[Boaz]

 matteosistisette, on 17 October 2012 - 06:51 AM, said:

That you and me can't think of a use case where one may need it, doesn't mean that it doesn't exist. Whenever there may be even the most remote possibility that one freaky guy in the world may need a behavior different from the default, the possibility to change it must be provided. But I agree with you that the behavior you describe should be the default one.

Actually, here's a use case.
I have assigned 20 users the ClockwiseDancer role, and I have assigned other 30 users the CounterClockwiseDancer role. Oh shit! Clocks turn that way!! All my assignments are reversed! Well, know what? If I rename ClockwiseDancer to CounterClockwiseDancer and viceversa (of course in 3 steps using an intermediate dummy name), that'll do the trick.
Unlikely, I agree. Impossible? no.

Your use case is amusing...
And it demonstrates what I think - there is no such real world use case and its ridiculous to think that there's any benefit NOT to update the relationship table on any change in the items table (as we've mentioned...). Even if was is such a remote use case - I don't think the RBAM module, being an open source software developed on typically very limited resources, should address all of its clients needs. Heck, not even fully established for-profit companies address all their customer's needs. They address most customers needs (...that would generate them the most profit).
But, again, the design of the tables on the first place is really awkward and I fail to get to the bottom of the designer's mind, or perhaps simply its not a good design... . Also, the design demonstrates, I think, the reason for database normalization. With current design, there's duplication of data between the tables - the 'names' of the auth items. As such, it requires a rename to be performed on all tables, as we've seen.

On to more practical words - time to test SRABC extension!

[Boaz]

Well, SRBAC seems to cut it. Renaming a role renames it in both the 'items' table and on the 'relationships' table (didn't check anything else at this stage). Gonna give it a try... .

[peltronic]

Hi!

I'm wondering the same...is this extension still maintained?

These doc & demo links are broken (can't display them here b/c this is my first post, I had to remove all the links and replace with "..."...what a pain! See reply #67 for the links).

doc:
...rbam_manual.pdf

demo:
...index.php

Would love to try this out but a doc and demo would be nice!

Peter

 matteosistisette, on 29 July 2012 - 02:13 PM, said:

Is this extension still being maintained? I'm finding quite a few bugs and I wonder whether there is a place where it makes any sense to report them or if rbam has been abandoned and I should instead consider using some other rbac management extension.

The information page of the extension doesn't provide any link.
Since the manual is hosted at ... I tried ... which only shows embarrassing php errors, and ... which shows a default placeholder page from the hosting provider.

[Ivo Pereira]

I would like to know too if the extension is already maintained or if anyone has the main zip of the extension and the docs.

I've been working with a previous version of the extension installed in a work project that was being developed from another developer, and I would like to use it with a new one.

Suggestions?

[Daantje]

I found the rbam_manual.pdf mirrored here pdfio.com/k-2272549.html
and on my site for save keeping bitbucket.org/bytebrain/yii-rbam-extension-manual

[albertski]

I'm relatively new to Yii. I created some roles and added operations that were automatically generated. Now I am not sure if I need to go in and modify the accessRules() in all of my controllers and add the roles? I would think this would be automatic?

Do I actually have to go to every action and add code like this:

if(Yii::app()->user->checkAccess('createPost'))
{
    // create post
}

[davidgraybeard]

albertski, on 15 March 2013 - 10:12 AM, said:

Do I actually have to go to every action and add code like this:

if(Yii::app()->user->checkAccess('createPost'))
{
    // create post
}

Did you ever figure this out? I'm pretty sure it is automatic, but I think I am missing the one piece of glue that gets the roles, tasks and operations I set up in RBAM to start engaging.

See next post. Think I found the glue, and by putting that one rule in my overall controller, everything works!

[davidgraybeard]

I have a basic question about how to use RBAM effectively. I have something like the following set up in RBAM, in terms of parent/child relationships:

Role: Administrator
    Task:  ArticleReading
          Operation: Article:index
          Operation: Article:view
    Task: ArticleWriting
   		Operation: Article:create
   		Operation: Article:delete
   		Operation: Article:save

Role: Regular User
 	Task: ArticleReading
          Operation: Article:index
          Operation: Article:view

Given this, I thought the access checking would just be automatic. I guess I need to define some accessRules(), but I can't imagine what they would look like. It would seem as if any rule I create would be redundant to what I've just defined in RBAM.

public function accessRules() {
  return [
      ['allow', 'actions' => ['index','view'], 'roles' => ['Administrator']], // this seems redundant, but if I have no rules access isn't checked
      ['deny', 'users' => ['*']]
  ];
}

I believe I found the answer, myself:

	public function accessRules() {
		return array(
			array('allow', 
				'expression' => 'Yii::app()->user->checkAccess(Yii::app()->controller->id.":".Yii::app()->controller->action->id)),
			array('deny', 'users' =>array('*'))
		);

This post has been edited by davidgraybeard: 07 May 2013 - 06:18 PM