search

yiisoft / yii2

Yii 2: The Fast, Secure and Professional PHP Framework
http://www.yiiframework.com
BSD 3-Clause "New" or "Revised" License
14.24k stars 6.91k forks source link

using Mongodb rbac #17845

Closed pkjoshisbp closed 4 years ago

pkjoshisbp commented 4 years ago

What steps will reproduce the problem?

like create a auth-item and in config add

'modules' => [    
        'admin' => [
            'class' => 'app\modules\admin\Admin',
            'as access' => [
                'class' => 'yii\filters\AccessControl',
                'rules' => [
                    [
                        'allow' => true,
                        'roles' => ['admin'],
                    ],
                ],
            ],
        ],
    ],

when I add a auth_item admin in mongodb, the ruleName is saved as "" instead of null value or even when I save it as null or undefined by directly from mongo shell, it raised another error as undefined index for ruleName. so even when rule is empty, the protected method in yii2\rbac\BaseManager.php

protected function executeRule($user, $item, $params)
    {    
           if ($item->ruleName === null)) {
            return true;
        }

it raised error like 

Invalid Configuration – yii\base\InvalidConfigException
Rule not found: 
and if I modify this method like below, it works fine.
protected function executeRule($user, $item, $params)
    {    
           if ($item->ruleName === null || empty($item->ruleName)) {
            return true;
        }

What is the expected result?

expected result is obvious that is whether rule is Null or empty, it should not raise error.

What do you get instead?

mentioned above.

Additional info

Q A
Yii version 2.0.31.
PHP version 7.2.24
Operating system Ubuntu Linux 18.04
Shifrin commented 4 years ago

I think it will be safe to check empty instead of null because empty will check null value as well. So the executeRule method will be as below.

protected function executeRule($user, $item, $params)
{    
    if (empty($item->ruleName)) {
        return true;
    }
}

@pkjoshisbp, I'm not sure about how Yii migration supports to MongoDB. But I guess it may be from your end the MongoDB treats the PHP null value as "" empty string. It will be much better if you confirm about it.

yii-bot commented 4 years ago

It has been 2 or more weeks with no response on our request for more information. In order for our issue tracker to be effective, we are closing this issue.

If you want it to be reopened again, feel free to supply us with the requested information.

Thanks!

This is an automated comment, triggered by adding the label expired.