Yii Framework Forum: Bizrule in authmanager does not work - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Bizrule in authmanager does not work Rate Topic: -----

#1 User is offline   eWolf 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 4
  • Joined: 06-February 09

Posted 06 February 2009 - 02:50 PM

I'm new too Yii and wanted to start pretty straightforward. I put the code for initializing the roles into an InitController. Then I initialized those roles and put the code for access checking into every action (
if(Yii::app()->user->checkAccess('deleteUser')) ..
). This all works pretty good, but I now want to allow users to edit their own account. So I added this rule:
$bizRule='return Yii::app()->user->id==$params["user"]->username;';
$task=$auth->createTask('updateOwnUser','update a your own account',$bizRule);
$task->addChild('updateUser');

but it just doesn't work! The values seem to match (i printed them out) but checkAccess returns false. Is it right to add updateUser as child? I've seen that in the documentation.
0

#2 User is offline   qiang 

  • Yii Project Lead
  • Yii
  • Group: Yii Dev Team
  • Posts: 5,907
  • Joined: 04-October 08
  • Location:DC, USA

Posted 06 February 2009 - 03:42 PM

How did you call checkAccess for the update operation?
0

#3 User is offline   eWolf 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 4
  • Joined: 06-February 09

Posted 07 February 2009 - 08:45 AM

$user=$this->loadUser();
$params = array('user' => $user);

if(Yii::app()->user->checkAccess('updateOwnUser', $params) or
Yii::app()->user->checkAccess('updateUser'))
{

0

#4 User is offline   eWolf 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 4
  • Joined: 06-February 09

Posted 08 February 2009 - 08:33 AM

Is it possible that the bizrule is not called at all? Because when I put an echo in the rule, nothing happened..
0

#5 User is offline   qiang 

  • Yii Project Lead
  • Yii
  • Group: Yii Dev Team
  • Posts: 5,907
  • Joined: 04-October 08
  • Location:DC, USA

Posted 08 February 2009 - 10:36 AM

Did you assign the role to the user?

You only need to call Yii::app()->user->checkAccess('updateUser').
The task 'updateOwnUser' will automatically be checked first (with bizRule). If the bizRule succeeds, it will continue to check the child operation 'updateUser'.

0

#6 User is offline   eWolf 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 4
  • Joined: 06-February 09

Posted 08 February 2009 - 01:06 PM

Thanks, that was it!
But:
The task 'updateOwnUser' will automatically be checked first (with bizRule). If the bizRule succeeds, it will continue to check the child operation 'updateUser'.

To members only updateOwnUser is allowed, and not updateUser so why does he check for updateUser too?
0

#7 User is offline   qiang 

  • Yii Project Lead
  • Yii
  • Group: Yii Dev Team
  • Posts: 5,907
  • Joined: 04-October 08
  • Location:DC, USA

Posted 08 February 2009 - 02:20 PM

The following is how checkAccess does:
1. For each assigned auth item of the user, it first checks if the bizRule for the assignment returns true.
2. If true, it calls the item's checkAccess method. If the item's bizRule returns true,
2.1. If the item name is the same as the name passed in the original checkAccess() method, it returns true;
2.2. Otherwise, for every child item, it calls its checkAccess.


0

#8 User is offline   sgomez84 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 4
  • Joined: 13-February 11

Posted 07 April 2011 - 07:02 AM

Hi,
I am facing the same problem when I am checking access against a bizRule.

What I have is,
Authitem: TenantUser with bizrule
return Yii::app()->user->getTenantId()==$params["tenant_id"];
(getTenantId() is a method in my CWebUser class)

Whenever I try, Yii::app()->user->checkAccess('TenantUser', array('tenant_id'=> $tenant_id), even if the tenant_id's match it return false. I can't figure out what seems to be going wrong.

Some light would be really helpful.

Thanks
Sid
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users