Yii 1.1: Installing Yii Users and Rights to Newly Created Yii app

40 followers

After creating an yii app . we need to implement permission, Authentication and Authorization .so the best way is to use the Yii users and Rights modules.

its very simple to install these modules

Download

Download the yii-user user and rights rights extensions and unzip them.

unzip

unzip the modules to

/your-app/protected/modules/user

/your-app/protected/modules/rights

Create tables for user module

then goto /protected/modules/user/data/schema.mysql.sql

Need to update schema.mysql.sql to create field lastvisit_at instead of lastvisit

open the sql file ,and create the tables manually(that i prefer) , remove the 'tbl_' prefix from the tables(i prefer)

configure

then configure the config/main

under import

'import'=>array(
        ...
        'application.modules.user.models.*',
        'application.modules.user.components.*',
        'application.modules.rights.*',
        'application.modules.rights.components.*',
        ...
),

under modules

'modules'=>array(
 
        'user'=>array(
                'tableUsers' => 'users',
                'tableProfiles' => 'profiles',
                'tableProfileFields' => 'profiles_fields',
        ),
        'rights'=>array(
                'install'=>true,
        ),
 
),

under components

'components'=>array(
 
        'user'=>array(
                'class'=>'RWebUser',
                // enable cookie-based authentication
                'allowAutoLogin'=>true,
                'loginUrl'=>array('/user/login'),
        ),
        'authManager'=>array(
                'class'=>'RDbAuthManager',
                'connectionID'=>'db',
                'defaultRoles'=>array('Authenticated', 'Guest'),
        ),
 
),

after saving the main config file

install Rights module

install the rights

so that you have to login to user/login

(according to your url style)

your-app/index.php/rights/install

or

your-app/index.php?r=rights/install

after successful installation

change the main config file

change the main config file to

under modules

'user'=>array(
                'tableUsers' => 'users',
                'tableProfiles' => 'profiles',
                'tableProfileFields' => 'profiles_fields',
                     # encrypting method (php hash function)
                'hash' => 'md5',
 
                # send activation email
                'sendActivationMail' => true,
 
                # allow access for non-activated users
                'loginNotActiv' => false,
 
                # activate user on registration (only sendActivationMail = false)
                'activeAfterRegister' => false,
 
                # automatically login from registration
                'autoLogin' => true,
 
                # registration path
                'registrationUrl' => array('/user/registration'),
 
                # recovery password path
                'recoveryUrl' => array('/user/recovery'),
 
                # login form path
                'loginUrl' => array('/user/login'),
 
                # page after login
                'returnUrl' => array('/user/profile'),
 
                # page after logout
                'returnLogoutUrl' => array('/user/login'),
        ),
 
        //Modules Rights
   'rights'=>array(
 
                'superuserName'=>'Admin', // Name of the role with super user privileges. 
               'authenticatedName'=>'Authenticated',  // Name of the authenticated user role. 
               'userIdColumn'=>'id', // Name of the user id column in the database. 
               'userNameColumn'=>'username',  // Name of the user name column in the database. 
               'enableBizRule'=>true,  // Whether to enable authorization item business rules. 
               'enableBizRuleData'=>true,   // Whether to enable data for business rules. 
               'displayDescription'=>true,  // Whether to use item description instead of name. 
               'flashSuccessKey'=>'RightsSuccess', // Key to use for setting success flash messages. 
               'flashErrorKey'=>'RightsError', // Key to use for setting error flash messages. 
 
               'baseUrl'=>'/rights', // Base URL for Rights. Change if module is nested. 
               'layout'=>'rights.views.layouts.main',  // Layout to use for displaying Rights. 
               'appLayout'=>'application.views.layouts.main', // Application layout. 
               'cssFile'=>'rights.css', // Style sheet file to use for Rights. 
               'install'=>false,  // Whether to enable installer. 
               'debug'=>false, 
        ),

Change

'authManager'=>array(
            'class'=>'RDbAuthManager',
            'connectionID'=>'db',
            'itemTable'=>'authitem',
            'itemChildTable'=>'authitemchild',
            'assignmentTable'=>'authassignment',
            'rightsTable'=>'rights',
        ),

Your application is now ready .

change main layout

change the main layout.

$this->widget('zii.widgets.CMenu',array(
            'items'=>array(
                array('label'=>Yii::t('app','Home'), 'url'=>array('/site/index')),
                array('label'=>Yii::t('app','About'), 'url'=>array('/site/page', 'view'=>'about')),
                array('label'=>Yii::t('app','Contact'), 'url'=>array('/site/contact')),
                array('label'=>Yii::t('app','Login'), 'url'=>array('/user/login'),'visible'=>Yii::app()->user->isGuest),
                array('label'=>Yii::t('app','Rights'), 'url'=>array('/rights')),
                array('label'=>Yii::t('app','Logout').' ('.Yii::app()->user->name.')', 'url'=>array('/user/logout'), 'visible'=>!Yii::app()->user->isGuest)
            ,
        )));

Add rights

Then add rights filter to all controller

like

public function filters()
    {
        return array(
            'rights', // perform access control for CRUD operations
 
        );
    }

and change the extended controller to 'extends RController'.

then take rights in your url(according to url style) .

continue

http://www.yiiframework.com/wiki/448/assigning-dynamic-roles-to-a-user-using-yii-rights-module-at-the-time-of-user-creation-and-using-some-special-features-of-yii-rights/

Total 20 comments

#16793 report it
Rajith R at 2014/03/28 02:13am
@Fire

In config Main

'components'=>array(
 
        'user'=>array(
                'class'=>'RWebUser',
                // enable cookie-based authentication
                'allowAutoLogin'=>true,
                'loginUrl'=>array('/user/login'),
        ),
#16786 report it
Fire at 2014/03/27 09:06am
hi there, - getting this error: Application web user must extend the RWebUser class.

Hi there, I already had yii-user installed, getting this error Application web user must extend the RWebUser class.

Can someone help?

#16260 report it
Rajith R at 2014/02/04 12:38am
@johnsnails

Thank you

#16258 report it
johnsnails at 2014/02/03 10:24pm
Spelling mistake

Hey, As per your instruction, I tried searching for

lastvist

and changing it to

lastvist_at

The problem is, I think you spelt lastvisit wrong.

Hope this helps someone.

#15521 report it
Rajith R at 2013/11/18 11:54pm
@coolPhp

Follow the steps carefully .

Now, Pls drop all the tables related to user module and rights module. Restart the process !!

#15511 report it
coolPhp at 2013/11/17 11:26am
There must be at least one superuser!

rights/install is now giving me this error

Error 403 There must be at least one superuser!

I have the user admin set as superuser

#15510 report it
coolPhp at 2013/11/17 08:25am
You are not authorized to perform this action

I am getting the following error

Error 403 You are not authorized to perform this action.

when going to index.php?r=rights

I have the admin user set to superuser, but there is nothing in the authassignment,authitem, authitemchild What do I need to add into these tables if anything for the admin and other users?

#14995 report it
Rajith R at 2013/09/27 05:15am
@ferozfirru

Extend controllers from RController .

And check inside login controller whats happening!

#14974 report it
ferozfirru at 2013/09/25 10:19am
i am getting a error after installing the yii-user and rights modules?"This webpage has a redirect loop"

"This webpage has a redirect loop"

I am getting this error on user/login page.

i have added this code in every controller in user module

public function filters()
    {
        return array(
            'rights', // perform access control for CRUD operations
 
        );
    }

what i have to do friend?

#14485 report it
arun vivek at 2013/08/16 08:31am
@Rajith R

Now it's working...thanx

#14389 report it
Rajith R at 2013/08/08 01:46am
@arun vivek

arun vivek ,

No , you must add filter rights in every controller

public function filters()
    {
        return array(
            'rights', // perform access control for CRUD operations
 
        );
    }

and make in user table, superuser column set as 1 .

#14378 report it
arun vivek at 2013/08/07 07:35am
main layout

array('label'=>Yii::t('app','Profile'), 'url'=>array('user/profile')),

adding above code in $this->widget('zii.widgets.CMenu',array(....);

will be more useful

#14375 report it
arun vivek at 2013/08/07 05:08am
Working

its Working without public function filters().......

but show Error 403

There must be at least one superuser!

#14370 report it
Rajith R at 2013/08/07 02:28am
@MissChile

MissChile,

comment the line and try. pls follow the correct steps. otherwise its complicated.

#14368 report it
MissChile at 2013/08/06 10:31pm
Table 'DBNAME.authassignment' doesn't exist

I post this in case someone is having problem with the "rights" installation: It got this error:

"CDbCommand failed to execute the SQL statement: SQLSTATE[42S02]: Base table or view not found: 1146 Table 'DBNAME.authassignment' doesn't exist. The SQL statement executed was: SELECT * FROM AuthAssignment WHERE userid=:userid "

I just added

'tablePrefix' => '',

at the end of mysql info in COMPONENTS, (config/main.php) After that, the installation was successful.

I hope it helps.

#14331 report it
Rajith R at 2013/08/05 02:02am
@MissChile

hi MissChile,

its up to you. u can set a role based menu system.

#14306 report it
MissChile at 2013/08/03 04:24pm
Different menu?

With this method...can I redirect the "admin" to a different menu than the normal logged user?

Thanks!

#14090 report it
Rajith R at 2013/07/18 03:19am
hi nullne

good one nullne.

you can also import it in config/main

#14088 report it
nullne at 2013/07/18 02:43am
i resolve a peoplem

if you comes with this error:  include(User.php): failed to open stream: No such file or directory blablablablablablabla

then you just need to add this code in your right/component/RAuthorizer.php

Yii::import('application.modules.user.models.*);

then you made it! enjoy!

#13226 report it
alek at 2013/05/16 05:33am
i made the same mistakes

i have found that we made same mistakse /index.php/rights 403 There must be at least one superuser!

the reason that we have made datatables in database for rights module, drop them and try to install again

Leave a comment

Please to leave your comment.

Write new article