Yii Framework Forum: How to not cache RBAC checkAccess() results? - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

How to not cache RBAC checkAccess() results? Rate Topic: -----

#1 User is offline   Sander 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 169
  • Joined: 03-November 09
  • Location:Amsterdam, Netherlands

Posted 16 December 2009 - 08:43 AM

So I have the following setup (which doesn't really make any sense, I was just doing this to get used to RBAC):

$auth = Yii::app()->authManager;

$auth->createOperation('create_entity', 'Create a new Entity');

$rule = 'return Yii::app()->user->entity->type_id==$params["type"]->type_id;';
$auth->createTask('create_own_type', 'Create Entities of your own Type', $rule)
	->addChild('create_entity');

$rule = 'return !Yii::app()->user->isGuest;';
$auth->createRole('authenticated', 'Authenticated Entities', $rule)
	->addChild('create_own_type');

$auth->save();


With which I do the following tests:
$text = array();
if(isset($_POST['test'])) {
	$text[] = Yii::app()->user->checkAccess('create_entity', array('type' => Type::model()->findByPk('1'))) ?
		'You can create a User' : 'You can <b>NOT</b> create a User';
	$text[] = Yii::app()->user->checkAccess('create_entity', array('type' => Type::model()->findByPk('2'))) ?
		'You can create a Project' : 'You can <b>NOT</b> create a Project';
}


The logged in user is of type 1.

Now, when I echo all items of $text in my view, I get the following:

Quote

You can create a User
You can create a Project


This is incorrect, it should only be possible to create a user, and not a project. Also, when I switch the two tests around (so first check for findByPk('2'), and then for '1', I get the opposite result:

Quote

You can NOT create a Project
You can NOT create a User


It looks like the 'create_entity' permission that was obtained by the first call to checkAccess() is cached and therefore also used by the second call, even though a different argument is passed in $params. What would be the best way to fix this?
0

#2 User is offline   Sander 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 169
  • Joined: 03-November 09
  • Location:Amsterdam, Netherlands

Posted 17 December 2009 - 04:49 AM

Right, so apparently CWebUser::checkAccess() is different from CAuthManager::checkAccess(), and has a parameter to disable caching which I overlooked. Problem solved :)
0

#3 User is offline   Muhammad Shahzad 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 69
  • Joined: 29-January 13
  • Location:Islamabad,Pakistan

Posted 09 July 2013 - 06:13 AM

hello,


How you setup this, where you set this code:

$auth = Yii::app()->authManager;

$auth->createOperation('create_entity', 'Create a new Entity');

$rule = 'return Yii::app()->user->entity->type_id==$params["type"]->type_id;';
$auth->createTask('create_own_type', 'Create Entities of your own Type', $rule)
        ->addChild('create_entity');

$rule = 'return !Yii::app()->user->isGuest;';
$auth->createRole('authenticated', 'Authenticated Entities', $rule)
        ->addChild('create_own_type');

$auth->save();

0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users