Compatibility issue with zend-developers-tools - Githubissues

ZF-Commons / zfc-rbac

Role-based access control module to provide additional features on top of Zend\Permissions\Rbac

BSD 3-Clause "New" or "Revised" License

181 stars 111 forks source link

Compatibility issue with zend-developers-tools #131

Closed BrunoSpy closed 10 years ago

BrunoSpy commented 10 years ago

[Wed Dec 18 15:35:54.170499 2013] [:error] [pid 6392:tid 1008] [client 127.0.0.1:63180] PHP Warning:  implode(): Invalid arguments passed in vendor\\zf-commons\\zfc-rbac\\view\\zend-developer-tools\\toolbar\\zfc-rbac.phtml on line 98

Version of zfc-rbac : bc7d9b3bf3

bakura10 commented 10 years ago

Grrr I tested it and it works :(. Can you have a look ? I may have not thought of all cases where role can be string, object...

bakura10 commented 10 years ago

(are we talking of v2.0 here?)

BrunoSpy commented 10 years ago

(im' using latest master, so I suppose yes we're talking about 2.0, anyway I d'ont see a 2.0 branch here)

bakura10 commented 10 years ago

Yes, this time I won't tag this quickly because I don't want to have the same problem as in 1.0 (where I rush the release). I think 2.0 is much much much better, but for now you need to add "minimum-stability: dev" in your composer.json, and ask for the "2.0.x-dev"

bakura10 commented 10 years ago

Please can you elaborate more on how you get this error? I've added a new check that can occur if you are using Doctrine collections, so any Traversable are converted to array.

Can you try against latest version please?

BrunoSpy commented 10 years ago

Thanks ! Bug fixed but ... information shown is incomplete : only direct permissions are displayed. It is a (small) regression compared to 1.0 where we had direct and "inherited" permissions avalaible in z-d-t.

bakura10 commented 10 years ago

Yes, I don't recursively traverse each child roles and get permissions. Actually, I think it make more sense as it is now because: if your user have admin role, and that admin role extend member role, in ZfcRbac 1.0 you would have for admin both the permissions for admin AND for member. And those for member would be repeated again. Therefore you couldn't know from which role permissions are.

BrunoSpy commented 10 years ago

I understand your point of view, but what's more important when you debug your app : to know the actual permissions of the logged in user or just those of the current role ? IMHO I would vote for the first answer.

bakura10 commented 10 years ago

Hi,

I realized there was a bug while writing the unit tests. If the identity role had the role "member", and that this role had a children role "guest", the ZDT only reported permissions for "member". Now, it will report permissions for member AND for all its children roles (so also all the permissions for guest).

Can you pull the latest version and tell me if it works for your use case?

bakura10 commented 10 years ago

I'm closing this :).

BrunoSpy commented 10 years ago

Tested and approved ! (sorry for the delay)