Jump to content
Larry Ullman's Book Forums

Search the Community

Showing results for tags 'rbac'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Single Editions
    • Modern Javascript: Develop and Design
    • The Yii Book
    • Effortless Flex 4 Development
    • Building a Web Site with Ajax: Visual QuickProject
    • Ruby: Visual QuickStart Guide
    • C++ Programming: Visual QuickStart Guide
    • C Programming: Visual QuickStart Guide
    • Adobe AIR: Visual QuickPro Guide
  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (5th Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)
    • PHP 6 and MySQL 5 for Dynamic Web Sites: Visual QuickPro Guide (3rd Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (2nd Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (1st Edition)
  • PHP for the Web: Visual QuickStart Guide
    • PHP for the Web: Visual QuickStart Guide (5th Edition)
    • PHP for the Web: Visual QuickStart Guide (4th Edition)
    • PHP for the Web: Visual QuickStart Guide (3rd Edition)
    • PHP for the World Wide Web: Visual QuickStart Guide (2nd Edition)
    • PHP for the World Wide Web: Visual QuickStart Guide (1st Edition)
  • Effortless E-commerce with PHP and MySQL
    • Effortless E-Commerce with PHP and MySQL (2nd Edition)
    • Effortless E-Commerce with PHP and MySQL
  • PHP Advanced: Visual QuickPro Guide
    • PHP Advanced and Object-Oriented Programming: Visual QuickPro Guide (3rd Edition)
    • PHP 5 Advanced: Visual QuickPro Guide (2nd Edition)
    • PHP Advanced: Visual QuickPro Guide
  • MySQL: Visual QuickStart Guide
    • MySQL: Visual QuickStart Guide (2nd Edition)
    • MySQL: Visual QuickStart Guide (1st Edition)
  • Other
    • Announcements
    • Newsletter, Blog, and Other Topics
    • Forum Issues
    • Social

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Found 5 results

  1. Hello! First of all, I really appreciate the Yii book and I find it just awesome! Thank you! But, I have a question about rbac. In your book you are showind how to tie roles to database users. And I lost the thread at the moment when the roles are assigned to the users: # protected/models/User.php public function afterSave() { if (!Yii::app()->authManager->isAssigned( $this->type,$this->id)) { Yii::app()->authManager->assign($this->type, $this->id); } return parent::afterSave(); When a user is created - the role pointed at "type" attribute is assigned to the actual role in database. The question is - what if I need to change user's role after she has been created? For example, administartor would want to change any specific user's role to "moderator" or to "author"? This code would not work, right? How do I implement it? I can guess that I just need to delete "if" condition, so the rest of code would work when user is updated. But I feel that is wrong.... Sorry, if this question was already asked, I tried to find it. And thank you in advance!
  2. How does the code below (p. 268) work? Is it definitely correct? Can someone walk me through this? In actionSetup (A): Why is updateUser a child of updateOwnUser? Doesn't that mean anyone who can update his/her OWN user info can also update anyone else's? In the controller (: Why is checkAccess (array('id' => $id)) used on updateUser instead of updateOwnUser? Does updateUser even use the ID parameter? Please help - thanks... Quite confused! Code A: # protected/controllers/SiteController.php::actionSetup() $auth = Yii::app()->authManager; // Create operations. $task = $auth->createTask('updateOwnUser', 'Allows a user to update her record', 'return $params["id"] == Yii::app()->user->id;'); $task->addChild('updateUser'); Code B: # protected/controllers/UserController.php public actionUpdate($id) { $model=$this->loadModel($id); if (!Yii::app()->user->checkAccess('updateUser', array('id' => $id))) { throw new CHttpException(403, 'You are not allowed to do this.'); } // Code for doing this. }
  3. Is there a reason why "$model=$this->loadModel($id);" has to go before the checkAccess line or can it go after (as in my example)? I noticed it works both ways. Also, is it a bad idea to redirect users to the home page if they are trying to access a restricted page (as shown below)? public function actionUpdate($id) { // Checks to see if user can update page if (!Yii::app()->user->checkAccess('user_update', array('id'=>$id))){ // Redirects user to home page if denied access $this->redirect(array('site/index')); } $model=$this->loadModel($id); if(isset($_POST['User'])) { $model->attributes=$_POST['User']; if($model->save()) $this->redirect(array('view','id'=>$model->id)); } $this->render('update',array( 'model'=>$model, )); }
  4. I am unable to create a user through the application, I am getting the exception that CDbCommand failed to execute the SQL statement: SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry '2001128' for key 'PRIMARY'. The SQL statement executed was: INSERT INTO `tbl_user` (`id`, `name`, `surname`, `username`, `password`, `access`, `email`, `contact`) VALUES (:yp0, :yp1, :yp2, :yp3, :yp4, :yp5, :yp6, :yp7) But I checked the database there was no entry for that primary key, also only the primary gets inserted into the database after submitting the form. I have created a permission hierarchy using rbac. A superadmin can create admin and normaluser, a admin1 can create only normaluser.
  5. I have created Rbac with superadmin,admin1,normaluser. I want to check weather the user is logged in as superadmin, admin1,normaluser depending on the database column "access" value in tbl_user table, if "access"=0 then user should be superadmin, if "access"=1 then user should be admin1 and if "access"=2 then user should be normaluser. RBAC authorization hierarchy was created by yiic shell, all the database schema has been defined. I cannot figure out how to proceed further than creating authorization hierarchy and how to write code to check a user according to roles. Here is RbacCommand.php http://pastebin.com/BKdYM4eg
×
×
  • Create New...