yiisoft / yii2

Yii 2: The Fast, Secure and Professional PHP Framework

http://www.yiiframework.com

BSD 3-Clause "New" or "Revised" License

14.23k stars 6.91k forks source link

RBAC permissions checking doesn't work for defaultRoles #6800

Closed JiLiZART closed 3 years ago

JiLiZART commented 9 years ago

I have list of permissions,

commentView
commentCreate
commentUpdate

i create roles

user
guest

add permission commentView to guest role, add items commentCreate , commentUpdate, guest to user role.

configure rbac manager

        'authManager' => [
            'class' => 'yii\rbac\DbManager',
            'defaultRoles' => ['guest']
        ],

In my app i perform check Yii::$app->user->can('commentView'), but it does not work for guest, cuz rbac manager only check role from defaultRoles. https://github.com/yiisoft/yii2/blob/master/framework/rbac/DbManager.php#L106

I can't use role checking, cuz i can assign permissions dynamically

samdark commented 9 years ago

After checking default roles it checks permissions tree recursively so it should work. Needs to be verified.

JiLiZART commented 9 years ago

It does not check permissions for guest, cuz guest don't have 'id and all execution passed to https://github.com/yiisoft/yii2/blob/master/framework/rbac/DbManager.php#L106

samdark commented 9 years ago

Ah, right. You've created a role "guest". I didn't got it since it's quite unusual case.

Roles are meant to be assigned to users and guest isn't really a user yet.

If something is available for guest isn't it better to remove any checks from it? If you need to make sure it's available for guests only you can use special symbols in case of controller access filter.

JiLiZART commented 9 years ago

I use permissions checking in whole site, i don't know, would be permission available to guest or not (

RoyArgaez commented 9 years ago

I got an error when using ./yii migrate

PHP Fatal Error 'yii\base\ErrorException' with message 'Call to a member function createRole() on a non-object' in /home/root/public_html/cgpr/migrations/m141216_031227_crea_roles_para_usuarios_predefinidos.php:13

Stack trace:

0 [internal function]: yii\base\ErrorHandler->handleFatalError()

1 {main}

how I can fix it?

cebe commented 9 years ago

@RoyArgaez this is not related to the issue, also github is a bug tracker, please use the forum to ask questions: http://www.yiiframework.com/forum/

RoyArgaez commented 9 years ago

Thanks a lot, i didn't know.

bizley commented 3 years ago

Closing due to inactivity. If this should be reopen please write here.