M
M
Maila2017-09-09 22:16:31
Yii
Maila, 2017-09-09 22:16:31

RBAC binding roles to user - why no access?

When opening admin.site.com - Forbidden (#403)
login as 'admin', how to open backend access?
there is nothing in auth_assignment
TagController

<?php

namespace backend\controllers;

use Yii;
use common\models\Tag;
use common\models\TagSearch;
use yii\web\Controller;
use yii\web\NotFoundHttpException;
use yii\filters\VerbFilter;

/**
 * TagController implements the CRUD actions for Tag model.
 */
class TagController extends Controller
{
    /**
     * @inheritdoc
     */
    public function behaviors()
    {
        return [
            'verbs' => [
                'class' => VerbFilter::className(),
                'actions' => [
                    'delete' => ['POST'],
                ],
            ],
        ];
    }

    /**
     * Lists all Tag models.
     * @return mixed
     */
    public function actionIndex()
    {
        $searchModel = new TagSearch();
        $dataProvider = $searchModel->search(Yii::$app->request->queryParams);

        return $this->render('index', [
            'searchModel' => $searchModel,
            'dataProvider' => $dataProvider,
        ]);
    }

    /**
     * Displays a single Tag model.
     * @param integer $id
     * @return mixed
     */
    public function actionView($id)
    {
        return $this->render('view', [
            'model' => $this->findModel($id),
        ]);
    }

    /**
     * Creates a new Tag model.
     * If creation is successful, the browser will be redirected to the 'view' page.
     * @return mixed
     */
    public function actionCreate()
    {
        $model = new Tag();

        if ($model->load(Yii::$app->request->post()) && $model->save()) {
            return $this->redirect(['view', 'id' => $model->id]);
        } else {
            return $this->render('create', [
                'model' => $model,
            ]);
        }
    }

    /**
     * Updates an existing Tag model.
     * If update is successful, the browser will be redirected to the 'view' page.
     * @param integer $id
     * @return mixed
     */
    public function actionUpdate($id)
    {
        $model = $this->findModel($id);

        if ($model->load(Yii::$app->request->post()) && $model->save()) {
            return $this->redirect(['view', 'id' => $model->id]);
        } else {
            return $this->render('update', [
                'model' => $model,
            ]);
        }
    }

    /**
     * Deletes an existing Tag model.
     * If deletion is successful, the browser will be redirected to the 'index' page.
     * @param integer $id
     * @return mixed
     */
    public function actionDelete($id)
    {
        $this->findModel($id)->delete();

        return $this->redirect(['index']);
    }

    /**
     * Finds the Tag model based on its primary key value.
     * If the model is not found, a 404 HTTP exception will be thrown.
     * @param integer $id
     * @return Tag the loaded model
     * @throws NotFoundHttpException if the model cannot be found
     */
    protected function findModel($id)
    {
        if (($model = Tag::findOne($id)) !== null) {
            return $model;
        } else {
            throw new NotFoundHttpException('The requested page does not exist.');
        }
    }


    public function actionRole() {

      /*  $admin = Yii::$app->authManager->createRole ('admin');
        $admin->description = 'Администратор';
        Yii::$app->authManager ->add ($admin);

        $content = Yii::$app->authManager->createRole ('content');
        $content ->description = 'Контент менеджер';
        Yii::$app->authManager->add ($content);

        $user = Yii::$app->authManager->createRole ('user');
        $user ->description = 'Пользователь';
        Yii::$app->authManager ->add($user);
        
        $ban = Yii::$app->authManager->createRole ('banned');
        $ban ->description ='Tварь';
        Yii::$app->authManager->add($ban);*/
      
       /* $permit = Yii::$app->authManager->createPermission('canAdmin');
        $permit ->description = 'Право входа в админку';
         Yii::$app->authManager ->add ($permit);*/

       /* $role_a = Yii::$app->authManager->getRole ('admin');
        $role_c = Yii::$app->authManager->getRole ('content');
        $permit = Yii:: $app->authManager ->getPermission ('canAdmin');
        Yii::$app->authManager->addChild ($role_a, $permit);
        Yii::$app->authManager->addChild ($role_c, $permit);*/
        
        $userRole = Yii::$app->authManager->getRole('admin');
        Yii::$app->authManager->assign($userRole, 1);
    

        return 12345;

     }
}

c0279bf754f942e392377e7fdff0551c.jpg

Answer the question

In order to leave comments, you need to log in

1 answer(s)
M
Maxim Timofeev, 2017-09-10
@Maila

Judging by your controller, all users have access to it. Or is it not this controller that issues Forbidden for you?
Usually access in the controller is done like this:

public function behaviors()
    {
        return [
            'access' => [
                'class' => AccessControl::className(),
                'rules' => [
                    [
                        'allow' => true,
                        'roles' => ['admin'],
                    ],
                ],
            ],
        ];
    }

But I repeat, for your controller in the form you have given, access is clearly open to everyone.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question