search

yiisoft / yii

Yii PHP Framework 1.1.x
http://www.yiiframework.com
BSD 3-Clause "New" or "Revised" License
4.85k stars 2.28k forks source link

Lack of documentation about auth_rule (RBAC rules) #3815

Closed arvasko closed 9 years ago

arvasko commented 9 years ago

I wanna use the example from Guide 2.0 that checks if the "current user is author" of the selected "post". http://www.yiiframework.com/doc-2.0/guide-security-authorization.html

But I wanna use RBAC from database. So I created the auth_rule table using this SQL: CREATE TABLE auth_rule ( name varchar(64) NOT NULL, data text, created_at int(11) default NULL, updated_at int(11) default NULL, PRIMARY KEY (name) ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

And now I'm trying to guess what to fill in "data" column of "auth_rule" table. I tried to put: return \Yii::$app->user->getId()==$params["post"]->createdBy;

But I'm receiving this error: PHP Notice – yii\base\ErrorException unserialize(): Error at offset 0 of 59 bytes

Can anyone give a direction here? What is expected to be on "data" field of this table? Is there another way to do it?

I don't wanna use PhpManager to control RBAC.

I've already posted this question on Yii's forum (http://www.yiiframework.com/forum/index.php/topic/62583-yii-20-rbac-what-should-i-fill-in-data-field-of-auth-rule-table/), but nobody answered as there is a lack of documentation about this subject. That is why I'm opening this bug, ok? Thanks!

KJLJon commented 9 years ago

This is the issue tracker for Yii1. The examples and code you are showing is from Yii2.

I am assuming you are using Yii2 (based on the forum topic subject as well as the documentation you are referencing), so any issues with yii2 (or its documentation) should be reported https://github.com/yiisoft/yii2/issues

Regardless, it looks like the rules are described in the documentation here: http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#using-rules

Finally, to answer the question. The data column stores a serialized version of a class (you define) that extends the Rule class found: https://github.com/yiisoft/yii2/blob/master/framework/rbac/Rule.php

Anyways, I wouldn't recommend manually updating the auth_rule.data column. You should leverage Yii to update and store the auth_rule.data column for you (the documentation shows an example of how to do that with the AuthorRule class)