Comments (21)
Yeah the reason is that it was there from before ZfcRbac was compatible, it was in the wait of getting my patch applied. I'll remove it shortly
from rbacuserdoctrineorm.
fixed
from rbacuserdoctrineorm.
thanks
But it seems that isGranted isn't working. I had to override \ZfcRbac\Service\Rbac and change $role to $role->getName()
from rbacuserdoctrineorm.
in controllers $this->isGranted('permissionName') seems to be working fine when I test it, could you give a sample scenario where its failing?
FYI: if it is the role you need you should be using $this->hasRole('roleName') in the controller
from rbacuserdoctrineorm.
I use it in a view.
For example, if a user has a role with a permission 'permission_name', isGranted('permission_name') always returns false unless you override Rbac.
from rbacuserdoctrineorm.
Can you show me which part you are overriding (snippet)? and can you test if doing it in the controller is giving the expected result?
from rbacuserdoctrineorm.
I just tested it in the view and it seems to all be working fine, can you read this issue and see if you can get any useful information out of it: #5
do make sure you remove your Service override
from rbacuserdoctrineorm.
Here's my function :
public function isGranted($permission, $assert = null)
{
if (!is_string($permission)) {
throw new InvalidArgumentException('isGranted() expects a string for permission');
}
$rbac = $this->getRbac();
if ($assert) {
if ($assert instanceof AssertionInterface) {
if (!$assert->assert($this)) {
return false;
}
} elseif (is_callable($assert)) {
if (!$assert($this)) {
return false;
}
} else {
throw new InvalidArgumentException(
'Assertions must be a Callable or an instance of ZfcRbac\AssertionInterface'
);
}
}
foreach($this->getIdentity()->getRoles() as $role) {
if ($role instanceof Role && !$this->hasRole($role->getName())) {
continue;
}
$event = new Event;
$event->setRole($role->getName())
->setPermission($permission)
->setRbac($rbac);
$this->getEventManager()->trigger(Event::EVENT_IS_GRANTED, $event);
if ($rbac->isGranted($role->getName(), $permission)) {
return true;
}
}
return false;
}
my config file (Role.php is exactly the same as yours but with annotation instead of xml markup)
return array(
'doctrine' => array(
'driver' => array(
// overriding zfc-user-doctrine-orm's config
'zfcuser_entity' => array(
'class' => 'Doctrine\ORM\Mapping\Driver\AnnotationDriver',
'paths' => __DIR__ . '/../src/Core/Entity',
),
'RbacUserDoctrineEntity' => array(
'class' => 'Doctrine\ORM\Mapping\Driver\AnnotationDriver',
'paths' => __DIR__ . '/../src/Core/Entity',
),
'orm_default' => array(
'drivers' => array(
'Core\Entity' => 'zfcuser_entity',
),
),
),
),
'rbac-user-doctrine-orm' => array(
'mapper' => array(
'role' => array(
'entityClass' => 'Core\Entity\Role'
)
)
),
'zfcrbac' => array(
'firewalls' => array(
'ZfcRbac\Firewall\Controller' => array(
// array('controller' => 'index', 'actions' => 'index', 'roles' => 'guest')
),
'ZfcRbac\Firewall\Route' => array(
// array('route' => 'profiles/add', 'roles' => 'member'),
// array('route' => 'admin/*', 'roles' => 'administrator')
),
),
),
'zfcuser' => array(
// telling ZfcUser to use our own class
'user_entity_class' => 'Core\Entity\User',
// telling ZfcUserDoctrineORM to skip the entities it defines
'enable_default_entities' => false,
'enable_username' => true,
'enable_display_name' =>true,
'enable_registration' => true,
'auth_identity_fields' => array('username', 'email'),
),
'view_manager' => array(
'display_not_found_reason' => true,
'display_exceptions' => true,
'doctype' => 'HTML5',
'template_path_stack' => array(
__DIR__ . '/../view',
),
),
'view_helpers' => array(
'invokables' => array(
'modalwindow' => 'Core\View\Helper\ModalWindow',
),
),
from rbacuserdoctrineorm.
and here is the code of the view :
if($this->zfcUserIdentity()){
foreach ($this->zfcUserIdentity()->getRoles() as $role){
echo "role name : ".$role->getName();
echo "has perm ".$role->hasPermission('centre.modify');
}
} else {
echo "no id";
}
?>
<?php if($this->isGranted('centre.modify')){
echo "permission granted ";
} else {
echo "permission not granted ";
} ?>
<?php if($this->hasRole('admin')){
echo "role granted ";
} else {
echo "role not granted ";
}
wich gives :
role name : admin
has perm 1
permission not granted
role granted
from rbacuserdoctrineorm.
Have you tried adding a __toString to your role entity that returns the name i know i received a patch on that a while ago, seeing yourrole model would also clear up a little maybe, but when i test your view code in a new project i get the expected results so there must be something different in on of the objects you extend or replace that is causing the issue, alternativle ill be happy to have a look if you provide a repo that i can clone to see for myselfwhats happening, makes it alot easier
from rbacuserdoctrineorm.
Yes I did (as I said, Role.php is a copy of yours with annotations).
I can't push the code to a public repo, but here's the code : (link will only last a few hours) http://dl.free.fr/nXKXrGh3m
from rbacuserdoctrineorm.
And btw, thanks for the help !
from rbacuserdoctrineorm.
I just checked the project out and after finally getting the database to match your project and inserting some dummy permission and role data I notice no problems at all, permissions are recognized and isGranted returns true?
are you sure that your role hierarchy is right? (as extensively explained in the issue I linked to above)
As that is the only thing I can think of thats wrong?
Or did you apply a fix somewhere that is causing it to currently work? and which file is it? as I cant seem to find an Rbac service override
from rbacuserdoctrineorm.
and to show you you're app is recognizing the permissions:
from rbacuserdoctrineorm.
Ok... that's really weird...
My test role hierarchy is really simple : only one role with one permission.
I deleted the Rbac override as the purpose was to show you the issue.
from rbacuserdoctrineorm.
Coudl you tell me how you configured roles and permissions ?
Here are my datas :
INSERT INTO `permissions` (`id`, `name`) VALUES
(1, 'centre.modify'),
(2, 'events.read'),
(3, 'events.write'),
(4, 'frequencies.read');
INSERT INTO `roles` (`id`, `parent_id`, `name`) VALUES
(1, NULL, 'admin'),
(2, NULL, 'anonymous');
INSERT INTO `roles_permissions` (`role_id`, `permission_id`) VALUES
(1, 1),
(1, 2),
(1, 3),
(1, 4);
INSERT INTO `users` (`id`, `username`, `email`, `displayName`, `password`) VALUES
(1, 'Admin', '[email protected]', 'Administrator', '$2y$14$Zxu17JexBxJEXx4OI86lJOvyGA0lWGKNxBzhKjBuXXmwDf45MkFVy'),
INSERT INTO `users_roles` (`user_id`, `role_id`) VALUES
(1, 1),
from rbacuserdoctrineorm.
Yeah thats weird, you do indeed not have the hierarchy I thought could be the issue, here is my DB setup that you can test with:
INSERT INTO `permissions` (`id`, `name`) VALUES
(1, 'centre.modify'),
(2, 'test');
INSERT INTO `roles` (`id`, `parent_id`, `name`) VALUES
(1, 2, 'guest'),
(2, 3, 'member'),
(3, NULL, 'admin');
INSERT INTO `roles_permissions` (`role_id`, `permission_id`) VALUES
(2, 1),
(2, 2);
my user had the admin role in my test case
from rbacuserdoctrineorm.
It works.
Now we must understand why with my datas it's not the case. I.E. when the role has no child.
I assume that guest is your anonymous role ?
from rbacuserdoctrineorm.
Yes thats correct, ill see if i can have a look at the no children test case a little later and post my findings
from rbacuserdoctrineorm.
Did you found something ?
from rbacuserdoctrineorm.
It seems that your module has been intergrated into ZfcRbac. Is that right ?
from rbacuserdoctrineorm.
Related Issues (5)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rbacuserdoctrineorm.