Chapter 8: RBAC, CheckAccess - doesn't work at all?

Archives Agile Web Application Development with Yii1.1 and
1

I’m having a bear of a time with the CheckAccess. It returns false, no matter what, every time. I can’t understand why. If i put in my ProjectController, accessRules


public function accessRules()

	{

		return array(

			array('allow',  // allow only authenticated users to perform 'index' and 'view' actions

				'actions'=>array('index','view','create','update'),

				'users'=>array('@'),

			),

			array('allow', // allow admin user to perform 'admin' and 'delete' actions

				'actions'=>array('admin','delete','adduser'),

				'users'=>array('owner'),

			),

an owner can’t access admin, delete, etc. If I change that to ‘@’, then any authenticated user can perform admin and delete, but STILL are restricted from the adduser action. What’s goin’ on? I’m really stuck on this, I can’t figure out how it fits together. :confused: Relying on checkAccess is impossible, it’s always false and throws no errors. So no matter who is logged in, they can never see the Add User link on the Project page.

Anyone know the fix for this? I’m stumped.

2

OK turns out there’s some insufficient/incorrect data in my database, specifically in the ‘authassignment’ table. Seems it hasn’t been populated properly, so I’m gonna have to work on that a little. Manually entering some things has gotten it sorta working. I think I’m starting to catch on a little.

I feel bad I’ve twice cluttered this board. is there a a delete thread button? I can’t find it. :(

3

No worries.

Others might experience the same error - so kudos for providing the answer. :)

4

For reference, I found this thread helpful in tracing through my problems

http://www.yiiframework.com/forum/index.php?/topic/18842-yiiapp-user-checkaccess-does-not-work/

and Creating a new project doesn’t seem to assign users to it…did I miss that, or is it supposed to be like that? Now I have to manually update the tables directly to add the first user… :confused: