In my Yii2 project previously I had worked on rbac, set it up as in the yii2 doc click here. Now I worked on different modules and I am back on rbac. Initially set it up with just sysadmin and staff. Now I want to add a new role along with the two previous roles. Which I did it auth_item table and assigned the user_id in the auth_assignmnet table to the new role created.
In my controller added the role name for which actions he can access. But still throws Forbidden Exception. Tried different things but unable to work on it..
Any solution for this?
First of all, you should modify RBAC structure using the provided authManager methods.
After adding new RBAC items manually in database or files you need to make sure cache is not keeping the old data.
Flush cache manually or call console method like
yii cache/flush-all
Related
I'm a beginner in Django.
I would like to know how to configure two different projects to share the same database table in Django. The database I'm using is MySQL.
Let's say there's two projects, project A and project B. In project A, I already created a custom user model in it. And in project B, I want to use the custom user table from database created in project A just for the login. Means that in project A, there's registration and login for the custom user model.
In project B, there's login only that will be using the same custom user data in the database.
Do I have to redefine the same custom user model from project A in project B?
What are the configuration settings that need to be done?
Thanks in advance.
project B can't accessible table from project A. but same database can accessible to multiple projects via enabling remote access on parent project database. but you should keep some point whenever your are made a model in any project then you must add that model in remain project
Okay, somehow I managed to solve this.
Like the previous step, I did python manage.py inspectdb > models.py in project A which I already created custom user model that used for registration and login. Then, I copy that models.py file into project B and changed the custom user model generated by project A to the exact same steps when I created the custom user model in project A. Means that I did the CustomUserManager class as well as the other necessary things required when you create a custom user model(AbstractBaseUser).
Then, in the settings.py of project B, I did AUTH_USER_MODEL which somehow solve this issue.
It seems like in order to use the same custom user model in different projects with same database, we need to redefine the exact custom user model along with managed = False.
I want to create separate databases for different registrations.
First i was doing it via multiple sub-domain manually but now i want it to be automatic after registration when anyone sign up.
This is what am thinking to implement:
First i'll create a common database "user_databases" to just store "user email" and "user database name". So when any user login with his email then i will fetch its database name and then verify login password from users table of the fetched database.
But the problem is how will i achieve it?
Should i include the code in database.php of Config or in each model i use $useDbConfig (i don't want to use it due to some reasons)?
Are there any better methods for it? Am i thinking right to implement it?
Please help and guide.
database partitioning in cakephp is now a trivial task because of cake's event system. cakephp allows you to talk to its request and response objects early in the app startup process in form dispatch filters. markstory has written nicely about this http://mark-story.com/posts/view/using-cakephp-and-a-horizontally-sharded-database
Sorry for my english...
In my project I use ACL with SonataAdminBundle, but I can not understand why they did so, you need to have to create a record in the database, even when I want to use only Class-scope without Object-scope.
Also, when you create, for example, comments, SonataAdminBundle automatically creates an entry in acl_object_identities, it clutters up this action database.
I created a role that has the right to full access to all records in a table, regardless of who created the records, but SonataAdminBundle only displays them and prohibits editing.
The documentation for SonataAdminBundle reads:
because the object ACL permission is checked, the ACL for the object
must have been created, otherwise the AclVoter will deny EDIT access
for a non super admin user trying to edit another non super admin
user. This is automatically done when the object is created using the
Admin. If objects are also created outside the Admin, have a look at
the createSecurityObject method in the AclSecurityHandler.
But why? How to avoid this?
Do not want to write hooks.
Thank you in advance for any comments and help on this.
You can generate the object ACLs with php app/console sonata:admin:generate-object-acl
Why grails shiro plugin create read only tables in mysql for roles and permissions? i create controllers and actions and add them into permissions for registered role in BootStrap file. but every time when i want to add new action into permissions, I must delete the tables and recreate them via rerun the app. how I can edit permissions table manually or maybe I must not create roles and permissions in BootStrap for prod.
Are you sure these tables are readonly? You couldn't even write to them in the bootstrap...
Try to modify them with .save(failOnError:true) and see if you get an error message.
If you don't get an error, post your code with which you try to modify the roles and permissions and I'll help you to sort this out...
So, I'm working through a basic membership management admin panel but I can't quite figure out how to delete a user account. I can create one easily enough with the WebSecurity class, but this class doesn't appear to have any functions to delete an account.
What exactly do i have to do to get this functionality?
Edit: If you are using ASP.NET Web Pages 2 you are now able to accomplish the above by calling the DeleteUser() and DeleteAccount() functions available in WebMatrix.WebData.SimpleMembershipProvider. If you are using ASP.NET Web Pages 1 the answer is still valid. Refer to the SimpleMembershipProvider Class MSDN documenation for more information.
You will have to write your own code to delete the account. It's simply an entry in your database, so use the Database helper to remove the relevant rows from the webpages_UserInRoles,webpages_Membership and UserProfile tables.
The checkmarked answer is incorrect. Use
Membership.DeleteUser()