- Download
- unzip
- Create tables for user module
- configure
- install Rights module
- change the main config file
- change main layout
- Add rights
- continue
After creating an yii app . we need to implement permission, Authentication and Authorization .so the best way is to use the Yii users and Rights modules.
its very simple to install these modules
Download ¶
Download the yii-user user and rights rights extensions and unzip them.
unzip ¶
unzip the modules to
/your-app/protected/modules/user
/your-app/protected/modules/rights
Create tables for user module ¶
then goto /protected/modules/user/data/schema.mysql.sql
Need to update schema.mysql.sql to create field lastvisit_at
instead of lastvisit
open the sql file ,and create the tables manually(that i prefer) , remove the 'tbl_' prefix from the tables(i prefer)
configure ¶
then configure the config/main
under import
'import'=>array(
...
'application.modules.user.models.*',
'application.modules.user.components.*',
'application.modules.rights.*',
'application.modules.rights.components.*',
...
),
under modules
'modules'=>array(
'user'=>array(
'tableUsers' => 'users',
'tableProfiles' => 'profiles',
'tableProfileFields' => 'profiles_fields',
),
'rights'=>array(
'install'=>true,
),
),
under components
'components'=>array(
'user'=>array(
'class'=>'RWebUser',
// enable cookie-based authentication
'allowAutoLogin'=>true,
'loginUrl'=>array('/user/login'),
),
'authManager'=>array(
'class'=>'RDbAuthManager',
'connectionID'=>'db',
'defaultRoles'=>array('Authenticated', 'Guest'),
),
),
after saving the main config file
install Rights module ¶
install the rights
so that you have to login to user/login
(according to your url style)
your-app/index.php/rights/install
or
your-app/index.php?r=rights/install
after successful installation
change the main config file ¶
change the main config file to
under modules
'user'=>array(
'tableUsers' => 'users',
'tableProfiles' => 'profiles',
'tableProfileFields' => 'profiles_fields',
# encrypting method (php hash function)
'hash' => 'md5',
# send activation email
'sendActivationMail' => true,
# allow access for non-activated users
'loginNotActiv' => false,
# activate user on registration (only sendActivationMail = false)
'activeAfterRegister' => false,
# automatically login from registration
'autoLogin' => true,
# registration path
'registrationUrl' => array('/user/registration'),
# recovery password path
'recoveryUrl' => array('/user/recovery'),
# login form path
'loginUrl' => array('/user/login'),
# page after login
'returnUrl' => array('/user/profile'),
# page after logout
'returnLogoutUrl' => array('/user/login'),
),
//Modules Rights
'rights'=>array(
'superuserName'=>'Admin', // Name of the role with super user privileges.
'authenticatedName'=>'Authenticated', // Name of the authenticated user role.
'userIdColumn'=>'id', // Name of the user id column in the database.
'userNameColumn'=>'username', // Name of the user name column in the database.
'enableBizRule'=>true, // Whether to enable authorization item business rules.
'enableBizRuleData'=>true, // Whether to enable data for business rules.
'displayDescription'=>true, // Whether to use item description instead of name.
'flashSuccessKey'=>'RightsSuccess', // Key to use for setting success flash messages.
'flashErrorKey'=>'RightsError', // Key to use for setting error flash messages.
'baseUrl'=>'/rights', // Base URL for Rights. Change if module is nested.
'layout'=>'rights.views.layouts.main', // Layout to use for displaying Rights.
'appLayout'=>'application.views.layouts.main', // Application layout.
'cssFile'=>'rights.css', // Style sheet file to use for Rights.
'install'=>false, // Whether to enable installer.
'debug'=>false,
),
Change
'authManager'=>array(
'class'=>'RDbAuthManager',
'connectionID'=>'db',
'itemTable'=>'authitem',
'itemChildTable'=>'authitemchild',
'assignmentTable'=>'authassignment',
'rightsTable'=>'rights',
),
Your application is now ready .
change main layout ¶
change the main layout.
$this->widget('zii.widgets.CMenu',array(
'items'=>array(
array('label'=>Yii::t('app','Home'), 'url'=>array('/site/index')),
array('label'=>Yii::t('app','About'), 'url'=>array('/site/page', 'view'=>'about')),
array('label'=>Yii::t('app','Contact'), 'url'=>array('/site/contact')),
array('label'=>Yii::t('app','Login'), 'url'=>array('/user/login'),'visible'=>Yii::app()->user->isGuest),
array('label'=>Yii::t('app','Rights'), 'url'=>array('/rights')),
array('label'=>Yii::t('app','Logout').' ('.Yii::app()->user->name.')', 'url'=>array('/user/logout'), 'visible'=>!Yii::app()->user->isGuest)
,
)));
Add rights ¶
Then add rights filter to all controller
like
public function filters()
{
return array(
'rights', // perform access control for CRUD operations
);
}
and change the extended controller to 'extends RController'.
then take rights in your url(according to url style) .
Thanks for setting this up
At first glance, a few things that I see.
lastvisit
to belastvisit_at
403 There must be at least one superuser!
Solved error: There must be at least one superuser.
Hi, I have the error,
create this record in the database and I could access.
INSERT INTO
authassignment
(itemname
,userid
,bizrule
,data
) VALUES ('admin', '1', NULL, NULL);also, maybe , after install the user could access:
http://localhost/<yourapp>/index.php?r=rights/authItem/generate
more feedback!
After making right work, i comment this Rights config options:
'layout'=>'rights.views.layouts.main', // Layout to use for displaying Rights. 'appLayout'=>'application.views.layouts.main', // Application layout. 'cssFile'=>'rights.css', // Style sheet file to use for Rights.
because there is no rights.css file anywhere, ans Rightd style breaks...
Giving Public access for some actions
just edit the filters like this ..
public function filters() { return array( 'rights - publicprofile', // perform access control for CRUD operations ); }
here the publicprofile action is public. by just using '-'(minus) operator.
The rights module is awesome.
RWebUser
Using YiiBoilerplate Structure With this mods.
https://github.com/neo-classic/yii-structure4big
But when I do frontend/www/user/login
Have this issue
include(RWebUser.php) [function.include]: failed to open stream: No such file or directory
i made the same mistakes
i have found that we made same mistakse
/index.php/rights 403 There must be at least one superuser!
the reason that we have made datatables in database for rights module, drop them and try to install again
i resolve a peoplem
if you comes with this error:
include(User.php): failed to open stream: No such file or directory
blablablablablablabla
then you just need to add this code in your right/component/RAuthorizer.php
Yii::import('application.modules.user.models.*);
then you made it!
enjoy!
hi nullne
good one nullne.
you can also import it in config/main
Different menu?
With this method...can I redirect the "admin" to a different menu than the normal logged user?
Thanks!
@MissChile
hi MissChile,
its up to you. u can set a role based menu system.
Table 'DBNAME.authassignment' doesn't exist
I post this in case someone is having problem with the "rights" installation:
It got this error:
"CDbCommand failed to execute the SQL statement: SQLSTATE[42S02]: Base table or view not found: 1146 Table 'DBNAME.authassignment' doesn't exist. The SQL statement executed was: SELECT *
FROM
AuthAssignment
WHERE userid=:userid "
I just added
'tablePrefix' => '',
at the end of mysql info in COMPONENTS, (config/main.php)
After that, the installation was successful.
I hope it helps.
@MissChile
MissChile,
comment the line and try. pls follow the correct steps. otherwise its complicated.
Working
its Working without public function filters().......
but show Error 403
There must be at least one superuser!
main layout
array('label'=>Yii::t('app','Profile'), 'url'=>array('user/profile')),
adding above code in $this->widget('zii.widgets.CMenu',array(....);
will be more useful
@arun vivek
arun vivek ,
No , you must add filter rights in every controller
public function filters() { return array( 'rights', // perform access control for CRUD operations ); }
and make in user table, superuser column set as 1 .
@Rajith R
Now it's working...thanx
i am getting a error after installing the yii-user and rights modules?"This webpage has a redirect loop"
"This webpage has a redirect loop"
I am getting this error on user/login page.
i have added this code in every controller in user module
public function filters() { return array( 'rights', // perform access control for CRUD operations ); }
what i have to do friend?
@ferozfirru
Extend controllers from RController .
And check inside login controller whats happening!
You are not authorized to perform this action
I am getting the following error
Error 403
You are not authorized to perform this action.
when going to index.php?r=rights
I have the admin user set to superuser, but there is nothing in the authassignment,authitem, authitemchild What do I need to add into these tables if anything for the admin and other users?
There must be at least one superuser!
rights/install is now giving me this error
Error 403
There must be at least one superuser!
I have the user admin set as superuser
@coolPhp
Follow the steps carefully .
Now, Pls drop all the tables related to user module and rights module. Restart the process !!
Spelling mistake
Hey,
As per your instruction, I tried searching for
and changing it to
The problem is, I think you spelt lastvisit wrong.
Hope this helps someone.
@johnsnails
Thank you
hi there, - getting this error: Application web user must extend the RWebUser class.
Hi there, I already had yii-user installed, getting this error
Application web user must extend the RWebUser class.
Can someone help?
@Fire
In config Main
'components'=>array( 'user'=>array( 'class'=>'RWebUser', // enable cookie-based authentication 'allowAutoLogin'=>true, 'loginUrl'=>array('/user/login'), ),
Profiles table (first name and last name)
Why profile table first name and lastname data type is VARCHAR(50). It means a user can add a digit in the firtname or lastname. How can I change it ?
@ usman iqbal
You can edit from the right side link, profile fields inside the module.
We are still using this modules in our running product.
If you have any questions, please ask in the forum instead.
Signup or Login in order to comment.