Understanding user-management

laotse · April 14, 2015, 8:43pm

I set up a basic application with vimark’s RBAC extension. So far, so good.

First a technical issue: I want some actions to be public, i.e. they can be accessed without any login. When I navigate to index.php I’m redirected to login immediately. I can’t exactly see how this happens. Is there an explanation … and how would I create public actions?

Second a conceptual issue: I’d consider permission groups as pre-defined sets of permissions. But I cannot see any interface to define such groups. All there is is a tag to title relation. Similarly this applies to roles, which in general should also be associated with particular permissions. Is it intended to hard-code this mapping?

Regards,

lars.

shardiwal · May 7, 2015, 5:29am

You need to add accessRules to the controller to make some action public (without login)

You can do something like this


    public function accessRules()

    {

        return array(

            array('allow',

                'users'=>array('@'), // Make all action authentic - not available to anonymous user

            ),

            array('allow',

                'users'=>array('*'),

                'actions'=>array(

                    'search','login','logout' // List of action made public

                )

            ),

            array('deny'), // Deny every thing else

        );

    }