I am learning Yii and am trying to develop RBAC now the issue is that I have created roles and so on executed that script via shell I have database tables in place and that Roles and everything gets populated. now I donot know why but in main.php
if(Yii::app()->user->checkAccess('admin'))
echo 'Admin';
else
echo 'No Admin';
always return No admin .What I am trying to do is display a different menu based on user type i.e it is admin or reader or manager and so on. but this fails.
I am attaching my role assignment also here
<?php
class RbacCommand extends CConsoleCommand
{
private $_authManager;
public function getHelp()
{return <<<EOD
USAGE
rbac
DESCRIPTION
This command generates an initial RBAC authorization hierarchy.
EOD;
}
/**
* Execute the action.
* @param array command line parameters specific for this command
*/
public function run($args)
{
echo "SHELLLLLLLLLL.\n";
//ensure that an authManager is defined as this is mandatory for creating an auth heirarchy
if(($this->_authManager=Yii::app()->authManager)===null)
{
echo "Error: an authorization manager, named 'authManager'
must be configured to use this command.\n";
echo "If you already added 'authManager' component in
application configuration,\n";
echo "please quit and re-enter the yiic shell.\n";
return;
}
//provide the oportunity for the use to abort the request
echo "This command will create three roles: Admin, Manager, and Reader and the following premissions:\n";
echo "create, read, update and delete Hotels\n";
echo "create, read, update and delete Items\n";
echo "create, read, update and delete Users\n";
echo "create, read, update and delete Category\n";
echo "Would you like to continue? [Yes|No] ";
//check the input from the user and continue if they indicated yes to the above question
if(!strncasecmp(trim(fgets(STDIN)),'y',1))
{
//first we need to remove all operations, roles, child relationship and assignments
$this->_authManager->clearAll();
//create the lowest level operations for users
$this->_authManager->createOperation("createUser","create a new user");
$this->_authManager->createOperation("readUser","read user profile information");
$this->_authManager->createOperation("updateUser","update a users information");
$this->_authManager->createOperation("deleteUser","remove a user from a Hotel");
////create the lowest level operations for projects
$this->_authManager->createOperation("createHotel","create a new Hotel");
$this->_authManager->createOperation("readHotel","read Hotel information");
$this->_authManager->createOperation("updateHotel","update Hotel information");
$this->_authManager->createOperation("deleteHotel","delete a Hotel");
////create the lowest level operations for Category
$this->_authManager->createOperation("createCategory","create a new Item");
$this->_authManager->createOperation("readCategory","read Item information");
$this->_authManager->createOperation("updateCategory","update Item information");
$this->_authManager->createOperation("deleteCategory","delete an Item from a Hotel");
////create the lowest level operations for issues
$this->_authManager->createOperation("createItem","create a new Item");
$this->_authManager->createOperation("readItem","read Item information");
$this->_authManager->createOperation("updateItem","update Item information");
$this->_authManager->createOperation("deleteItem","delete an Item from a Category");
////create the reader role and add the appropriate permissions as children to this role
$role=$this->_authManager->createRole("reader");
$role->addChild("readUser");
$role->addChild("readHotel");
$role->addChild("readCategory");
$role->addChild("readItem");
$role->addChild("createUser");
////create the member role, and add the appropriate permissions, as well as the reader role itself, as children
$role=$this->_authManager->createRole("manager");
$role->addChild("readUser");
$role->addChild("readHotel");
$role->addChild("readCategory");
$role->addChild("readItem");
$role->addChild("createHotel");
$role->addChild("createCategory");
$role->addChild("createItem");
$role->addChild("updateHotel");
$role->addChild("updateCategory");
$role->addChild("updateItem");
$role->addChild("deleteHotel");
$role->addChild("deleteCategory");
$role->addChild("deleteItem");
////create the owner role, and add the appropriate permissions, as well as both the reader and member roles as children
$role=$this->_authManager->createRole("admin");
$role->addChild("reader");
$role->addChild("manager");
$role->addChild("createUser");
$role->addChild("updateUser");
$role->addChild("deleteUser");
echo 'Making Afnan admin';
$this->_authManager->assign('admin','3');
echo 'Making Riaz Manager';
$this->_authManager->assign('manager','2');
echo 'Sucess';
//provide a message indicating success
echo "Authorization hierarchy successfully generated.";
}
}
}
?>
