before starting I premise and humbly apologize: I am a neophyte regarding the use of Laravel framework. I Searched eveywhere even the documentation but without results.
My question is if it is possible to assign a role at registration time using the Laratrust library. We want for example that the first 4/5 users who register are administrators, from the fifth onwards are normal users with restricted permissions.
This is the code regarding the Controller for registration.
RegisterController.php
/**
* Create a new user instance after a valid registration.
*
* #param array $data
* #return \App\Models\User
*/
protected function create(array $data)
{
$user = User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password']),
]);
if(Auth::id() < 4 ){
$user->attachRole('administrator');
}
else{
$user->attachRole('user');
}
return $user;
}
This is the method that aims to register the user from the form, for some reason when I go to take the current id of the user, the condition in the if statement is bypassed, in fact in the database in the table roles i always have users that are administrators. I am thinking that maybe the real problem is Auth Class beacuse if i understood correctly this class is used when a user is already logged.
protected function create(array $data)
{
$user = User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password']),
]);
$checklatestid = User::latest()->pluck('id')->first();
if($checklatestid < 4 ){
$user->attachRole('administrator');
//Ruolo amministratore impianto scii
}
else{
$user->attachRole('user');
//Ruolo cliente impianto scii
}
return $user;
}
If understand you correctly
I have a Users table and a UsersProfiles table - the two are obviously related and the user table stores basic user_id, username, password while the users_profiles table stores firstname, lastname, job_title etc.
In CakePHP 3, the call to Authentication Component on login returns the basic user table row. I would like to modify the same to also return the corresponding profile row. How can I do this?
I found a way to do it - but am not sure if there is a more elegant or simpler way.
public function login() {
if ($this->request->is('post')) {
$user = $this->Auth->identify();
if ($user) {
// load profile and associate with user object
$profile = $this->Users->UsersProfiles->get($user['id']);
$user['users_profile'] = $profile;
$this->Auth->setUser($user);
return $this->redirect($this->Auth->config('loginRedirect'));
}
$this->Flash->error(__('Invalid username or password, try again'));
}
}
The contain option
Before CakePHP 3.1, use the contain option
$this->loadComponent('Auth', [
'authenticate' => [
'Form' => [
'contain' => ['UsersProfiles']
]
]
]);
A custom finder
As of 3.1 you can use the finder option to define the finder to use for building the query that fetches the user data
$this->loadComponent('Auth', [
'authenticate' => [
'Form' => [
'finder' => 'auth'
]
]
]);
In your table class
public function findAuth(\Cake\ORM\Query $query, array $options)
{
return $query->contain(['UsersProfiles']);
}
Both solutions
will ensure that the data returned by AuthComponent::identify() will contain the associated UsersProfiles.
See also
Cookbook > ... Components > Authentication > Configuring Authentication Handlers
Cookbook > ... Components > Authentication > Customizing find query
Fatal error: Call to undefined method Rights::t()
Getting this error when ever i want to go in any controller or in any controller's action. I am using yii user and rights. for instance when i type localhost/business/address/create i get the above error.
Yii user is working fine, even rights too. But i cannot access any controller.
'bootstrap',
'basePath'=>dirname(FILE).DIRECTORY_SEPARATOR.'..',
'name'=>'My Web Application',
// preloading 'log' component
'preload'=>array('log'),
'aliases' => array(
'bootstrap' => 'ext.bootstrap' ),
// autoloading model and component classes
'import'=>array(
//addedd these lines
'application.modules.user.models.*',
'application.modules.user.components.*',
'application.modules.rights.*',
'application.modules.rights.components.*',
'application.models.*',
'application.components.*',
'bootstrap.behaviors.*',
'bootstrap.helpers.*',
'bootstrap.widgets.*'
),
'modules'=>array(
// uncomment the following to enable the Gii tool
'gii'=>array(
'class'=>'system.gii.GiiModule',
'password'=>'centangle',
'generatorPaths' => array( 'bootstrap.gii', ),
// If removed, Gii defaults to localhost only. Edit carefully to taste.
'ipFilters'=>array('127.0.0.1','::1'),
),
'user'=>array(
'tableUsers' => 'user',
'tableProfiles' => 'profiles',
'tableProfileFields' => 'profiles_fields',
# encrypting method (php hash function)
'hash' => 'md5',
# send activation email
'sendActivationMail' => true,
# allow access for non-activated users
'loginNotActiv' => false,
# activate user on registration (only sendActivationMail = false)
'activeAfterRegister' => false,
# automatically login from registration
'autoLogin' => true,
# registration path
'registrationUrl' => array('/user/registration'),
# recovery password path
'recoveryUrl' => array('/user/recovery'),
# login form path
'loginUrl' => array('/user/login'),
# page after login
'returnUrl' => array('/user/profile'),
# page after logout
'returnLogoutUrl' => array('/user/login'),
),
'rights'=>array(
'install'=>true,
'superuserName'=>'admin', // Name of the role with super user privileges.
'authenticatedName'=>'Authenticated', // Name of the authenticated user role.
'userIdColumn'=>'id', // Name of the user id column in the database.
'userNameColumn'=>'username', // Name of the user name column in the database.
'enableBizRule'=>true, // Whether to enable authorization item business rules.
'enableBizRuleData'=>true, // Whether to enable data for business rules.
'displayDescription'=>true, // Whether to use item description instead of name.
'flashSuccessKey'=>'RightsSuccess', // Key to use for setting success flash messages.
'flashErrorKey'=>'RightsError', // Key to use for setting error flash messages.
'baseUrl'=>'/rights', // Base URL for Rights. Change if module is nested.
'layout'=>'rights.views.layouts.main', // Layout to use for displaying Rights.
'appLayout'=>'application.views.layouts.main', // Application layout.
'cssFile'=>'rights.css', // Style sheet file to use for Rights.
'install'=>false, // Whether to enable installer.
'debug'=>false,
),
),
// application components
'components'=>array(
'user'=>array(
'class'=>'WebUser',
// enable cookie-based authentication
'allowAutoLogin'=>true,
'loginUrl'=>array('/user/login'),
),
'authManager'=>array(
'class'=>'RDbAuthManager',
'connectionID'=>'db',
'itemTable'=>'authitem',
'itemChildTable'=>'authitemchild',
'assignmentTable'=>'authassignment',
'rightsTable'=>'rights',
'defaultRoles'=>array('Authenticated', 'Guest'),
),
'bootstrap' => array(
'class' => 'bootstrap.components.BsApi', ),
// uncomment the following to enable URLs in path-format
'urlManager'=>array(
'urlFormat'=>'path',
'showScriptName' => false,
'rules'=>array(
'user/registration/<id:\w+>' => 'user/registration',
'<controller:\w+>/<id:\d+>' => '<controller>/view',
'<controller:\w+>/<action:\w+>/<id:\d+>' => '<controller>/<action>',
'<controller:\w+>/<action:\w+>' => '<controller>/<action>',
),
),
/*'db'=>array(
'connectionString' => 'sqlite:'.dirname(__FILE__).'/../data/testdrive.db',
),*/
// uncomment the following to use a MySQL database
'db'=>array(
'connectionString' => 'mysql:host=localhost;dbname=copy',
'emulatePrepare' => true,
'username' => 'root',
'password' => '',
'charset' => 'utf8',
),
'errorHandler'=>array(
// use 'site/error' action to display errors
'errorAction'=>'site/error',
),
'log'=>array(
'class'=>'CLogRouter',
'routes'=>array(
array(
'class'=>'CFileLogRoute',
'levels'=>'error, warning',
),
// uncomment the following to show log messages on web pages
/*
array(
'class'=>'CWebLogRoute',
),
*/
),
),
),
// application-level parameters that can be accessed
// using Yii::app()->params['paramName']
'params'=>array(
// this is used in contact page
'adminEmail'=>'webmaster#example.com',
),
);
and this is my controller business
class BusinessController extends RController
{
public function filters()
{
return array(
'accessControl', // perform access control for CRUD operations
'postOnly + delete', // we only allow deletion via POST request
'rights',
);
}
/**
* Specifies the access control rules.
* This method is used by the 'accessControl' filter.
* #return array access control rules
*/
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('index','view'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update'),
'users'=>array('#'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('admin','delete'),
'users'=>array('admin'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
/**
* Displays a particular model.
* #param integer $id the ID of the model to be displayed
*/
public function actionView($id)
{
$this->render('view',array(
'model'=>$this->loadModel($id),
));
}
/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
*/
public function actionCreate()
{
$model=new Business;
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['Business']))
{
$model->attributes=$_POST['Business'];
if($model->save())
$this->redirect(array('view','id'=>$model->id));
}
$this->render('create',array(
'model'=>$model,
));
}
/**
* Updates a particular model.
* If update is successful, the browser will be redirected to the 'view' page.
* #param integer $id the ID of the model to be updated
*/
public function actionUpdate($id)
{
$model=$this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['Business']))
{
$model->attributes=$_POST['Business'];
if($model->save())
$this->redirect(array('view','id'=>$model->id));
}
$this->render('update',array(
'model'=>$model,
));
}
/**
* Deletes a particular model.
* If deletion is successful, the browser will be redirected to the 'admin' page.
* #param integer $id the ID of the model to be deleted
*/
public function actionDelete($id)
{
$this->loadModel($id)->delete();
// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
if(!isset($_GET['ajax']))
$this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin'));
}
/**
* Lists all models.
*/
public function actionIndex()
{
$dataProvider=new CActiveDataProvider('Business');
$this->render('index',array(
'dataProvider'=>$dataProvider,
));
}
/**
* Manages all models.
*/
public function actionAdmin()
{
$model=new Business('search');
$model->unsetAttributes(); // clear any default values
if(isset($_GET['Business']))
$model->attributes=$_GET['Business'];
$this->render('admin',array(
'model'=>$model,
));
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* #param integer $id the ID of the model to be loaded
* #return Business the loaded model
* #throws CHttpException
*/
public function loadModel($id)
{
$model=Business::model()->findByPk($id);
if($model===null)
throw new CHttpException(404,'The requested page does not exist.');
return $model;
}
/**
* Performs the AJAX validation.
* #param Business $model the model to be validated
*/
protected function performAjaxValidation($model)
{
if(isset($_POST['ajax']) && $_POST['ajax']==='business-form')
{
echo CActiveForm::validate($model);
Yii::app()->end();
}
}
}
it is because of this mistake.the problem lies in the writing of the code, make sure you must write your code in config.main like this
'import' => array(
'application.models.*',
'application.components.*',
'bootstrap.behaviors.*',
'bootstrap.helpers.*',
'bootstrap.widgets.*',
//add this code after the above code and thats it, a small stupid mistake may cost you 3 days of hard debugging.
'application.modules.user.models.*',
'application.modules.user.components.*',
'application.modules.rights.*',
'application.modules.rights.components.*'
),
$criteria = new CDbCriteria;
$criteria->addCondition(array('where' => 'book_id = ' . $id));
$dataProvider = new CActiveDataProvider('Copy', array(
'criteria' => $criteria
));
$this->render('specificCopy', array(
'dataProvider' => $dataProvider,
));
//------//
array('allow',
'actions' => array('specificCopy'),
'users' => array('*'),
),
like this ?
or something wrong ?
by these code, i want to retrieve data from 'Copy' mdoel with some criteria as shown.
but, when i render it to view (specificCopy), my apps show this error :
Error 403
You are not authorized to perform this action.
can anybody help me ?
in your controllerAdd 'specificCopy' in rules
public function accessRules()
{
return array(
array('allow',
'actions'=>array('index','view','specificCopy'),
'users'=>array('*'),
),
array('allow',
'actions'=>array('create','update','captcha','specificCopy'),
'users'=>array('#'),
),
array('allow',
'actions'=>array('admin','delete'),
'users'=>array('admin'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
access rules of pages controller:
public function accessRules()
{
$isadmin = User::loadUser(Yii::app()->user->id)->adminUser;
return array(
array('allow',
'actions'=>array('index','view','create','update'),
'expression'=>"{$isadmin}==1",
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
main config:
'user' => array( // Webuser for the admin area (admin)
'class' => 'WebUser',
'allowAutoLogin' => true,
'loginUrl' => array('/user/login'),
'stateKeyPrefix' => 'admin_',
),
Problem:
When I visit pages/create, it not redirected to user/login but throws the exception:
Error 404
The requested page does not exist.
How Can I redirect to login pages for unauthorized user?
You can use 'deniedCallback' to do this.
Method 1
'deniedCallback' => function() {Yii::app()->controller->redirect(array ('actionName'));},
//It will come As
array('allow',
'actions' => array('actionName1,actionName2,actionName3'),
'deniedCallback' => function() {Yii::app()->controller->redirect(array ('actionName'));},
'users' => array('#'),
),
Method 2:
You can also do the same by calling a function, see bellow code.
array('allow',
'deniedCallback' => array($this, 'goToLogin'),
'actions' => array('actionName1,actionName2,actionName3'),
'users' => array('#'),
),
Code for goToLogin method
public function goToLogin()
{
$this->redirect('/controller/actionName');
//For your program
//$this->redirect('/site/login');
}
Yii::app()->user->loginRequired();
add this funtion in every controller.
public function beforeAction($action) {
if (Yii::app()->user->isGuest && Yii::app()->controller->action->id != "login") {
Yii::app()->user->loginRequired();
}
//something code right here if user valid
return true;
}
site controller only needs Yii::app()->controller->action->id != "login" this condition. remove it for another controllers