Linux permissions issue with Yii using Gii

Question

When I am trying to use Gii Controller Generator I get:

file_put_contents(.../gii-1.1.14/ControllerCode.php): failed to open stream: Permission denied 

I have created a Yii demo project as a root so I recursively changed yiidemo(project's folder) owner and group to 'web-data'. I left permissions unchanged. This didn't help.

Then I have recursively changed permissions inside this folder to 777. All worked.

I've tried different combinations(eg. dir/file: 755/644) for directories/files but none worked. I know that 777 is not the best solution. How do I find the optimal working permissions combination for this case?

Answer 1

when using Gii it creates new files in protected directory. In other words php and apache needs to write in your protected dir.

By default, for security reasons, Gii is configured to be accessible only on development (localhost). Therefore, it should only be installed on a development machine. Because it can generate new PHP script files in the application, we should pay sufficient attention to its security measures (e.g. password, IP filters). If you want to make it accessible on other trustable computers, you can configure the Gii Module like .

return array(
......
'modules'=>array(
    'gii'=>array(
        'class'=>'system.gii.GiiModule',
        'password'=>'pick up a password here',
        // 'ipFilters'=>array(...a list of IPs...),
        // 'newFileMode'=>0666,
        // 'newDirMode'=>0777,
    ),
),
);

Because Gii may generate and save new code files in the existing application, we need to make sure that the Web server process has the proper permission to do so. The above GiiModule::newFileMode and GiiModule::newDirMode properties control how the new files and directories should be generated.

for permission you can change your protected owner:group using:

$ sudo chown yourUserName:www-data path/to/protected
$ sudo chmod 775 path/to/protected -R

read more about gii here