Yii Framework Forum: [Extension] Auth - Yii Framework Forum

Jump to content

  • (7 Pages)
  • +
  • 1
  • 2
  • 3
  • Last »
  • You cannot start a new topic
  • You cannot reply to this topic

[Extension] Auth A modern and reponsive user interface for CAuthManager Rate Topic: ***** 2 Votes

#1 User is offline   Chris83 

  • Advanced Member
  • PipPipPip
  • Yii
  • Group: Members
  • Posts: 440
  • Joined: 27-February 10
  • Location:Helsinki, Finland

Posted 02 January 2013 - 04:45 AM

Hey All,

This is the thread for discussing my latest extension, Auth:
http://www.yiiframew.../extension/auth

Feel free to post any questions you have regarding extension below.
Best regards,
Chris

My contribution to the Yii community:
Account | Yiistrap | Auth | Bootstrap | NordCms | Rights | LESS | SEO | Img

Follow me:
Twitter | GitHub | Bitbucket
3

#2 User is offline   Laurens 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 2
  • Joined: 30-November 12

Posted 02 January 2013 - 06:23 AM

Hi Chris,

You've made a great module, again, thanks!
Short question: is there an 'admin-account'-functionality, which gives the admin entrence to everything? It was available in Rights, and I liked it :-). Thanks!

Laurens
0

#3 User is offline   Raoul 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 644
  • Joined: 29-November 08
  • Location:Paris, France

Posted 02 January 2013 - 09:02 AM

Hi Laurens,

I'm not sure "admin-account" functionality refers to, but note that when migrating from Rights to Auth, one thing I had to do is to implement the isSuperUser feature in my WebUser class; that is something not provided by Auth (but really fast & easy to adapt).

Hope it helps

B)
0

#4 User is offline   Chris83 

  • Advanced Member
  • PipPipPip
  • Yii
  • Group: Members
  • Posts: 440
  • Joined: 27-February 10
  • Location:Helsinki, Finland

Posted 03 January 2013 - 05:49 PM

I've added support for bypassing access checks for specified users in version 1.3.0.
Best regards,
Chris

My contribution to the Yii community:
Account | Yiistrap | Auth | Bootstrap | NordCms | Rights | LESS | SEO | Img

Follow me:
Twitter | GitHub | Bitbucket
0

#5 User is offline   delphaber 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 3
  • Joined: 02-January 13

Posted 07 January 2013 - 06:16 AM

Hi, I'm trying to get a demo yii app with this extension working.
I edited my config/main.php.

When I try to add a role (foobar): yiiapp.local/auth/role/view/name/foobar I get php notice "Trying to get property of non-object" at yiiapp.local/protected/modules/auth/controllers/AuthItemController.php(133)

At first I thought it was a compatibility problem with "user" extension, but this "yiiapp" application is a clean one, with yii-bootstrap and User class took from your demo.

Any idea? :)
0

#6 User is offline   Chris83 

  • Advanced Member
  • PipPipPip
  • Yii
  • Group: Members
  • Posts: 440
  • Joined: 27-February 10
  • Location:Helsinki, Finland

Posted 08 January 2013 - 04:03 AM

Hey delphaber,

Sounds like a problem with your authorization manager, make sure that you configured it correctly. That error can only occur if the application somehow fails to create the authorization item. I hope this helps you to solve your issue.

View Postdelphaber, on 07 January 2013 - 06:16 AM, said:

Hi, I'm trying to get a demo yii app with this extension working.
I edited my config/main.php.

When I try to add a role (foobar): yiiapp.local/auth/role/view/name/foobar I get php notice "Trying to get property of non-object" at yiiapp.local/protected/modules/auth/controllers/AuthItemController.php(133)

At first I thought it was a compatibility problem with "user" extension, but this "yiiapp" application is a clean one, with yii-bootstrap and User class took from your demo.

Any idea? :)

Best regards,
Chris

My contribution to the Yii community:
Account | Yiistrap | Auth | Bootstrap | NordCms | Rights | LESS | SEO | Img

Follow me:
Twitter | GitHub | Bitbucket
0

#7 User is offline   delphaber 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 3
  • Joined: 02-January 13

Posted 09 January 2013 - 05:21 AM

View PostChris83, on 08 January 2013 - 04:03 AM, said:

Hey delphaber,

Sounds like a problem with your authorization manager, make sure that you configured it correctly. That error can only occur if the application somehow fails to create the authorization item. I hope this helps you to solve your issue.


Thank you :) I'm going to inspect that path!
0

#8 User is offline   gabu 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 3
  • Joined: 06-December 12

Posted 16 January 2013 - 05:43 PM

Hi, I would first like to thank you for providing this awesome extension. I haven't had much time with php and even less time with yii so I hope you can bear with me.

While following the documentation I ran into the following:

public function filters()
{
return array(
array('auth.components.AuthFilter'),
),
}

I am not really sure if this is a typo but the comma(,) after the last parenthesis should be replaced by a semicolon (;)? (just want to make sure since I got errors with the comma)

Also I got an error:
protected\modules\auth\components\AuthFilter.php(41): YiiBase::t("AuthModule.main", "Access denied.")

$itemName .= '.' . $controller->action->getId();
if ($user->checkAccess($itemName))
return true;

throw new CHttpException(401, Yii::t('AuthModule.main', 'Access denied.'));
}
}

I am not really sure why it caused the error but I tried replacing it with:
throw new CHttpException(401,'Access denied.');

This seemed to fix the error but now only the superuser had access to the tasks (although other roles were configured to have permission).


In the end, instead of using array('auth.components.AuthFilter') I tried using 'rights' (filter from your Rights Extension extending Rcontroller). Although I haven't tested it much it seems to work perfectly.

Again I haven't had much time with php and yii so maybe everything I said might be completely wrong.
0

#9 User is offline   Philipp 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 8
  • Joined: 13-July 12

Posted 17 January 2013 - 04:04 AM

Just wanted to say "THANK YOU" for this great extension. Very useful and saves me a lot of time :)
0

#10 User is offline   frogpro 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 1
  • Joined: 18-October 12

Posted 20 January 2013 - 09:10 AM

View Postgabu, on 16 January 2013 - 05:43 PM, said:


Also I got an error:
protected\modules\auth\components\AuthFilter.php(41): YiiBase::t("AuthModule.main", "Access denied.")

$itemName .= '.' . $controller->action->getId();
if ($user->checkAccess($itemName))
return true;

throw new CHttpException(401, Yii::t('AuthModule.main', 'Access denied.'));
}
}

I am not really sure why it caused the error but I tried replacing it with:
throw new CHttpException(401,'Access denied.');

This seemed to fix the error but now only the superuser had access to the tasks (although other roles were configured to have permission).



You must define
'import'=>array(
     'application.modules.auth.*',
     'application.modules.auth.components.*',
	),


in "protected/config/main.php"
0

#11 User is offline   gabu 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 3
  • Joined: 06-December 12

Posted 21 January 2013 - 11:54 AM

You must define
'import'=>array(
     'application.modules.auth.*',
     'application.modules.auth.components.*',
	),


in "protected/config/main.php"
[/quote]

Thanks a lot!
Now everything works perfectly :D
0

#12 User is offline   KyleVan 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 3
  • Joined: 22-August 11

Posted 21 January 2013 - 04:57 PM

CDbAuthManager and its behaviors do not have a method or closure named "getItemsPermissions".

I am getting this, does anyone have any ideas?
0

#13 User is offline   francis ja 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 31
  • Joined: 27-July 11
  • Location:India

Posted 23 January 2013 - 06:45 PM

how I can set the permission of a page to guest
skype: jesusloves.francis
Blogs:
http://yiideveloper.wordpress.com/
http://francis-yii-developer.me
Co-founder of Nintriva Wireless
mails:
jesusloves.francis@gmail.com
francis@nintriva.com
http://nintriva.com
1

#14 User is offline   francis ja 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 31
  • Joined: 27-July 11
  • Location:India

Posted 24 January 2013 - 06:43 AM

in Yii auth
AuthAssignmentItemsColumn.php
have problem its check whether logined user is admin instead of user of that row.
so even for non-admin user it will show 'Administrator' instead of Assigned items
skype: jesusloves.francis
Blogs:
http://yiideveloper.wordpress.com/
http://francis-yii-developer.me
Co-founder of Nintriva Wireless
mails:
jesusloves.francis@gmail.com
francis@nintriva.com
http://nintriva.com
1

#15 User is offline   Jose Rullan 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 8
  • Joined: 10-February 11

Posted 24 January 2013 - 02:44 PM

A trivial question but is there a tutorial of how to setup this extension with CPhpAuthManager. To be honest I am struggling to understand how it all fits together and each time I go to the guide to search for guidance I'm thrown away.

  • I previously was using the basic authentication method using the accessRules() of the Controller and with accessControl in filters.
  • I managed so far to install the extension along with Bootstrap, set it up to use the bootstrap theme and configure the main.php as per the instructions.
  • I created a user table with id,name,username,password and role fields and updated the UserIdentity.php authenticate() method to check for the user in the DB. That's working fine.
  • I went into r=auth with user <<admin>>, and setup several operations like this: item.*
  • I created a task name itemAdmin whose child is the item.* operation
  • I created a role named admin whose child is itemAdmin.
  • I assigned this role to my <<someuser>> user.


When loging in as <<someuser>> and trying to access any of the controller actions it says Error 401 Permission denied.

What do I do with the accessControl and accessRules? Do I have to change that?
Now how do I move forward from here?
1

#16 User is offline   Jose Rullan 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 8
  • Joined: 10-February 11

Posted 24 January 2013 - 08:22 PM

View PostJose Rullan, on 24 January 2013 - 02:44 PM, said:

A trivial question but is there a tutorial of how to setup this extension with CPhpAuthManager. To be honest I am struggling to understand how it all fits together and each time I go to the guide to search for guidance I'm thrown away.

  • I previously was using the basic authentication method using the accessRules() of the Controller and with accessControl in filters.
  • I managed so far to install the extension along with Bootstrap, set it up to use the bootstrap theme and configure the main.php as per the instructions.
  • I created a user table with id,name,username,password and role fields and updated the UserIdentity.php authenticate() method to check for the user in the DB. That's working fine.
  • I went into r=auth with user <<admin>>, and setup several operations like this: item.*
  • I created a task name itemAdmin whose child is the item.* operation
  • I created a role named admin whose child is itemAdmin.
  • I assigned this role to my <<someuser>> user.


When loging in as <<someuser>> and trying to access any of the controller actions it says Error 401 Permission denied.

What do I do with the accessControl and accessRules? Do I have to change that?
Now how do I move forward from here?



Well this might be kind of embarrassing since for many this might have been obvious but for the few others that could be struggling these are the steps I took to get it to work. Hope it helps someone.

These are the steps I followed to achieve the use of Auth with CPhpAuthManager.

1. Create a table and model user with id,name,username,password,role.

2. Add one user:

name= Administrator
username = admin
password = admin
role = admin

3. Create a basic auth.txt and auth.php file in protected/data (follow Wiki mentioned below)

4. Install Auth and Bootstrap

Configure the authManager component

'authManager' => array(
	'class'=>'CPhpAuthManager',
	'behaviors' => array(
		'auth' => array(
			'class' => 'auth.components.AuthBehavior',
			'admins'=>array('admin'), // users with full access
		),
	),
),


5. Copy the Bootstrap theme into application themes and rename as bootstrap

6. For theming only the Auth module had to configure Auth to use the theme layout located in themes/bootstrap/views/layouts/main.php

7. Modify UserIdentity

private $_id=null;

public function getId()
{
	return $this->_id;
}	



In the authenticate() function:

$this->_id=$user->id;
$this->username=$user->username;


$auth=Yii::app()->authManager;
if(!is_null($user->role)){
    if(!$auth->isAssigned($user->role,$this->_id))
    {
        if($auth->assign($user->role,$this->_id))
        {
            Yii::app()->authManager->save();
        }
		
    }
}


8. Modify Controllers:

public function filters()
{
	return array(
		//'accessControl',
		array('auth.filters.AuthFilter'),
		'postOnly + delete',
	);
}
	
public function accessRules()
{
        /* ..... */
}


9. Login as admin

10. navigate to r=auth

11. Create some operations in the form controllerId.*

12. Create tasks and add operations to them

13. Create roles and add tasks or operations to them

14. Assign roles to the users (the Auth module reads them from the Database).

15. In a wiki (http://www.yiiframew...-a-php-file#hh4) read that you should revoke all assigned operations to the user upon logout, not sure if really needed.
0

#17 User is offline   grptx 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 2
  • Joined: 31-January 12

Posted 28 January 2013 - 04:22 AM

View Postfrancis ja, on 24 January 2013 - 06:43 AM, said:

in Yii auth
AuthAssignmentItemsColumn.php
have problem its check whether logined user is admin instead of user of that row.
so even for non-admin user it will show 'Administrator' instead of Assigned items


yes i found this problem too.
i remove the if check (on line 36 of AuthAssignmentItemsColumn.php) and the problem seem to solve
0

#18 User is offline   francis ja 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 31
  • Joined: 27-July 11
  • Location:India

Posted 28 January 2013 - 11:22 AM

Me too solved the porblem by editng widgets/AuthAssignmentItemsColumn.php
i used it with Yii user extension so i changed it like below

$userArr=Yii::app()->getModule('user')->getAdmins();
		if (in_array($data->username, $userArr)) 
			echo Yii::t('AuthModule.main', 'Administrator');
		else
		{

skype: jesusloves.francis
Blogs:
http://yiideveloper.wordpress.com/
http://francis-yii-developer.me
Co-founder of Nintriva Wireless
mails:
jesusloves.francis@gmail.com
francis@nintriva.com
http://nintriva.com
0

#19 User is offline   Stefano Mtangoo 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 229
  • Joined: 02-January 12
  • Location:Dar es Salaam, Tanzania

Posted 03 February 2013 - 02:38 PM

I use the following in config/main.php

return array(
  'modules' => array(
    'auth',
  ),
  'components' => array(
    'authManager' => array(
      .....
      'behaviors' => array(
        'auth' => array(
          'class' => 'auth.components.AuthBehavior',
          'admins'=>array('admin', 'foo', 'bar'), // users with full access
        ),
      ),
    ),
    'user' => array(
      'class' => 'auth.components.AuthWebUser',
    ),
  ),
);


I get error

Quote

Object configuration must be an array containing a "class" element.


If I comment line
'admins'=>array('admin', 'foo', 'bar'), // users with full access
error goes off. Is this a bug?
And God said, Let there be science...and it was so!
Training Manager Written in Yii here
0

#20 User is offline   Kjell Einar Skutle 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 28
  • Joined: 30-November 11
  • Location:Norway

Posted 06 February 2013 - 12:30 PM

View Postfrancis ja, on 23 January 2013 - 06:45 PM, said:

how I can set the permission of a page to guest


You can remove specific actions from the access filtering like this:

public function filters()
{
    return array(
        array('auth.components.AuthFilter - guestAction1, guestAction2, ...'),
    );
}


Likewise you can specify which actions should be filtered by changing the minus sign to plus.
1

Share this topic:


  • (7 Pages)
  • +
  • 1
  • 2
  • 3
  • Last »
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users