4902 report it
ibo_s at 2011/08/26 05:03pm
Trouble with Firefox

In 'manage/_form.php' I had to take out these lines, because Mozilla Firefox did some crazy stuff:

<script language="javascript">
<?php 
echo SHtml::ajax(array('type'=>'POST', 'url'=>array('manage'), 'update'=>'#list',)); 
?>
</script>

In Firefox this causes kind of recursion of my layout.

In Chrome there was no issue.

Without that lines it works fine, but I'd like to know if taking out that lines can cause other issues. I didn't get what these lines were for.

Anybody an idea ?

#4901 report it
ibo_s at 2011/08/26 04:57pm
Deleting AuthItems

Deleting AuthItems didn't work until I made a change in AuthitemController ...

public function actionDelete() {
    if (Yii::app()->request->isAjaxRequest) {    
 
      $this->loadAuthItem()->delete();
      //$this->processAdminCommand();
      //$criteria = new CDbCriteria;
      //$pages = new CPagination(AuthItem::model()->count($criteria));
      //$pages->pageSize = $this->module->pageSize;
      //$pages->applyLimit($criteria);
      //$sort = new CSort('AuthItem');
      //$sort->applyOrder($criteria);
      //$models = AuthItem::model()->findAll($criteria);
 
      Yii::app()->user->setFlash('updateName',
        Helper::translate('srbac', 'Updating list'));
      $this->renderPartial('manage/show', array(
          //'models' => $models,
          //'pages' => $pages,
          //'sort' => $sort,
          'updateList' => true,
        ), false, false);
    } else {
      throw new CHttpException(400, 'Invalid request. Please do not repeat this request again.');
    }
  }

... to ...

public function actionDelete() {
    if (Yii::app()->request->isPostRequest) {    
 
      $this->loadAuthItem()->delete();
      //$this->processAdminCommand();
      //$criteria = new CDbCriteria;
      //$pages = new CPagination(AuthItem::model()->count($criteria));
      //$pages->pageSize = $this->module->pageSize;
      //$pages->applyLimit($criteria);
      //$sort = new CSort('AuthItem');
      //$sort->applyOrder($criteria);
      //$models = AuthItem::model()->findAll($criteria);
 
      Yii::app()->user->setFlash('updateName',
        Helper::translate('srbac', 'Updating list'));
      $this->renderPartial('manage/show', array(
          //'models' => $models,
          //'pages' => $pages,
          //'sort' => $sort,
          'updateList' => true,
        ), false, false);
    } else {
      throw new CHttpException(400, 'Invalid request. Please do not repeat this request again.');
    }
  }

I changed 'isAjaxRequest' to 'isPostRequest'.

Did anybody else have this issue ?

I have no idea why 'isAjaxRequest' doesn't work.

#4643 report it
yiiz at 2011/07/28 09:19pm
thanks

Great extension! Thx! I used it in some of my project.

#4450 report it
Johnny at 2011/07/10 06:02am
good extension.

really a good extension. very helpful to me, thx very much.:)

#4448 report it
Ivica at 2011/07/10 05:26am
Nice work

I used your extension for RBAC authentication system I used on my website that I had to develop fast and it works perfectly. Actually user interface can be a bit more user friendly, but the more important is that everything works perfect!

#4213 report it
marcovtwout at 2011/06/16 06:53am
Flexibility

Quote from Yii guide:

"Yii also allows a role to consist of other roles or operations, a task to consist of other tasks, and an operation to consist of other operations."

This extension is build around the idea that roles can only inherit from tasks and tasks can only inherit from operations. This greatly limits RBAC's flexibility. Unless I am missing something here, this extension is not usable for me.

#4106 report it
alkos333 at 2011/06/06 08:54pm
Not quite as flexible

What about the capability to add operations directly to the role instead of first adding it to the task?

#3706 report it
cfletcher1856 at 2011/04/29 09:34am
@oceatoon

Make sure the id column in your database is named the same as this value.

so if your column name on the users table is user_id enter that, if it is just id use that.

fletch

#3699 report it
Tibor Katelbach at 2011/04/29 03:43am
on install fixingred userid ?

Hi on srbac/authitem/install I'm getting a red userId and I'm stuck here what should be done ?

#3319 report it
cfletcher1856 at 2011/04/02 04:34pm
Missing User.php

So I figured out how to get this installed. I found some random posts all over the web, I installed yii-user first and then srbac. Worked like a charm. Maybe it was mentioned somewhere and I missed it but, try installing yii-user first, it will create db tables, create modules, models and components.

#3138 report it
cfletcher1856 at 2011/03/20 10:53am
Missing User.php

I am not sure what I am doing wrong, but I am getting a PHP error saying I am missing User.php. I looked through the zip file and could not find that. Where is this file suposed to come from? Do I need to install another module first before this one?

#2727 report it
Drimean at 2011/02/01 09:59am
Find actions, > Yii 1.1.5

There is problem with functions of actions as

public function actionAny($id)

SRBAC finds them this action as "ControllerAny$id".

How to fix:

AuthitemController.php: Line 712

Replace:

$action = trim(substr($line, strpos($line, "action")));

To:

$action = trim(substr($line, strpos($line, "action"), (strpos($line, "(") - strpos($line, "action"))));
#2535 report it
Davidhhuan at 2011/01/15 01:50am
OMG...bad format before...Resend

hi, Spyros

After posting the content below in the forum, i found that there are already 35pages, i don't know whether you will it or not, so i re-post here.

Here is my suggestion to add a function for searching the user to the authitem/assignments

AuthitemController.php

public function actionSearchuser() {
      $username = '';
      if (!empty($_POST['username'])) {
          $criteria = new CDbCriteria;
          $criteria->condition = $this->module->username.' LIKE "%'.$_POST['username'].'%"';
          $userclass = $this->module->userclass;
          $users = $userclass::model()->findAll($criteria);
          if (count($users)) {
              if (count($users) > 1) {
                  $this->renderPartial('users', array('users'=>$users), false, true);
              }
              else {
                  $_GET['id'] = $users[0]->id;
                  $this->actionShowAssignments();
              }
          } 
          else {
              throw new CHttpException('401', 'There is no such user.');
          }
      }
  }

add these codes in the file views/authitem/assignments.php under the drop-down list

<?php echo CHtml::beginForm(Yii::app()->createUrl($this->module->id.'/authitem/searchuser'), 'POST', array('id'=>'searchuserForm'));?>
    <?php echo CHtml::textField('username');?>
    <?php echo CHtml::submitButton('submit');?>
    <?php echo CHtml::endForm();?>
    <script type="text/javascript">
    //<![CDATA[ 
$(document).ready(function() {
    $('#searchuserForm').submit(function() {
        $.ajax({
            url: $('#searchuserForm').attr('action'),
            type: 'POST', 
            data: $('#searchuserForm').serialize(),
            beforeSend: function () {
                $("#assignments").addClass("srbacLoading");
            },
            complete: function () { 
                $("#assignments").removeClass("srbacLoading");
            },
            success: function (html) {
                $("#assignments").html(html);
            }
        });
        return false;
    });
});
    //]]>
    </script>

Create a new file srbac/views/authitem/users.php

<?php echo SHtml::beginForm(); ?>
<?php echo SHtml::activeDropDownList(
    $this->module->getUserModel(),
    $this->module->userid,
    SHtml::listData($users, $this->module->userid, $this->module->username),
    array(
        'id'=>'users-list',
        'size'=>1,
        'class'=>'dropdown',
        'ajax' => array(
            'type'=>'POST',
            'url'=>array('showAssignments'),
            'update'=>'#assignments',
            'beforeSend' => 'function(){
                              $("#assignments").addClass("srbacLoading");
                          }',
            'complete' => 'function(){
                              $("#assignments").removeClass("srbacLoading");
                          }'
        ),
        'prompt'=>Helper::translate('srbac','select user')
    )
); ?>
<?php echo SHtml::endForm(); ?>
#2534 report it
Davidhhuan at 2011/01/15 01:46am
additional function: search user

hi, Spyros

After posting the content below in the forum, i found that there are already 35pages, i don't know whether you will it or not, so i re-post here.

Here is my suggestion to add a function for searching the user to the authitem/assignments

AuthitemController.php [code] public function actionSearchuser() { $username = ''; if (!empty($_POST['username'])) { $criteria = new CDbCriteria; $criteria->condition = $this->module->username.' LIKE "%'.$_POST['username'].'%"'; $userclass = $this->module->userclass; $users = $userclass::model()->findAll($criteria); if (count($users)) { if (count($users) > 1) { $this->renderPartial('users', array('users'=>$users), false, true); } else { $_GET['id'] = $users[0]->id; $this->actionShowAssignments(); } } else { throw new CHttpException('401', 'There is no such user.'); } } } [/code]

add these codes in the file views/authitem/assignments.php under the drop-down list [code] <?php echo CHtml::beginForm(Yii::app()->createUrl($this->module->id.'/authitem/searchuser'), 'POST', array('id'=>'searchuserForm'));?> <?php echo CHtml::textField('username');?> <?php echo CHtml::submitButton('submit');?> <?php echo CHtml::endForm();?> [/code]

Create a new file srbac/views/authitem/users.php [code] <?php echo SHtml::beginForm(); ?> <?php echo SHtml::activeDropDownList( $this->module->getUserModel(), $this->module->userid, SHtml::listData($users, $this->module->userid, $this->module->username), array( 'id'=>'users-list', 'size'=>1, 'class'=>'dropdown', 'ajax' => array( 'type'=>'POST', 'url'=>array('showAssignments'), 'update'=>'#assignments', 'beforeSend' => 'function(){ $("#assignments").addClass("srbacLoading"); }', 'complete' => 'function(){ $("#assignments").removeClass("srbacLoading"); }' ), 'prompt'=>Helper::translate('srbac','select user') ) ); ?> <?php echo SHtml::endForm(); ?> [/code]

Leave a comment

Please to leave your comment.

Create extension