yii2mod / yii2-rbac Goto Github PK

In the configuration file, I can specify the route:

'urlManager' => [
'showScriptName' => false,
'enablePrettyUrl' => true,
'rules' => [
'user/<user_id:\d+>' => 'user/<user_id>',
'user/<user_id:\d+>/messages' => 'messages/<user_id>',
]...

How to add them to the list of yii2mod routes?

Hey hey guys.

Just want to say great work on that module. Super easy to set up, and works great so far. I just want to ask what this controller (see attached screenshot) is for?

Is there supposed to be functionality in that controller for assigning users to roles, or is that something that I should implement in my user management controller?

I just wanted to check, because, while I can see how to create permissions, roles, etc very quickly, assigning users to those roles is one thing I can't see how to do using this, and I'm just wondering if I'm missing it here, have set something up incorrectly, or it is something I must implement on top of the module.

best
Jon

Are you using any PHP 7.1 functionality?

If you are not using any, there is no need to require PHP 7.1.

And if you are using it, it would be nice to try to solve it in a way that PHP 7.1 is not required.

Stable versions of the most commonly used distributions are in PHP 7.0.
If you require PHP 7.1 a lot of people will be required to stop using this extension.

Hi,
when i try to post this link (http://mysite/rbac/assignment/assign?id=12) with csrf validation true, i get 400 (Bad Request).
My yii2 version is 2.0.39.
Any suggest?

Thank you,
John

Since you are pushing forward using the most recent versions of php.

You should update the RouteModel.php and change yii\base\Object to yii\base\BaseObject.

Also need to change the extends Object to extends BaseObject.

This is mentioned in Yii2 upgrade notes and I encountered the issue when performing a clean install of yii2mod/base.

I was using a newer version of laragon and it comes with php 7.2 or else I never would have caught this.

I am also curious if this is related to other problems people have reported in relation to the route access control.

Hi,
I would like to implement this extension on a project that I need to integrate with ldap authentication and ldap group mapping with roles. Any advice to achive this?

ReflectionException
Class app\modules\admin\Module does not exist

What steps will reproduce the problem?

use PHP 7

What is the expected result?

access to /rbac/role/index form

What do you get instead?

http://prntscr.com/g4bsuw

Additional info

Hello,
I can control access to all my controllers with you rbac module.
But I can't close access to rbac module it self.
Or I don't understand something.
Thanks

I have UnitMeasurementController controller, and actionIndex action.
I created role named Administrator and assign it to user.
I created new permission named unit-measurement/index and assign it to role Administrator.

I expect user will be able to access page /unit-measurement/index but it did not.
Then I changed permission name to /unit-measurement/index and it worked.
But the problem is after change I can't see permission name in permission list page and cannot access it.
What is wrong?

Hello. I am using advanced yii2 template + apache.

Main application address (for example localhost/) is targeting to @app/frontend/web/

Second application address (for example localhost/admin) is targeting to @app/backend/web/
(by apache's virtualhost alias).

I followed all guide steps, but seems that module is still not working.

@app/common/config/main.php:

<?php
return [
    'vendorPath' => dirname(dirname(__DIR__)) . '/vendor',
	'modules' => [
	    'rbac' => [
	        'class' => 'yii2mod\rbac\Module',
	    ],
	],
    'components' => [
        'cache' => [
            'class' => 'yii\caching\FileCache',
        ],
	'authManager' => [
	    'class' => 'yii\rbac\DbManager',
	    'defaultRoles' => ['guest', 'user'],
	],
    ],
];

I added Yii's application modules dump in views files.
And rbac module in the list.
var_dump(\Yii::$app->modules);

localhost/rbac <- incorrect address 404
localhost/admin/rbac <- incorrect address 404

What's wrong? Thanks.

P.S: i think it's not important, but

$ php -v
PHP 7.1.7

Maximum execution time of 600 seconds exceeded
public function getUniqueId()
{
return $this->module ? ltrim($this->module->getUniqueId() . '/' . $this->id, '/') : $this->id;
}

I am getting timeout error while accessing /rbac/route on above function, how I can correct this. In my permission/assignment I don't see all the controller/action or routes listed.

I'm trying to install RBAC Extension on yii2 advanced template but it throws error. How to I install RBAC?

$ ls
composer.phar yii

$ which composer
/usr/local/bin/composer

$ composer global require --prefer-dist yii2mod/yii2-rbac "*"

Changed current directory to /Users/imac/.composer ./composer.json has been created Loading composer repositories with package information Updating dependencies (including require-dev) Your requirements could not be resolved to an installable set of packages.

Problem 1 - yii2mod/yii2-rbac 1.0 requires yiisoft/yii2-jui * -> satisfiable by yiisoft/yii2-jui[2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7].

....

Installation request for yii2mod/yii2-rbac * -> satisfiable by yii2mod/yii2-rbac[1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.9.1, 1.9.2, 1.9.3, 2.0, 2.1, 2.2, 2.2.1, 2.3].
Potential causes: - A typo in the package name - The package is not available in a stable-enough version according to your minimum-stability setting see https://getcomposer.org/doc/04-schema.md#minimum-stability for more details. - It's a private package and you forgot to add a custom repository to find it

Read https://getcomposer.org/doc/articles/troubleshooting.md for further common problems.

Installation failed, deleting ./composer.json.

I am trying to set rules for most of my actions where I need to pass the model to the Rule to check if the owner of the model is the user who is accessing it.

As its a beforeAction is there a way to override it or a way to escape it?

How can I display a permission description instead of a name on the assignment page?

Get this error whene create new role or permission :

TypeError

Argument 1 passed to yii2mod\rbac\models\AuthItemModel::find() must be of the type string, none given, called in /var/www/html/payroll-ns/vendor/yiisoft/yii2/validators/UniqueValidator.php on line 210

I think the problem is unique function in AuthItemModel.
You use unique validator, but unique ini yii2 use built ini yii2/validators/UniqueValidator.php.

It will be better renaming custom validation function, uniqueRole as example.

How can I create a new assignment? it shows no data

Need a help for how to stop open link without login

When called in action, I can pass parameters:

if (!\Yii::$app->user->can('rule', **['post' => $id]**)) {
	throw new ForbiddenHttpException('Access denied');
}

How I can pass parameters using this module?

Hi,

It appears there is some issue with all controllers that depend on AuthItemSearch for loading items. For instance after $items = $authManager->getRoles(); in the case of RoleController, I can verify that $items contains valid roles from my configuration but ArrayDataProvider doesn't send anything to the controller so my Roles Index shows nothing.

What could be wrong?

Hi, in our database we have a string primary key associated to users.
When trying to access to the route assignment/view?id=XYZ it catch an error because actionView(int $id) require an int as parameter...

How can we solve this without changing primary key type?

Hello,

I have added this in config/web.php

'as access' => [
    'class' => yii2mod\rbac\filters\AccessControl::class,
    'allowActions' => [
        'site/*',
        'admin/*',
        'note/*',
    ]
 ],

If I make an AJAX POST request to my controller action.
controllers/NoteController.php

public function actionDelete() {
    echo "hello world";
    die();
}

I will get access denied however if I make a AJAX GET request I have no issue.

Base table or view not found: 1146 Table 'lrf.auth_item_child' doesn't exist
The SQL being executed was: SELECT * FROM auth_item_child

в базу таблицы записались как AuthItemChild

Hey. Thank you very much for your extension.
I got the routes of the installed modules in http://localhost/path/to/index.php?r=rbac/route. BUT how do I get routes for my action in my controllers (SiteController and other)?

Hi yii2mod team,

Thank you for this extension.

I have a query and was unable to find a solution on my own. I am using your extension in the Yii 2 Advance template, for my backend application.

I do not have modules in my backend and it should just list all the actions from the controllers eg SiteController but it going to my vendor directory and fetching actions from the gridview extension i am using.

Can you guide me how I can configure it to get the correct actions.

Regards,
Wenceslaus Dsilva

RBAC rules don't appear to apply to the /rbac route. This means that any user with an account can access /rbac and modify their rights. Am I missing something?

When has route /* everything find but become problem if change the specific route as should be.
The problem only for not save field with date type but others save and good. No error message even validate has been done. Can anyone help?

When I use the UI screen rbac/permission/create or rbac/role/create to create new one, it throw errors as below.

Missing argument 1 for yii2mod\rbac\models\AuthItemModel::find(), called in ...\vendor\yiisoft\yii2\validators\UniqueValidator.php on line 210 and defined

This is because in UniqueValidator, it call the ActiveRecord::find() (as all of us get familiar),
but the class yii2mod\rbac\models\AuthItemModel itself redefines the find($id) function.

    public static function find($id)
    {
        //...
    }

So I wonder whether there is anyone can use these UI functions to create/update Role and Permission.

somewhere in other comments - I saw that
Create your own rule class, for example:

class AboutUsRule extends Rule
{
    public $name = 'aboutUsRule';

    public function execute($user, $item, $params)
    {
        // your code here
    }
}

my question is where do I add these rule. as mention there - class - app\rbac\rules\AboutUsRule // in my example
if I am trying to create a folder rbac in my site root, and then adding rule there, it is showing the directory listing instead of rbac web interface. when I access mysite/rbac.

note:
I am able to add role, permission, assign permission etc. without any issue.

Hi, I have used the rbac module to manage access permission to backend section. Now I need to reeingineer the backoffice with two modules ('v1' and 'v2'). In the V1 module I have two controllers that need to be managed as separate access from different roles.
In the route section of the module I find only '/v1/*' and not the two controllers.
It is possible to manage access to a single controller inside a module?

Thank you

Good, in short words:
If I don't configure access from config file for backend at this mode:

'allowActions' => [
            'site/*',
            //'rbac/*'
            //'admin/*'
        // The actions listed here will be allowed to everyone including guests.
        // So, 'admin/*' should not appear here in the production, of course.
        // But in the earlier stages of your development, you may probably want to
        // add a lot of actions here until you finally completed setting up rbac,
        // otherwise you may not even take a first step.
        ]

I'm unable as admin user/role to access to any rbac or site URL, doesn't matter if I add via database such URL to auth_item table.

My backend baseUrl is set to /admin and via htaccess I can use the same domain to achieve it.

Aditional to it, I can see the admin index being guest but having restricted the index to guest.