RBAC in Yii, Guest not authorized
Question
Im trying to implement RBAC in Yii (using the rights module).
When trying to authorize an unauthenticated user (Guest), CWebUser
calls CDbAuthManager
:
$access=Yii::app()->getAuthManager()->checkAccess($operation,$this->getId(),$params);
CDbAuthManager
then tries to get the authassignments of the user
$assignments=$this->getAuthAssignments($userId);
The problem is, because the user is a Guest, $userId
is null
, and $assignments
is an empty array. Therefore i can not i cannot authorize a guest user to any action (unless declaring allowedActions())
What am i doing wrong?
Solution
Make sure Guest is added to the defaultRoles in your config. Also make sure the Guest role has a bizRule which has the expression
return Yii::app()->user->isGuest
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow