Srbac is a module that adds a graphic web interface for the administration of Yii rbac It uses the CDbAuthManager so it needs a database (MySQL and SQlite are tested) In this first alpha version you can do: Create, update and delete Auth items (roles, tasks, operations) Assign operations to tasks, tasks to roles and roles to users. After version 1.0.2 you can automatically create operations/task for you controllers' actions and use them without modifying your controllers' code just by extending SBaseController in your controllers. Also srbac supports nested modules and nested controllers (v1.1)
- Join discussion
- Report bugs
- Documentation v 1.2
- Documentation v 1.0.3
- SVN download Download the latest srbac code
Download full srbac 1.2 guide in pdf format ¶
Download full srbac 1.0.3 guide in pdf format ¶
Change Log ¶
July 27, 2011 ¶
Added autocomplete textbox for searching in users assignments
Fixed static function call (issue 76)
Fixed controllers in sub directory not working properly (issue 73)
Fixed clever assigning (issue 77)
Added Czezh translation
Remove access to srbac granted to all until Authority role is assigned.
Added $delimeter parameter to SrbacModule (default "-")
Added ReturnUrl feature for expired sessions
Fixed SQLite compatibility issue
Fixed multiple ajax submits
Fixed bug with auth item delete
Fixed bug caused by auto param binding in yii 1.1.4 and above
Fixed “/” delimeter between module and authitem name causing errors with some UrlManager configurations by adding a delimeter parameter to srbacModule
Fixed a bug with Helper not imported
Fixed clever assigning
Fixed bug with actions contain the string "action"
Removed checkDefaultRoles function that does not exist anymore in CDbAuthManager
June 07, 2010 ¶
Added srbac.components.SDbAuthManager.php .You can set this as your AuthManager class in main.php configuration file if you want case insensitive access checking.
Fixed bug when allowed.php did not return an array.
Added Lithuanian translation
Added Ukranian translation
Updated Spanish and Russian translation
May 04, 2010 ¶
Detect actions that belong in controller's actions function (captchas etc)
April 24, 2010 ¶
Added button to check for authItems not belonging to existing controller(due to controller deletion etc) then select which authItems to delete.
Show always allowed actions in users assignments
If checking db fails , check for lower-upper case issues and display a message
Added Hungarian translation
Show message when exception occurs during install
Fixed always allowed tab view being too short when there are not many controllers
Changed always allowed.Now the gui is always enabled and its' array is merged with the one defined by alwaysAllowed attribute (which can be a string, array or file)
March 21,2010 ¶
srbac 184.108.40.206 ¶
Bug fixes Fixed a compatibility issue with Yii 1.1.1
March 18,2010 ¶
srbac 220.127.116.11 ¶
always allow acces when srbac is in debug mode
Auth items are auto created only for controllers that extend SBaseController
Fixed IE bug when tab selection was not allowed in assign page
Fixed bug when layout is set to ‘main’
Change the character that indentifies a module in authItems from to /
If upgrading When upgrading to Version 18.104.22.168 (r174) you should change in auth items the ‘’ character that identifies the modules to ‘/’.
January 23,2010 ¶
srbac 22.214.171.124 ¶
Removed attribute layout since there's already a layout attribute in CWebModule
January 19, 2010 ¶
srbac 1.1.0 ¶
•Addded alwaysAllowedPAth attribute.
•Added bredcrumbs (hard coded)
•Fix alwaysAllowed bug when using srbac as submodule (fixes issue 38)
•Fix AlwaysAllowedFile creation
•Fixed css publishing
•Fixed css for tabview
•Updated Spanish translation
•Added Portuguese translation
December 7, 2009 ¶
srbac 1.1 RC ¶
•Support for table prefix.
•Autocreate scans in subdirectories of controller paths.
•GUI for editing the alwaysAllowed list.
•Added onUnauthorizedAccess protected method in SBaseController.
•alwaysAllowed attribute can also accept an alias to a file that returns an array.
•alwaysAllowed and userActions can now be an array or a coma delimeted string.
•Add clever assigning of operations to tasks.
•Add configuration checking of attributes userid, username, css, notAuthorizedView, layout, imagesPath, imagesPack before installation.
•Replaced deprecated function in php 5.3 ereg_replace and split with preg_replace and explode.
•Fixed scanning of modules when url formating is used
•All list boxes in assign tabview are sorted alphabetically.
•Fixed bug when using different databases for the main application and the AuthManager.
•Fixed bugs related to version checking and translations.
•Fixed process-working.gif to be a transparent gif.
•Fixed controller action scanning.
•Fixed using different db connections for CDbAuthManager and main application causes srbac to detect wrong auth database.
•Update all files for Yii 1.1 compatibility.
•Updated Greek translation.
•imagesPath attribute now accepts alias instead of url.
•Updated Spanish translation.
December 4, 2009 ¶
srbac 126.96.36.199 ¶
•Fixed installation bug.
•Fixed authitems order in assign tabviews
November 4, 2009 ¶
srbac 1.0.3 ¶
•Added imagesPack attribute.User can choose which pack of images to use for the srbac icons.
•Hovering over an authItem in authItems manager will show its description.
•If an action is in alwaysAllowed array will be ignored during the autocreation of authItems.
•Added srbac attribute imagesPath to set the path to the srbac icons (create, delete, admin etc).
•Custom srbac css can be placed not only in srbac/css directory but also in default application/css directory.
•Auto create checks if task exist and displays them or not in the create tasks list.
•Auto creating of modules controllers actions.
•Added a default unauthorized view in case the user has not defined one.
•Fixed an IE bug in autocreation view(Thanks to 'idle sign').
•Access is now always denied to guests, except if the current page is in alwaysAllowed array.
•Fixed php short tags in views/AuthItem/userAssignments.php.
•srbac should work now in linux os.
•Changed dataGrid class to srbacDataGrid so it won't conflict with Yii dataGrid class.
•Added new icons and a control center top bar (Thanks to 'idle sign').
•Added new css styles and new ajax‐loader (thanks to 'idle sign').
•Added noia icons pack.
•Changed custom images path relative to webroot .
•Set default css to srbac.css.
•Changed allowedAccess() method in SBaseController to protected so it can be inherited.
•Updated spanish translation (Ricardo Obregon).
October 17, 2009 ¶
srbac 1.02.r13 ¶
Fixed php short tags in views/AuthItem/userAssignments.php
srbac should work now in linux os
listBoxNumberOfLines attributes controls the number of lines in assign tabview listboxes
Updated spanish translation (Ricardo Obregon)
October 15, 2009 ¶
srbac 1.02.6 ¶
Removed safe rule from authItem model
Changed view path to authitem instead of authItem due to case sensitivity errors in some operation systems.
Import SBaseController in modules init method.
October 13, 2009 ¶
srbac 1.02.5 ¶
When auto creating/deleting operations a check is performed to see if the items already exist.
Udefined variable in assignments.php (Thanks to idle sign)
ShowAssignments ajax call (Thanks to idle sign)
Russian translation updated to v1.2 (Thanks to idle sign)
October 8, 2009 ¶
srbac 1.02.1 ¶
Fixed a bug that prevented installation of srbac
Srbac attribute alwaysAllowed, to define which operations are always allowed
Srbac attribute userActions to define which actions are assigned to using task by default
layout attribute accepts path alias now
October 6, 2009 ¶
srbac 1.02 ¶
Automatic creation of operations based on controllers' actions.
Also Creation of two tasks (using, administrating)
The operations are also assigned to these tasks based on the action's name (all operations assigned to administrating and you can choose which actions are assigned to using)
Mass delete of automatic created operations, tasks for each controller
Cannot revoke Authority role if there's no other user with that role
Custom not authorized page
srbac front page (just the links for authItems managing, assigning and user's assignments)
srbac isInstalled() method
Added an SBaseController that must be extended for the use of automatic created auth items.
September 30, 2009 ¶
srbac 1.01 ¶
Custom layout for srbac (layout must be in default application's layout folder)
Add ajax indicators.
Can call user assignments directly from your user's controller by
$this->renderPartial('application.modules.srbac.views.authItem.assignments', array("id"->$id), false, true); //$id is the user's id
Spanish translation (Ricardo Obregon)
Russian translation (idle sign)
September 20, 2009 ¶
srbac v1.00 ¶
Srbac can be installed as a child module too
Custom cssFile support
Fixed undefined variables (thanks to sebi, idle sign)
Fixed possible SQL-injections flaw (thanks to Anticon)
Fixed jquery requested twice (thanks to horizons)
Use Yii:app()->getRequest() instead of $_REQUEST (thanks to horizons)
August 17, 2009 ¶
srbac beta4 ¶
Fixed bug when when a not-Authorizer-user tries to access SRBAC (thanks to Anticon)
Fixed bug with deleting tables in wrong order (thanks to rabol)
Fixed bug with wrong column name resulting in errors while working with innoDB engine(thanks to sebi)
July 29, 2009 ¶
srbac beta3 ¶
View Roles / Tasks / Operations assigned to users at index.php?r=srbac/authItem/assignments
July 27, 2009 ¶
srbac beta2 ¶
1 Delete authItems
2 Ajax based web interface for administrating auth items at index.php?r=srbac/authItem/manage
July 23, 2009 ¶
srbac beta ¶
1 Fixed udefined variable errors
2 Fixed showing all items in the assigned and in the not assigned panels when accessing the assign page for the first time
3 Fixed errors when pressing '<<' or '>>' with a wrong selection of items
4 Wrong tab display after an assignment
1 You can select if demo data will be created in install
2 All assignments calls are made in ajax
3 You can set the name of the Authorizer authItem
4 You can update the names of the auth Items
July 6, 2009 ¶
alpha 2 release
Small bug fix (srbac attribute should be pageSize not pagesize)