SRBAC and controllers

Yii 1.1 Extensions
1

OK, I got SRBAC installed and can mess with assigning roles etc, but I seem to be having a problem getting it to control access…

Do I have to make changes in each controller file for every action?

In my config/main.php I am importing

	'application.modules.srbac.controllers.SBaseController',

but it seems that my controller is still responding to the accessRules() function rather than the roles set up in RBAC. Do I need to remove that section? the documentation only mentions:

If you also want srbac to automatically check for access in your controllers, your controllers should extend the SBaseController class in srbac module or any other class that extends this one.

But it doesn’t say how you DO that…

would that mean that the section of the controller file:


class UserController extends Controller

should be changed to something like:


class UserController extends SBaseController

??

because when I do that I get this error:


CException


Description


Property "UserController.breadcrumbs" is not defined.


Source File


/home/garuda/public_html/bianchini2/protected/views/site/login.php(3)

with the last part of the stack trace:




#0 /home/garuda/public_html/bianchini2/protected/views/site/login.php(3): CComponent->__set('breadcrumbs', Array)

#1 /home/garuda/public_html/yii/framework/web/CBaseController.php(119): require('/home/garuda/pu...')

#2 /home/garuda/public_html/yii/framework/web/CBaseController.php(88): CBaseController->renderInternal('/home/garuda/pu...', Array, true)

#3 /home/garuda/public_html/yii/framework/web/CController.php(732): CBaseController->renderFile('/home/garuda/pu...', Array, true)

#4 /home/garuda/public_html/yii/framework/web/CController.php(671): CController->renderPartial('application.vie...', Array, true)

#5 /home/garuda/public_html/bianchini2/protected/modules/srbac/controllers/SBaseController.php(79): CController->render('application.vie...', Array)

#6 /home/garuda/public_html/bianchini2/protected/modules/srbac/controllers/SBaseController.php(53): SBaseController->onUnauthorizedAccess()

#7 /home/garuda/public_html/yii/framework/web/CController.php(298): SBaseController->beforeAction(Object(CInlineAction))

Except that I am already logged in as admin with full rights…

It would be great to have a full-on, detailed tutorial for SRBAC!

2

Well that was my fault…

I got SRBAC running - after the install there were some default tasks that I assumed were built in - I set those up and tried things out - nothing -

I changed the controller classes as outlined above, and once I got past my self-induced CException (I had removed the breadcrumbs widget from layouts/main.php…) - still problems, since now I wasn’t allowed to do anything… I realized that I needed to autocreate the auth items (the menu for that shows up once you click “managing auth items”) - once I did that I saw they were named different than the ones that showed up on install, and then when I set those up, everything worked fine.

Gotta say, going through these setup hassles does teach you stuff… although my forehead is slightly bruised from banging it on the desk!

3

if you got some error : Property "UserController.breadcrumbs" is not defined.

you can copy all variable from protected.components.Controller

like :




public $layout='//layouts/column1';

public $menu=array();

public $breadcrumbs=array();

to modules.srbac.controllers.SBaseController

but i have got some confuse with my accesRules on every my App Controller too :(

4

You don’t have to change your controllers just make Controller extends SBaseController

and you should remove the access rules

5

I try like that (extends my Controller with SBaseController), but i always got some error : Property “BlablaController.breadcrumbs” is not defined. so i add variable from controller on components and it’s running. I am sorry, i just follow my feeling from debug messages :P

I have remove the access rules and give checkAccess on every action.

Now, my app with "great" srbac is running well.

thanks spyros :)

6

Hi

Do we really have to add a checkAccess on each action ?

or is the checkAccess generically made on each access to a controler method ?

is that why we are extending to SBaseController ?

I haven’t managed to get my srbac rules to be applied yet

please excuse my newbieness

a simple controller use case would be more then welcome ? are there any out there ?

7

Hey!

Actually, there is no need to add checkAccess, i’ve used SRbac just extending SBaseController and all things work as expected after right permissions given in Srbac admin




class MyController extends SBaseController

{

 ... 

   public function actionIndex(){

//     ...no need to change

   }

}

remember that you need to include SBaseController in the import section of main config file

hope this helps

regards!

:)

8

components/conroller.php


class Controller extends CController

should be changed to something like:


class Controller extends SBaseController

This is my way , don’t know is correct. sorry, My poor English.

9

Even I have done that, it will still give the error of breadcrumbs not defined. The solution is: edit the sbasecontroller.php and extend the SBaseController class from Controller instead of CController (just remove the C) like following:

class SBaseController extends Controller {

}

10

guys,

sorry can I ask you something.when setting the column at auth Item.

can anyone send me an example?

cause honestly after the installation succeeded, I kinda stop working cause still blind.

hehehe…

thanks a lot guys.

11

Hello!

I hope you found a solution but maybe it will be useful for someone else…

please check your srbac configuration i look for ‘debug’ - if it is true srbac always return true for access control