search

tingobol / yii-rights

Automatically exported from code.google.com/p/yii-rights
BSD 3-Clause "New" or "Revised" License
0 stars 0 forks source link

ACAC issue: id & username #42

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?

1. setup ACAC as written in the documentation
2. create some users and give them some rights
3. login with one of those users and try to do allowed action

What is the expected output? What do you see instead?
Expected would be that he's allowed to do it. But: Instead only a 403 'not 
allowed' is thrown.
The weird thing is: The workaround discovered by Ivaghi in this comment 
(http://www.yiiframework.com/extension/rights/#c208) at the extension page is 
working. If I set the username to be the same number as the ID of my User model 
it works without flaws. Example: (id,username,pwd) = (3,3,sthing) works, 
(3,test,sthing) doesn't.

Since this comment is from 08/2010 sb. else must have noticed that. But I can't 
see where my error lies.

What version of the product are you using? On what operating system?
yii 1.1.6, rights 1.2.0, PHP5.3/Apache2/MySQL on OS X

Please provide any additional information below.
I also tried setting userNameColumn to 'id' but that surprisingly didn't work.

Original issue reported on code.google.com by tobiasbi...@gmail.com on 2 Mar 2011 at 9:23

GoogleCodeExporter commented 9 years ago 
small followup: I investigated more, and found a way to get it working. In my 
UserIdentity I had to override the default implementation of getId. I now have 
something like

    public function getId()
    {
        return User::model()->findByAttributes(array('username' => $this->username))->id;
    }

there and ich works. The default doesn't return the ID but the name. Rights 
somehow expects the id. Which also makes more sense. I don't know if only I 
have this problem, but maybe it helps somebody else.

Original comment by tobiasbi...@gmail.com on 3 Mar 2011 at 1:24

GoogleCodeExporter commented 9 years ago 
Hello Tobias,

Sounds very weird. You should not need to do any workarounds but one thing that 
pops into my mind is that there is a problem with your WebUser/UserIdentity. 
Could you please compare your classes with those found in the Blog example with 
Rights integrated? 

Please report back with the result.

Original comment by Christof...@gmail.com on 12 Mar 2011 at 11:53

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
Closing this as invalid because I haven't received a reply to my request.

Original comment by Christof...@gmail.com on 31 Mar 2011 at 9:15