how can I protect Srbac extension?
thanks
how can I protect Srbac extension?
thanks
what do you mean by protect?
deny access to index.php? r = Srbac / authitem / frontpage
any idea?
thanks
either disable the module in the configuration file (no one can access the page, now) or use accesscontrol to limit access to specific users
It’s already protected.
The ‘protected’ directory is protected. It’s not accessible to the public.
Hence the need to publish extension assets to ‘assets’.
thanks to all.
i readed this instruction:
An ‘Authorizer’ role will be created.(You can change the name of the role through srbac configuration)
This is the only user that can admin srbac (create , edit, delete roles, tasks, operations and assign them to users).
Notice that until you set srbac debug attribute to false anyone can admin srbac.
Also anyone can admin srbac until you assign Aythorizer role to at least one user.
The curious thing is that they are logged on the site but I manage Srbac.
the situation is attached
You got key points for using srbac extension, especially that you need to add user with Authorizer role, in order to deny access to other users. Also be careful not to delete this user, otherwise all users will gain access to srbac module.
hi boys.
I solved.
just learn English.
An ‘Authorizer’ role will be created.(You can change the name of the role through srbac configuration)
This is the only user that can admin srbac (create , edit, delete roles, tasks, operations and assign them to users).
Notice that until you set srbac debug attribute to false anyone can admin srbac.
I created a user admin with role Autorized
and after set debug to false.
the configuration’s file is :
'srbac' => array(
#'userclass'=>'User', //default: User
'userclass'=>'TblUser',
#'userid'=>'user_ID', //default: userid
'userid'=>'id',
'username'=>'username', //default:username
'delimeter'=>'@', //default:-
#'debug'=>true, //default :false
'debug'=>false,
'pageSize'=>10, // default : 15
#'superUser' =>'Authority', //default: Authorizer
'superUser' =>'Authorizer',
'css'=>'srbac.css', //default: srbac.css
'layout'=> 'application.views.layouts.main', //default: application.views.layouts.main,
//must be an existing alias
'notAuthorizedView'=> 'srbac.views.authitem.unauthorized', // default:
//srbac.views.authitem.unauthorized, must be an existing alias
'alwaysAllowed'=>array(
//default: array()
'SiteLogin','SiteLogout','SiteIndex','SiteAdmin','SiteError', 'SiteContact'),
'userActions'=>array('List','Show','View','Create','Update','Delete','Index','Admin','Autocomplete'), //default: array()
'listBoxNumberOfLines' => 15, //default : 10
'imagesPath' => 'srbac.images', // default: srbac.images
'imagesPack'=>'noia', //default: noia
'iconText'=>true, // default : false
'header'=>'srbac.views.authitem.header', //default : srbac.views.authitem.header,
//must be an existing alias
'footer'=>'srbac.views.authitem.footer', //default: srbac.views.authitem.footer,
//must be an existing alias
'showHeader'=>true, // default: false
'showFooter'=>true, // default: false
'alwaysAllowedPath'=>'srbac.components', // default: srbac.components
// must be an existing alias
)
Thanks for your patience.
Thanks for writing the solution!
I began with SRBAC and following the instruction (v1.2) after having pointed the browser (to /path/to/application/index.php?r=srbac) i got:
CException
Property "SrbacModule.0" is not defined.
/Users/alfredo/Sites/yii/framework/base/CModule.php(483)
any idea?
thanks (coming from JEE, i’m only a Yii beginner)