RBAC issue

RESOLVED

Hello,

I am trying setup some roles for my blog and can’t seem to grasp the idea for rbac. I’ve read all available posts but none was of any significant help. So I have protected/config/auth.php file with the following code:


class Auth extends CPhpAuthManager

{

    public function init()

    {

        $auth=Yii::app()->authManager;


        $auth->createOperation('readPost', 'Read a post');

        $role=$auth->createRole('reader');

        $role->addChild('readPost');

    }

}

Basically I am trying to create a reader role and use it later in accessControl function of my Post/Comment controllers.

In my protected/config/main.php I have:


'authManager'=>array(

'class'=>'CPhpAuthManager',

),

In my PostController I have:


public function accessRules()

            {

                return array(

                 array('allow', // allow authenticated users to perform any action]

                     'actions'=>array('view'),

                        'roles'=>array('reader'),

                    ),

}

I thought this should be enough to hide the posts in the blog but instead I ran into the following error:


PHP Error

Description


Invalid argument supplied for foreach()

Source File


C:\xampp\htdocs\framework\web\auth\CPhpAuthManager.php(449)

What am I doing wrong? Any help is appreciated as I am stuck. There should probably be something wrong with auth.php file but I don’t know what.

cheers,

b

Hmmm,

I don’t think you need to extend CPhpAuthManager, you’re extending a core class with is already extended by another yii class for authentication if i’m not mistaking.

If you want to input roles in to your db just swing them in a controller ‘test’ function actionIndex and I guess it should work.

Hope I helped you.

Hi,

I am trying to set some roles without using DB and just using a php file but I don’t understand what I am doing wrong in the case as I always get that error even if I remove the extension class.

Thanks,

b

I don’t think that you can use it without a database, if you really want to use it without you’ll probably have to rewrite it yourself or use pelleke’s solution which you can find in the Guide but then you’ll be bypassing the RBAC.

If you were searching for the sql scheme it’s in the framework/web folder if i’m not mistaking.

Bettor,

you’re on the right track. You’ve defined the operation(s), created role(s) and assigned operations to them.

But: which users have that role assigned to them? You will also need to add that:




$user=...;

$auth->assign($role,$user);



Next to that, you have an error in your config file main.php. Instead of using the CPhpAuthManager you should use your class Auth:




'authManager'=>array(

'class'=>'Auth',

),



GL

Thanks Onman,

I figured that out.

Cheers,

b