Open ghost opened 8 years ago
--crudAccessFilter
? https://github.com/schmunk42/yii2-giiant/search?utf8=✓&q=crudaccessfilteryes crudaccessfilter is enabled and i am logged. i tried with admin and a normal user...
So your controller classes should have a behaviors()
method then.
The convention for giiant's access rules is that there needs to be a corresponding permission to the controller route, i.e.
/crud/product/index
-> crud_product_index
/backend/anothertable/create
-> backend_anothertable_create
.Since it can be a bit tedious to set all of them, we provide a custom User
in our application template which allows setting crud
or crud_product
to access all controller or actions, if the route
parameter is set.
You may copy the (relevant parts of the) user-class to your application or set all RBAC items somewhere.
We need to clarify this in the docs. CC: @Quexer69
hi,
i add a complete behavoirs() method in my controllers/crud/BlablaController.php but i have the same error forbidden 403.
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'controllers' => ['coordinate'],
'actions' => ['index', 'view', 'create', 'update', 'delete'],
'allow' => true,
'roles' => ['admin'],
],
[
'controllers' => ['coordinate'],
'actions' => ['create', 'update'],
'allow' => true,
'roles' => ['editor'],
],
[
'controllers' => ['coordinate'],
'actions' => ['index', 'view'],
'allow' => true
],
], // rules
Double-check your access rules syntax and debug the permissions step-by-step. Since you can disable the access rules feature in giiant, I think this is more a Yii configuration issue.
You can take a look at Phundament to see how the auth & RBAC is configured there.
Which authManager
component are you using?
hello,
i am new with yii2 framework and i use yii2 advanced template with yii2-giiant extension. i generate all file with yii batch but when i go to http://localhost/crud/blabla/index i have an error "You are not allowed to perform this action".
are there rules in the controller ?
thank you