RBAC in Yii, Guest not authorized

Question

Im trying to implement RBAC in Yii (using the rights module).

When trying to authorize an unauthenticated user (Guest), CWebUser calls CDbAuthManager:

$access=Yii::app()->getAuthManager()->checkAccess($operation,$this->getId(),$params);

CDbAuthManager then tries to get the authassignments of the user

$assignments=$this->getAuthAssignments($userId);

The problem is, because the user is a Guest, $userId is null, and $assignments is an empty array. Therefore i can not i cannot authorize a guest user to any action (unless declaring allowedActions())

What am i doing wrong?

Answer 1

Make sure Guest is added to the defaultRoles in your config. Also make sure the Guest role has a bizRule which has the expression

return Yii::app()->user->isGuest