Difference between #10 and #17 of Installing Yii Users and Rights to Newly Created Yii app

unchanged
Title
Installing Yii Users and Rights to Newly Created Yii app
unchanged
Category
Tutorials
unchanged
Tags
yii user, right, user, Authentication, access control, rights, Role based access control
changed
Content
After creating an yii app . we need to implement permission, Authentication and
Authorization .so the best way is to use the Yii users and Rights modules.

its very simple to install these modules

Download
--------

Download the yii-user [user](http://www.yiiframework.com/extension/yii-user/
"user") and rights
[rights](http://www.yiiframework.com/extension/rights/ "rights")
extensions and unzip them.

unzip
-----

unzip the modules to

/your-app/protected/modules/user

/your-app/protected/modules/rights

Create tables for user module
-----------------------------

then goto /protected/modules/user/data/schema.mysql.sql

Need** Need to update schema.mysql.sql to create field
`lastvisit_at``lastvist_at` instead of
`lastvisit``lastvist`

open the sql file ,and create the tables manually(that i prefer) , remove the
'tbl_' prefix from the tables(i prefer)


configure
--------- 

then configure the config/main


under import
~~~
[php]
'import'=>array(
        ...
        'application.modules.user.models.*',
        'application.modules.user.components.*',
        'application.modules.rights.*',
        'application.modules.rights.components.*',
        ...
),
~~~

under modules




~~~
[php]
'modules'=>array(
        
        'user'=>array(
                'tableUsers' => 'users',
                'tableProfiles' => 'profiles',
                'tableProfileFields' => 'profiles_fields',
        ),
        'rights'=>array(
                'install'=>true,
        ),
       
),
~~~




under components



~~~
[php]
'components'=>array(
       
        'user'=>array(
                'class'=>'RWebUser',
                // enable cookie-based authentication
                'allowAutoLogin'=>true,
                'loginUrl'=>array('/user/login'),
        ),
        'authManager'=>array(
                'class'=>'RDbAuthManager',
                'connectionID'=>'db',
                'defaultRoles'=>array('Authenticated', 'Guest'),
        ),
        
),
~~~


after saving the main config file


install Rights module
---------------------

install the rights

so that you have to login to user/login

(according to your url style)

your-app/index.php/rights/install

or

your-app/index.php?r=rights/install

after successful installation

change the main config file
---------------------------

change the main config file to


under modules



~~~
[php]
'user'=>array(
                'tableUsers' => 'users',
                'tableProfiles' => 'profiles',
                'tableProfileFields' => 'profiles_fields',
					 # encrypting method (php hash function)
				'hash' => 'md5',
	 
				# send activation email
				'sendActivationMail' => true,
	 
				# allow access for non-activated users
				'loginNotActiv' => false,
	 
				# activate user on registration (only sendActivationMail = false)
				'activeAfterRegister' => false,
	 
				# automatically login from registration
				'autoLogin' => true,
	 
				# registration path
				'registrationUrl' => array('/user/registration'),
	 
				# recovery password path
				'recoveryUrl' => array('/user/recovery'),
	 
				# login form path
				'loginUrl' => array('/user/login'),
	 
				# page after login
				'returnUrl' => array('/user/profile'),
	 
				# page after logout
				'returnLogoutUrl' => array('/user/login'),
        ),
		
		//Modules Rights
   'rights'=>array(
			
				'superuserName'=>'Admin', // Name of the role with super user privileges.

			   'authenticatedName'=>'Authenticated',  // Name of the authenticated
user role. 
			   'userIdColumn'=>'id', // Name of the user id column in the database. 
			   'userNameColumn'=>'username',  // Name of the user name column in the
database. 
			   'enableBizRule'=>true,  // Whether to enable authorization item
business rules. 
			   'enableBizRuleData'=>true,   // Whether to enable data for business
rules. 
			   'displayDescription'=>true,  // Whether to use item description instead
of name. 
			   'flashSuccessKey'=>'RightsSuccess', // Key to use for setting success
flash messages. 
			   'flashErrorKey'=>'RightsError', // Key to use for setting error flash
messages. 
			  
			   'baseUrl'=>'/rights', // Base URL for Rights. Change if module is
nested. 
			   'layout'=>'rights.views.layouts.main',  // Layout to use for displaying
Rights. 
			   'appLayout'=>'application.views.layouts.main', // Application layout. 
			   'cssFile'=>'rights.css', // Style sheet file to use for Rights. 
			   'install'=>false,  // Whether to enable installer. 
			   'debug'=>false, 
		),
~~~
 

Your application is now ready .

change main layout
------------------

change the main layout.



~~~
[php]
$this->widget('zii.widgets.CMenu',array(
            'items'=>array(
               
array('label'=>Yii::t('app','Home'),			'items'=>array(
				array('label'=>'Home', 'url'=>array('/site/index')),
				array('label'=>Yii::t('app','About'),
				array('label'=>'About', 'url'=>array('/site/page',
'view'=>'about')),
				array('label'=>Yii::t('app','Contact'),
				array('label'=>'Contact', 'url'=>array('/site/contact')),
                array('label'=>Yii::t('app','Login'),
'url'=>array('/user/login'),'visible'=>Yii::app()->user->isGuest),
                array('label'=>Yii::t('app','Rights'),
'url'=>array('/rights')),
                array('label'=>Yii::t('app','Logout').'
				array('label'=>'Login', 'url'=>array('/user/login'),
                                array('label'=>'Rights',
'url'=>array('/rights'), 
 'visible'=>Yii::app()->user->isGuest),
				array('label'=>'Logout ('.Yii::app()->user->name.')',
'url'=>array('/user/logout'),
'visible'=>!Yii::app()->user->isGuest)
            ,
        )));
			),
		));
~~~




Add rights 
----------

Then add rights filter to all controller

like



~~~
[php]
public function filters()
	{
		return array(
			'rights', // perform access control for CRUD operations
			
		);
	}
~~~

and change the extended controller to 'extends RController'.

then take rights in your url(according to url style) . 


continue
------------------

[http://www.yiiframework.com/wiki/448/assigning-dynamic-roles-to-a-user-using-yii-rights-module-at-the-time-of-user-creation-and-using-some-special-features-of-yii-rights/](http://www.yiiframework.com/wiki/448/assigning-dynamic-roles-to-a-user-using-yii-rights-module-at-the-time-of-user-creation-and-using-some-special-features-of-yii-rights/
"continue")