Is there a good extension for yii framework that controls user permissions. Give them different levels of access. I have checked some of them, they are good but up to date for example http://www.yiiframework.com/extension/rights/.
You can look up this Yii extension. I used it a couple of times myself. http://www.yiiframework.com/extension/srbac/
Before implementing an extention please checkout original rbac from yii. It is important to understand how it works. Extentions are mainly made to have an graphical administration for it.
http://www.yiiframework.com/doc/guide/1.1/en/topics.auth#role-based-access-control
Related
I know of 2 ways to implement admins:
add admin role flag to the user entity
add a new admin entity
I don't know if there are more ways of doing it
1. Does it matter in terms of admin usability? security?
2. which is easier to scale or maintain?
for a rails-specific (but not limited to) sub-question
Is using a premade admin services such as active_admin or adminium are worth it for the long run (heavy use application, not small sized), or would it just be better to make my own admin panel and incrementally add features as I need them?
The answer to that question depends on your needs for a particular project.
Using the premade admin services makes life easier as what you can do is to customize the services by the help of ease that they provide and then use them in your application.
In ActiveAdmin railscasts, there is a video about ActiveAdmin that shows that how it is very customizable. Apart from that there are comments by various people in the railscasts from their experience about its usage.
This will clearly give you the idea in the right direction.
There is also a very good article by batsov which explains the differences between RailsAdmin and ActiveAdmin.
Short version: Do it yourself with the admin role flag. For security do not allow mass assignment of this flag. Build your own admin interface, especially for a big project nothing premade will suit your needs.
Long Version:
I haven't actually used any of the premade admin services as in general my experience has shown me that my users are either normal/admin or semi-admin.
Having your own flag means that you have full control over how to add admin users.
Example: some apps I have allowed anyone with admin access to make anyone else an admin.
Rails allows you to quickly scaffold/build your own custom admin interface and here I can't see anything 'off the shelf' beating the add as you go/need mentality as the end result will be custom built to fully suit your needs vs spending your time with an admin interface that you have to customize yourself.
I am currently trying to implement Authentication using the RavenDB Authentication Bundle and the Facebook C# SDK in MVC 3. I have everything working to date except for persisting all of the information provided by the Facebook Graph API (such as the facebookId and the accesstoken).
One possible (albeit ugly) solution is to create a separate facebook document model for this information and manage both the AuthenticationUser and the facebook model when performing any actions against the user.
I was wondering, however, if there might be a more elegant way to handle this extra data and incorporate it into the AuthenticationUser document by possibly extending it somehow? Any suggestions would be greatly appreciated. Thanks in advance.
The easiest would be to inherit from AuthorizationUser and add anything you want.
You can also NOT inherit from it, as long it has has the same shape (expected properties match)
I'm starting a new project with Symfony 2 and I have to create and manage some users with many personnal informations.
I must decide to chose a way to manage us and i wish receive some advice for chose Symfony 2 basic implementation or FOSUserBundle for example.
Use FOSUserBundle. It's easy to install and configure.
At the most basic level, it lets you easily handle user storage and authentication through the database. It requires that your user entity conform to some of its 'standards', but after that you're free to write your user entity how you see fit.
AFAIK, it's also the most popular user management solution for Symfony2 right now, so you should be able to easily find resources/information for it online.
I would like users to have the ability of signing in without being Windows users. This means, either using Form Based Authentication or a better option, which I'm now aware right now.
Could anybody tell me how to install FBA in Share Point 2010, or recommend me a good article about it?
I've read several articles about this, but almost all of them tell me to modify several web.config files, and I really don't like the idea of touching things without being sure of what I'm doing.
Note: I'm not using Active Directory...just in case.
EDIT:
I've followed this tutorial, but I still cannot sign in using FBA. Also, I've noticed I don't have any users on SQL-Auth database (it's explained in that tutorial). Is that normal, or automatic?
Thanks,
Brian
I read quite a few articles about FBA configuration and followed instruction provided by them. But it wasn't until I found Configuring Forms Based Authentication for SharePoint 2010 using IIS7 I finally managed to make FBA work - I highly recommend this article.
The users are not created automatically - you can create them:
using IIS Manager,
programmatically (Membership.CreateUser),
using the MembershipSeeder tool mentioned in the tutorial you linked in your question.
This one has lots of screenshots and step-by-step explanations and might be helpful too.
http://kbochevski.blogspot.com/2011/01/setup-fba-for-sharepoint-2010-using-vs.html
Alright. So I am new, I know my way around html pretty well, and have gotten by for a while now doing so. But today I am presented with a seemingly simple issue.
My client needs the ability for users to create their own LOGIN/PASSWORD, my client wants to be able to MANUALLY approve visitors. And he want to be able to track how many times they login.
The login section will just be about 4 pages of PDF file downloads.
I cant imagine this is the hardest thing in the world, I just have no clue where to even start. Perhaps there is a code already written, as things like this are done every day using forum technologies...
Please help!
It may also help to mention that I am using Dreamweaver cs4 on a MAC
I'd check out Ruby on Rails if I were you. It's pretty easy to get something quick up with it that you can have users create accounts with that send e-mails to the client with approve/reject options, and be able to track downloads and users via MySQL or other databases.
I've found Agile Development with Rails to be a great source of info on how to do stuff like this (they do an online bookstore as the book's example) and with a little modification I think it should work for what you say you want to do (and the book is pretty cheap as far as programming books go).
If you want just really basic static login features without lots of coding, you can start with Password protecting your pages with htaccess. You can password protect directories like this without any effort at all. This way, you can be sure that your login routine is secure.
Then, you can continue with advanced features like account administration and login statistics. These will require some programming skills.
Tracking count of user logins should be easy too. You can put simple PHP code to the source of protected pages that will save the info about login to the database. This will require you to study some basics of databases. You can use plaintext files which is not as clean but much easier and it will allow you to export info for your client more easily.
If you want to do it profesionally, you should invest in learning about web development or hire someone to do it for you. These tasks might not be trivial.
Have you worked with PHP, ASP.Net or some other web language yet? What you're trying to isn't too difficult in the grand scheme of things but it may be somewhat challenging if you haven't programmed before and/or haven't had any experience with web development.
(P.s. Alter your question as a response and comment on my answer when you're finished.)
As you are looking into Ruby on Rails, take a look at bort which is a RoR app skeletton with RESTful authentication included, it should help (Chris Bunch answered on the general RoR question).
There is also this bort fork. There is also Authlogic which may be easier to work with.
Have a look at the ASP.net Membership provider and also the login controls which provides the UI for the login as well as registration screens out of the box.
Here is a Multipart Series on ASP.NET's Membership, Roles, and Profile
If this is too complex than probably you can also design you application from scratch using ASP.net. If you don't know asp.net than the best place to start is www.asp.net it has several videos and tutorials which would help you get going soon.