Can not login after changing user role relation in the database

[noxify]

Hi,

i have login problems after changing the role id in the table "roles_users".

In my configuration is the default role "User" (id:1). I create two users and they are linked to the role with the id "1" as defined. Now i played a bit with the roles and the permissions and created via phpmyadmin some test records for each tables and linked the roles and permissions in the table "roles_permissions".

Now I tried to set the new role for the user "test" (id: 16) and open the table "roles_users" and changed the value for "role_id" from "1" to "3"…

Then i logged out and tried to login again… but it doesn't work. I become a flash message "Logged in successfully" but i'm not logged in.

But if I change the value back to "1" i'm logged in.

I don't know what is wrong but i'm a bit confused :-/

I have searched in the fuelphp forum about several problems but i can't found anything. In the documentation I can't find also anything about changing the user role for an user.

Is there any function to set a new role for an user or any workaround to fix this problem?

Here my structure for steps to reproduce. If you need more information, let me know it.

table: roles

id  name
1   User    
2   Member
3   Editor
4   Admin

table: permission

id      name                    resource    action
4       news - create           news        create
5       news - update           news        update  
6       news - delete           news        delete  
8       pages - create          pages       create  
9       pages - update          pages       update  
10      pages - delete          pages       delete  
11      users - create          users       create  
12      users - update          users       update  
13      users - delete          users       delete  
14      plantago - create       plantago    create
15      plantago - update       plantago    update
16      plantago - delete       plantago    delete
17      plantago - download     plantago    download
18      user - moderate         user        moderate

table: roles_permissions

role_id     permission_id
3           4
3           5
3           6
3           14
3           15
3           16
2           17
3           17
3           18

table: roles_users

role_id     user_id
3           16
1           17

table: users

id      username
16      test
17      admin

[dre1080]

Can I see the code you're using? When checking if the user is logged in, it's checking for the default role which is 'User', so Warden::logged_in(); is actually Warden::logged_in('User'); try Warden::logged_in('Editor'); to check for specific roles. Logging in a user doesn't check for the default role, the default role is only used when checking the role of the already logged in user. Since the "test" user no longer has the default role, this is probably why it's returning false. To add a new role (non-default) to "test" user, insert a new row in roles_users so you're roles_users table should now be:

role_id     user_id
1           16
1           17
3           16

[noxify]

Hi,

thanks for your answer :)

Okay i think i have the solution for my problem :)

My problem was, i "delete" the default role from the table "roles_user" by changing it from 1 to 3... And as I understand, the system checks for the default role, if defined - correct?

Now i have to add multiple entries for each role, if the user has the role "editor" like in your example - correct?

To your question "Can I see the code you're using?"

Yes sure...

To get the links for the admin panel, I use the following code:

<?php foreach (glob(APPPATH.'/modules/*/classes/controller/admin/*.php') as $controller): ?>                    
    <?php
        $section_segment = basename($controller, '.php');
        \Debug::dump($section_segment, \Warden::can(array('create','update', 'delete'), $section_segment)); ?>
<?php endforeach; ?>

And to check is the user logged in, i use the following code:

<?php if(\Warden::check()): ?>
    <li><?php echo \Html::anchor('logout', 'Logout'); ?></li>
<?php else: ?>
    <li><?php echo \Html::anchor('login', 'Login'); ?></li>
    <li><?php echo \Html::anchor('register', 'Register'); ?></li>
<?php endif; ?>

As you can see, i use the Warden::check() function. This function will be used also in my controller.

Is this wrong? If yes, do you know an alternative? (maybe a short example ;) )

But at least, thanks a lot for your answer, i give it a try tomorrow :)

Greets from Germany, Marcus

[dre1080]

Yes, that's the right function to use to check for both a login and a remember-me cookie. Glad to help.