Auth is a new module from the creator of the popular Rights module for managing user permissions in Yii applications. It's a completely new, modern and responsive user interface for Yii's authorization manager (CAuthManager) built using the also popular Bootstrap extension.
Auth is NOT a new version of Rights, even though those familiar with Rights might feel at home using it. It was developed from scratch following Yii's conventions and it's both easier to use and extend.
Links ¶
Requirements ¶
- Yii 1.1.10 or above
- Bootstrap extension 1.0.0 or above
Usage ¶
You can read about how to setup and use this module from its README on GitHub.
Changes ¶
v1.6.0 (Jan 23, 2013) ¶
- Moved admins to AuthBehavior
- Change AuthFilter to require login
- Translation fixes
v1.5.0 (Jan 17, 2013) ¶
- Change module to only allow admin users
- Rename translations (e.g. en_us to en)
- Translation fixes
v1.4.1 (Jan 12, 2013) ¶
- Fix caching of access checks
- Add Russian translation (thanks Ragazzo)
v1.4.0 (Jan 12, 2013) ¶
- Add support for caching access checks
- Add initial support for CPhpAuthManager
- Fix capitalization for cyrillic languages
- Ukranian translation (thanks MadAnd)
v1.3.0 (Jan 4, 2013) ¶
- Added support for bypassing access checks for certain users
- Fixed controller ids when translations are enabled
v1.2.1 (Jan 1, 2013) ¶
- Refactored grid column classes
- Fixed a minor bug in listing assignments
v1.2.0 (Dec 31, 2012) ¶
- Added CachedDbAuthManager
- Added authorization item subcontrollers
v1.1.0 (Dec 30, 2012) ¶
- PHP 5.3.0 requirement dropped
- Refactored code
v1.0.0 (Dec 29, 2012) ¶
- Initial release
better performance??
thank bro. I hope this extension has better performance than rights extension. as my experience, rights extension not suitable for handling more then 20.000 user. still run but too slow...
closure
thanks Chris !
One note : due to closure usage (e.g TbGridView) this module is not suitable for php version before 5.3.0.
@wawancell
This extension only provides an user interface and the performance issues are most likely related to CDbAuthManager. However, you may use any authorization manager with this extension. I might look into creating a better performing authorization manager for Yii in the future but we'll have to see about that later.
Requirements
Why Requirements now php 5.3.0?
Re: requirements
@fad:
Raoul wrote:
due to closure usage (e.g TbGridView) this module is not suitable for php version before 5.3.0.PHP 5.3 requirement dropped in 1.1.0
Auth required PHP 5.3 since the first version because it used closures and DIR. However, I made the necessary changes in version 1.1.0 to drop this requirement.
sql table
what about sql tables to create? no info from readme
@fad
The extension itself doesn't require you to even use a database. However if you wish to use CDbAuthManager you needs its schema which can be found in the framework under web/auth.
Missing pages
Thanks Chris for the great contribution.
I've noticed that you have dropped 2 pages from yii-rights.
I wonder what plans you have for these pages in yii-auth.
"permissions" page has been very convenient, IMO.
good news
Thanks Chris, now it works fine with my old php 5.2.2 ;)
permissions page
I agree that permissions page was very useful, but with large amount of operations and more than 5 profiles there is a need for filters of any kind.
I often generate auth items for each model. It would be super cool if I could filter by model name and it's direct relations.
@softark
As I already mentioned this extension isn't a new Rights. Also, I developed this first version in a couple of weeks so I made it with minimum requirements. As for the permissions page I think it's double functionality with the authorization item management it's also a very difficult page to design user interface vice, because the one used in Rights doesn't work with 100 operations and 10 roles at all. As for the item generation I think that it's a nice to have feature and I might include it in later version.
Re: Missing pages
Thank you Chris for the reply.
Yes, I knew that. Also we can't order items by drag'n'drop anymore, because Auth doesn't have a table for sorting. But I think the thin and slim design of Auth will compensate it and do much more.
@softark
The item weight was introduced in Rights because the user interface required it. I don't think we need weights in Auth as the user interface is quite different.
Nice work!
Great stuff Chris. :)
I am definitely going to switch to using Auth instead of Rights. Rights was great, but it was unwieldy and shows it's age.
I hope Auth it works well with YiiBooster's version of Bootstrap widgets. :)
bizrule
@jacmoe : based on my tests v 1.2.0 works fine with YiiBooster ...
@Chris : do you plan to add a bizrule and a data field ?
Thanks again fro this clean, simple and useful module ;)
Bug when customising Model and primary key column name
I had to change line 35 in class AuthAssignmentItemsColumn
from:
$assignments = $am->loadAuthAssignments($data->id, false);
to:
$assignments = $am->loadAuthAssignments($data->primaryKey(), false);
in order to use a custom "User" model with a primary key other than the standard "id". Chris83 had implemented this scenario but left this line unchanged. Great extension though.
any chance to use this with usergroups ?
Hello Chris thx for this nice extension is there any chance to use this module with usergroups ?
@DocSnyder
I don't think that would work because iirc usergroups isn't an implementation of CAuthManager.
@Raoul
I don't think bizrules and data is something that belong in the user interface. In my opinion these should only be set and changed from code. Not to mention that it would be quite difficult to create an ui that allows you to set these fields properly.
Re: @Raoul
I agree that it belongs in code. :)
What was wrong with Rights was that it tried to do everything from the web interface. Not that I don't like Rights, but I think Auth would be more my cup of tea. :)
Different using DB and not using DB? User management?
Hi Chris,
Another great ext from you. Thank you.
My question is what would be the different between using and not using DB?
Most of my application required yii-user and rights. Why not create new ext integrating both ext? Mostly, I do not need registration and recover password, just user management.
Cheers,
Daniel
bizrule (2)
@Chris & @jacmoe : ok, I never really thought about that but now I agree : bizrules and data are not welcome in gui (or maybe only display them).
Now if I may suggest to create a Forum thread to discuss Auth ? ... I mean comments are nice but hard to follow.
@Raoul
I've created a Google Group for discussing the extension, here's a link: https://groups.google.com/forum/#!forum/yii-auth
Example on filters usage
Hi Chris,
Just wondering, in Rights, we need to extend the controller to RController then change the below code into
public function filters() { return array( 'rights', ); }Now, using auth, what should we do? more explanation please?
Thank you,
Daniel
@Daniel
In Rights everything was done the hard way, Auth is different and minimizes excess functionality. I noticed a minor bug in the documentation, I've corrected it so you can use the example configuration to get started using the filter: https://github.com/Crisu83/yii-auth/blob/master/README.md#checking-access-using-a-filter
Composer package
Nice work! This extension is now available at http://packages.phundament.com as a composer package.
Special thanks to Mantas for submitting it.
Nice
Very Nice Chris! Thank you :)
How to migrate "isSuperuser"
I just tried to replace yii-rights with yii-auth and stumbled upon this error:
Property "AuthWebUser.isSuperuser" is not defined.I have this in my code (uses yii-rights):
// do not apply filter for superuser if (!Yii::app()->user->isSuperuser) { [...]How can I check for a superuser in yii-auth?
checkAccess
The Readme...
if (Yii::app()->user->checkAccess('itemName')) // itemName = name of the operation { // access is allowed. }is admin user
@schmunk
Yii::app()->user->isAdmin
Thanks
Does anyone know, if the extension would the extension be compatible with yii-user if it implements this method?
need user table?
Hi Chris,
Can we use auth without user management/minimum user table? I am a bit confuse.
performance
Hi Chris,
I've got a lot of auth items:
I've noticed that loading the assignment page took very long and made more than 2000 database queries.
So I've written an overloaded CDbAuthManager class that will load everything in one (three actually) queries and serve data from a tree like array.
Check it out at SingleDbAuthManager. If that idea will prove itself, maybe it's worth distributing with your auth module.
When using with auth module, just do:
It shouldn't have any drawbacks in my opinion.
Business rules added
Thank you for this great extension.
Not sure why there is no support for setting business rules on operations.
I added this functionality, feel free to download the fork:
https://github.com/kakousis/yii-auth
How to specify Allowed Actions?
Is there a way to specify allowed actions for guest user? Like we did with the great Rights Module.
public function allowedActions() { return 'login,logout'; }Allowed Actions
There is no allowedActions in the auth extension. Include them in the filters, which are interpreted by the Yii CController.
public function filters() { return array( array('auth.filters.AuthFilter - login, test'), ); }Read more in the doc.
error page
1) To display the access errors in the view, you need to add error handler (site/error) to the exclusion of filter or add it to role permissions
public function filters() { return array( array('auth.filters.AuthFilter - login, logout, restore, captcha, error'), ); }2)
instead 401 error (Unauthorized) in AuthFilter.php, you need to use 403 (Forbidden)
throw new CHttpException(403, 'Access denied.');PS: Chris, thx for perfect extension
Users with full access
I can't get it work with assigning user full access. In config I have this:
'authManager' => array( 'class' => 'CDbAuthManager', 'connectionID'=>'db', 'itemTable' => 'tbl_authitem', 'itemChildTable' => 'tbl_authitemchild', 'assignmentTable' => 'tbl_authassignment', 'behaviors' => array( 'auth' => array( 'class' => 'auth.components.AuthBehavior', 'admins' => array('admin'), // users with full access ), ),but when I log in and check with:
Yii::app()->user->isAdmin// falseit gives me false and denies from actions untill I write them in filters explicitly. Has anyone faced a similar issue before?
Users with full access
Answering my own question. I forgot to assign username in UserIdentity class:
public function authenticate() { $user=User::model()->findByAttributes(array('username'=>$this->username)); if($user===null) $this->errorCode=self::ERROR_USERNAME_INVALID; else if($user->password!==md5($this->password)) $this->errorCode=self::ERROR_PASSWORD_INVALID; else { $this->_id=$user->id; $this->setState('username', $user->username); // Here is what I forgot $this->errorCode=self::ERROR_NONE; } return !$this->errorCode; }AuthWebUser class uses it to assign an admin role. Kind of obvious thing but still I forgot about it while testing.
Authorise value - another column
Hi,
I need in system authorise by 'id' of user. Not 'name' column.
In AuthWebUser.php in your module you have "$this->setIsAdmin(in_array($this->id, Yii::app()->authManager->admins));".
I have to all the time when i get update change this to "$this->id".
Is it possible to do something with that?
Login captcha
I have strucked in the admin login page that the captcha not showing the image
after i add $publicPages in beforeControllerAction in admin module AdminModule.php
$publicPages = array( ...... 'default/captcha', ...... );Working fine
Module-wide rules fix
Any operations named module.* are ignored by this module. In order to fix this the auth/filters/AuthFilter.php file should be altered as follows:
protected function preFilter($filterChain) { ... if (($module = $controller->getModule()) !== null){ $itemName .= $module->getId() . '.'; if (Yii::app()->user->checkAccess($itemName.'*')) return true;//Add this line } ...Awesome extension.
" WebUser component is not an instance of AuthWebUser " Execption.
Hey,
i have downloaded yii-auth-1.6.0.zip version of this extension. and done configuration as you have mentioned here.
But when i am trying to access the application i am getting below given exception.
"Property "AuthWebUser.admins" is not defined. "
Any thoughts about it.
Then i temporary commented below given code.
'user' => array(
'class' => 'auth.components.AuthWebUser', //'admins' => array('admin', 'foo', 'bar'), // users with full access ),And run the app. now its working.
But i am unable to access the magic of this extension yet.Its showing permission error.
Could you please tell me how could i fix it.
And also. in you downloaded extension AuthModule.php is not updated as it is shown here
Could you please confirm it.
Looking forward to here from you.
Owner validation
Hi
first of all, thanks for the extension. It's really useful, although I dont know how to set owner validation into the yii-auth logic
I always use the below code of validation, it's not a good piece of code because it does not allow the separation of cross-cutting logic.
actionUpdate($id){ $post_model=$this->loadmodel($id); if($post_model->user_id==Yii::app()->user->getId()) #do st.. else #shame on you }please, What is the best way to fulfill my expectations?
thanks
SERGIO
@codesutra - Fix for "Property "AuthWebUser.admins" is not defined"
Fixed with:
'components'=>array( // ... 'user'=>array( 'class' => 'auth.components.AuthWebUser', 'behaviors' => array( 'auth' => array( 'class' => 'auth.components.AuthBehavior', 'admins' => array('admin'), ), ), ), // ... ),@Rodrigo Coelho
Thanks for your solution posted in Your text to link here... :)
i have already fixed that issue with your provided solution few days before. but couldn't reply on the thread.
Anyways thanks again for your response.
Assign Admin Permissions to user.
Anybody can suggest me, how could i assign admin permissions to some user with extension.
I am not expecting to add that user into the admins array into the config file. :)
it would be great if anybody can tell me some thoughts about it.
Thanks in Advance.
Thanks and Regards,
github
What happen to the github link?
@akkumaru: github repos should be working again
from the github support:
Auth and BUM extension integration.
hi, I'm testing this module and also BUM.
BUM is working fine, but after installing Auth, and Running /index.php?r=Auth I get the exception:
>
WebUser component is not an instance of AuthWebUser..
Witch is right, because I didn't write this line in config/main.php:
'class' => 'auth.components.AuthWebUser',because I have it already with:
'class' => 'BumWebUser',If I change BUM doesn't work ( i guess).
Any sugestion ?
Best regards
Property "AuthModule.defaultLayout" is not defined.
hi. i get the following error:
Property "AuthModule.defaultLayout" is not defined.how to solve it?
thnx
Bootstrap CSS
It's not loading the CSS for bootstrap (menu/pagination show up as bullets, etc), what am I doing wrong?
only RbacSuperAdmin works
hi.
only superadmin is working in all the site. for another things, what i allow not only sa, else admins (RbacAdmin) is displaying a denied access.
how to set correctly permissions in the controller for not only sa?
how to solve this error
Property "AuthWebUser.admins" is not defined.
Issue
Property "AuthWebUser.admins" is not defined. Someone fixed this issue?
How to fix ' "AuthWebUser.admins" is not defined.'
Hi
If you use yii-auth-1.6.0.zip downloaded from this extension site,
you should config the config/main.php like below:
components = array( 'authManager' => array( 'behaviors' => array( 'auth' => array( 'class' => 'auth.components.AuthBehavior', 'admins' => array('admin', 'demo'), ), ), ), 'user' => array( // enable cookie-based authentication 'allowAutoLogin' => true, 'class' => 'auth.components.AuthWebUser', ), )If you use yii-auth-master downloaded from github, you should config the config/main.php like below:
components = array( 'authManager' => array( ), 'user' => array( // enable cookie-based authentication 'allowAutoLogin' => true, 'class' => 'auth.components.AuthWebUser', 'behaviors' => array( 'auth' => array( 'class' => 'auth.components.AuthBehavior', 'admins' => array('admin', 'demo'), ), ), ), )This is because in line 23 of class AuthWebUser (auth/components/AuthWebUser.php),
they use different admins.
yii-auth-1.6.0 version:
$this->setIsAdmin(in_array($this->name, Yii::app()->authManager->admins));
yii-auth-master version:
$this->setIsAdmin(in_array($this->name, $this->admins));
This is quite confusing for Yii users.
I hope the auth author may resolve this inconsistency soon.
How to fix ' "AuthModule.defaultLayout" is not defined.'
Hi
If you use yii-auth-1.6.0.zip downloaded from this extension site, you should add defaultLayout property to class AuthModule ( auth/AuthModule.php ) in line 40 like below:
public $appLayout = 'application.views.layouts.main'; public $defaultLayout = 'application.views.layouts.main';If you use yii-auth-master downloaded from github, you should add appLayout property to class AuthModule ( auth/AuthModule.php ) in line 40 like below:
public $appLayout = 'application.views.layouts.main'; public $defaultLayout = 'application.views.layouts.main';This is because these versions use different property name.
So add both properties to the class AuthModule to avoid error safely.
This is quite confusing for Yii users.
I hope the auth author may resolve this inconsistency soon.
version
So we had two version of this Extension,
Both had the same version 1.0.6
Plus the one from here had the class CachedAccessRecord
which one had been improve??
And how module should be???
(moduleId.)controllerId.actionId
(Forum.)post.index?
Will the dependency on deprecated extension be removed/replaced?
As the description says, auth uses this extension: Bootstrap, which seems to be deprecated according to comments.
Will this dependency be removed or replaced, for instance, with new bootstrap extension (yiistrap)?
Yiistrap compatibility?
Is there any version of Auth ready to use with Yiistrap?
User with YiiBooster
Hey,
Just wondering does using Yii Booster fulfill the requirement of:
Bootstrap extension 1.0.0 or above
I am going to try get it to work (hopefully I can use this extension with things like inline editing offered in YiiBooster) and will come back with my results.
Thanks!
some corrections to the README file
first of all, great extension, thanks alot.
if you work with CDbAuthManager meaning you work with db authorization management,
the config/main.php needs the following:
before the array add -
Yii::setPathOfAlias('bootstrap', dirname(__FILE__).'/../extensions/bootstrap');inside the array -
'components'=>array( 'authManager'=>array( 'class'=>'CDbAuthManager', 'connectionID'=>'db', 'behaviors' => array( 'auth' => array( 'class' => 'auth.components.AuthBehavior', 'admins' => array('admin@yoursite.com'), ), ), ), 'user'=>array( // enable cookie-based authentication 'allowAutoLogin'=>true, 'class'=>'auth.components.AuthWebUser', ), ) 'modules'=>array( 'auth' ),to components/Controller you need to add the following code:
(notice that the README file has auth.components.AuthFilter, which is incorrect for version 1.6.0)
public function filters() { return array( //it's important to add site/error, so an unpermitted user will get the error. array('auth.filters.AuthFilter - site/index site/login site/logout site/error'), ); }And it's very important to remove the filters function from each controller.
Can't get it to work
Hi,
I am really struggling with this extension.
I have by main.php blank, just added boostrap and some of the other code as epxlained here but something is missing somewhere.
Could you please be more precise for Yii beginners because there is soemthing not right in the doc. thank you.
<?php <?php // uncomment the following to define a path alias // Yii::setPathOfAlias('local','path/to/local-folder'); // This is the main Web application configuration. Any writable // CWebApplication properties can be configured here. Yii::setPathOfAlias('bootstrap', dirname(__FILE__).'/../extensions/bootstrap'); return array( 'theme' => 'bootstrap', 'basePath' => dirname(__FILE__) . DIRECTORY_SEPARATOR . '..', 'name' => 'My Web Application', // preloading 'log' component 'preload' => array('log'), // autoloading model and component classes 'import' => array( 'application.models.*', 'application.components.*', ), 'modules' => array( 'auth', 'gii' => array( 'generatorPaths' => array( 'bootstrap.gii', ), ), // uncomment the following to enable the Gii tool 'gii' => array( 'class' => 'system.gii.GiiModule', 'password' => '12345', // If removed, Gii defaults to localhost only. Edit carefully to taste. 'ipFilters' => array('127.0.0.1', '::1'), ), ), // application components 'components' => array( 'authManager'=>array( 'class'=>'CDbAuthManager', 'connectionID'=>'db', 'behaviors' => array( 'auth' => array( 'class' => 'auth.components.AuthBehavior', 'admins' => array('admin@yoursite.com'), ), ), ), 'bootstrap' => array( 'class' => 'bootstrap.components.Bootstrap', ), 'user' => array( 'allowAutoLogin'=>true, 'class'=>'auth.components.AuthWebUser', ), // uncomment the following to enable URLs in path-format 'urlManager'=>array( 'urlFormat'=>'path', 'rules'=>array( '<controller:\w+>/<id:\d+>'=>'<controller>/view', '<controller:\w+>/<action:\w+>/<id:\d+>'=>'<controller>/<action>', '<controller:\w+>/<action:\w+>'=>'<controller>/<action>', ), ), /* 'db' => array( 'connectionString' => 'sqlite:' . dirname(__FILE__) . '/../data/testdrive.db', ), */ // uncomment the following to use a MySQL database 'db'=>array( 'connectionString' => 'mysql:host=localhost;dbname=porkxx001', 'emulatePrepare' => true, 'username' => 'root', 'password' => '', 'charset' => 'utf8', ), 'errorHandler' => array( // use 'site/error' action to display errors 'errorAction' => 'site/error', ), 'log' => array( 'class' => 'CLogRouter', 'routes' => array( array( 'class' => 'CFileLogRoute', 'levels' => 'error, warning', ), // uncomment the following to show log messages on web pages /* array( 'class'=>'CWebLogRoute', ), */ ), ), ), // application-level parameters that can be accessed // using Yii::app()->params['paramName'] 'params' => array( // this is used in contact page 'adminEmail' => 'webmaster@example.com', ), 'auth' => array( 'strictMode' => true, // when enabled authorization items cannot be assigned children of the same type. 'userClass' => 'User', // the name of the user model class. 'userIdColumn' => 'id', // the name of the user id column. 'userNameColumn' => 'name', // the name of the user name column. 'defaultLayout' => 'application.views.layouts.main', // the layout used by the module. 'viewDir' => null, // the path to view files to use with this module. ), 'authManager'=>array( 'class'=>'auth.components.CachedDbAuthManager', 'cachingDuration'=>3600, ), );Example configuration of main.php using yii-bootstrap, yii-user and yii-auth(1.6.0) modules
Hi everyone
Here I attach my working config of main.php using yii-bootstrap, yii-user and yii-auth( 1.6.0 ) modules as a reference.
I hope it may be useful for setting these modules.
But if you use yii-auth(1.7.0), the amins should be relocated like the last part of this comment.
I think yii-auth(1.7.0) has bug. It does not show any Auth menu. I recommend you use Auth(1.6.0) till the author resolve this bug.
<?php // Define a path alias for the Bootstrap extension as it's used internally. // In this example we assume that you unzipped the extension under protected/extensions. Yii::setPathOfAlias('bootstrap', dirname(__FILE__) . '/../extensions/bootstrap'); // uncomment the following to define a path alias // Yii::setPathOfAlias('local','path/to/local-folder'); // This is the main Web application configuration. Any writable // CWebApplication properties can be configured here. return array( 'basePath' => dirname(__FILE__) . DIRECTORY_SEPARATOR . '..', 'name' => 'yoursite', 'theme' => 'bootstrap', // requires you to copy the theme under your themes directory // preloading 'log' component 'preload' => array('log'), // autoloading model and component classes 'import' => array( 'application.models.*', 'application.components.*', 'application.modules.user.models.*', 'application.modules.user.components.*', 'application.modules.auth.*', 'application.modules.auth.components.*', ), 'defaultController' => 'post', 'modules' => array( //phs//yii-user module 'user' => array( # encrypting method (php hash function) 'hash' => 'md5', # send activation email 'sendActivationMail' => true, # allow access for non-activated users 'loginNotActiv' => false, # activate user on registration (only sendActivationMail = false) 'activeAfterRegister' => false, # automatically login from registration 'autoLogin' => true, # registration path 'registrationUrl' => array('/user/registration'), # recovery password path 'recoveryUrl' => array('/user/recovery'), # login form path 'loginUrl' => array('/user/login'), # page after login 'returnUrl' => array('/user/profile'), # page after logout 'returnLogoutUrl' => array('/user/login'), ), 'auth' => array( 'strictMode' => true, // when enabled authorization items cannot be assigned children of the same type. 'userClass' => 'User', // the name of the user model class. 'userIdColumn' => 'id', // the name of the user id column. 'userNameColumn' => 'username', // the name of the user name column. // if you use yii-auth(1.6.0), use one of the below appLayout. // 'appLayout' => 'application.views.layouts.main', // the layout used by the module. 'appLayout' => 'webroot.themes.bootstrap.views.layouts.main', // the layout used by bootstrap theme. // if you use yii-auth(1.7.0), use one of the below defaultLayout. // 'defaultLayout' => 'application.views.layouts.main', // the layout used by the module. // 'defaultLayout' => 'webroot.themes.bootstrap.views.layouts.main', // the layout used by bootstrap theme. 'viewDir' => null, // the path to view files to use with this module. ), // uncomment the following to use Gii 'gii' => array( 'class' => 'system.gii.GiiModule', 'password' => 'YourPassword', // If removed, Gii defaults to localhost only. Edit carefully to taste. 'ipFilters' => array('127.0.0.1', '::1'), 'generatorPaths' => array( 'bootstrap.gii', ), ), ), // application components 'components' => array( 'bootstrap' => array( 'class' => 'bootstrap.components.Bootstrap', ), 'authManager' => array( // 'class' => 'auth.components.CDbAuthManager', 'class' => 'auth.components.CachedDbAuthManager', 'cachingDuration' => 3600, 'behaviors' => array( 'auth' => array( 'class' => 'auth.components.AuthBehavior', /** * The 'admin', 'demo' are the usernames of superuser. * These usernames must be the same as your login username. * For example, if your login username does not need email, then these username does not need email. */ 'admins' => array('admin', 'demo'), // users with full access ), ), ), //yii-user module 'user' => array( /** I made WebUser extends AuthWebUser instead of WebUser extending CWebUser * so that Auth can be applied to WebUser class like this example: class WebUser extends AuthWebUser. * ( WebUser is the class at protected/modules/user/WebUser.php ) * ( AuthWebUser is the class at protected/modules/auth/AuthWebUser.php ) * So I dont need to set 'class' => 'auth.components.AuthWebUser' * But if you dont use yii-user module then you have to set 'class' => 'auth.components.AuthWebUser', */ 'class' => 'WebUser', // 'class' => 'auth.components.AuthWebUser', 'allowAutoLogin' => true, 'loginUrl' => array('/user/login'), ), // uncomment the following to use a MySQL database // 'db' => array( // 'connectionString' => 'sqlite:protected/data/blog.db', // 'tablePrefix' => 'tbl_', // ), 'db' => array( 'connectionString' => 'mysql:host=localhost;dbname=yourdb', 'emulatePrepare' => true, 'username' => 'yourname', 'password' => 'yourpassword', 'charset' => 'utf8', 'tablePrefix' => 'tbl_', ), 'errorHandler' => array( // use 'site/error' action to display errors 'errorAction' => 'site/error', ), 'urlManager' => array( 'urlFormat' => 'path', // 'showScriptName' => true, 'showScriptName' => false, 'rules' => array( //For blog 'post/<id:\d+>' => 'post/view', 'post/<id:\d+>/<title:.*?>' => 'post/view', 'posts/<tag:.*?>' => 'post/index', //For basic controllers '<controller:\w+>/<id:\d+>' => '<controller>/view', '<controller:\w+>/<action:\w+>/<id:\d+>' => '<controller>/<action>', '<controller:\w+>/<action:\w+>' => '<controller>/<action>', //For module controllers '<module:\w+>/<controller:\w+>/<action:\w+>/<id:\d+>' => '<module>/<controller>/<action>', '<module:\w+>/<controller:\w+>/<action:\w+>' => '<module>/<controller>/<action>', ), ), 'log' => array( 'class' => 'CLogRouter', 'routes' => array( array( 'class' => 'CFileLogRoute', 'levels' => 'error, warning', ), // uncomment the following to show log messages on web pages /* array( 'class'=>'CWebLogRoute', ), */ ), ), // 'log' => array( // 'class' => 'CLogRouter', // 'routes' => array( // array( // 'class' => 'ext.yii-debug-toolbar.YiiDebugToolbarRoute', // 'ipFilters' => array('127.0.0.1', '192.168.1.215'), // ), // ), // ), ), // application-level parameters that can be accessed // using Yii::app()->params['paramName'] 'params' => require(dirname(__FILE__) . '/params.php'), );But if you use yii-auth(1.7.0), the amins should be relocated like below.
'authManager' => array( // 'class' => 'CDbAuthManager', 'class' => 'auth.components.CachedDbAuthManager', 'cachingDuration' => 3600, 'behaviors' => array( 'auth' => array( 'class' => 'auth.components.AuthBehavior', // 'admins' => array('admin', 'demo'), // users with full access ), ), ), //yii-user module 'user' => array( // enable cookie-based authentication 'class' => 'WebUser', 'allowAutoLogin' => true, 'loginUrl' => array('/user/login'), 'admins' => array('admin, demo'), // users with full access ),Cheers
Thanks for your help whatif
Hi Whatif,
I have copied your main.php file but now I am getting this:
CException
Property "WebUser.admins" is read only. (C:\xampp\htdocs\project1\framework\base\CComponent.php:170)
Any idea why please?
Thank you,
Ben
About the error: "WebUser.admins" is read only.
Hi @bambinou
If user has 'admins' property like below, CWebUser may treat this as a writable property in fact it is not writable, I think. This may be a bug in yii-auth(1.7.0). Besides this, the Auth menu does not show up in yii-auth(1.7.0).
So I recommend you use yii-auth(1.6.0) instead of using yii-auth(1.7.0) until this bug is resolved by the author.
(config/main.php) //yii-user module 'user' => array( // enable cookie-based authentication 'class' => 'WebUser', 'allowAutoLogin' => true, 'loginUrl' => array('/user/login'), 'admins' => array('admin, demo'), // users with full access ),Thank you
Hi Whatif,
I tried your code and downloaded the 1.6.0 version.
To be honest, I really appreciate your help but I think I will give up with Yii.
The way it is built is just not right, every single extensions are a nightmare to get working. It is always a bit of a guess work and this is annoying me now. I have been for 4 nights on this problem and keep getting errors after errors...The goal of a good framework is to gain time but I am losing so much time that this framework is actually going against me. I tried the forum for help, live chat....there is not enough people around knowledgeable enough or the ones who know don't want to give you the answers in the live chat...
Why Yii does not come with a pre-added extension user and rights with it's own GUI?
This is seriously the most basic thing to have when you build an app. They should add on and give us a quick help on our to remove it rather than trying to install modules with bad docs all over the place..........I give up and thanks again for your help.
Regards,
Ben
Ben
Authentication with nested modules
For nested modules you have to change the code in
auth/filters/AuthFilter.phpfromif (($module = $controller->getModule()) !== null){ $itemName .= $module->getId() . '.';to
if (($module = $controller->getModule()) !== null){ $itemName .= str_replace('/','.',$module->getId()) . '.';in order to replace the
/with.in the module'sid.yiistrap support
HI,
Is it already compatible with or is it planned to be compatible with?
Regards
Kavi
Old Version 0.9
In the old version of this extension there's was some helper functions or some functionality that I am looking for.
does anyone know how can accomplish the same functionality as before:
1 -
Yii::app()->getModule('authorization')->auth->assignRole($_POST['roleName'], $model->id);2-
<div class="row"> <?php echo CHtml::label('Role', 'roleName'); ?> <?php echo CHtml::dropDownList('roleName', Yii::app()->getModule('authorization')->auth->getAssignedRole($model->id), Yii::app()->getModule('authorization')->auth->getRoleSelectOptions()); ?> </div>Upgrade for Yii2.x
@Chris83 Will you provide upgraded version for Yii2.x for your Auth and Rights extensions? These are great extensions, an upgraded version would be highly appreciated!
If you have any questions, please ask in the forum instead.
Signup or Login in order to comment.