Yii2: RBAC: cannot revoke assingment

Created on 18 Oct 2016  ·  4Comments  ·  Source: yiisoft/yii2

What steps will reproduce the problem?

  1. Create an user 'jam' (successful)
  2. Create a role 'marketer', no matter with or without permissions (successful)
  3. Assign the user 'jam' with the role 'marketer' (successful)
  4. Revoke the assignment 'jam-marketer' (fail)

    What is the expected result?

The assignment revoked, the user 'jam' has no role by name 'marketer'.

What do you get instead?

All Rbac functions works perfectly except the revoke.

2016-10-18 06:27:43 [error][yii\base\ErrorException:8] exception 'yii\base\ErrorException' with message 'Trying to get property of non-object' in /var/www/mysite/vendor/yiisoft/yii2/rbac/DbManager.php:821

Stack trace:

0 /var/www/mysite/vendor/yiisoft/yii2/rbac/DbManager.php(821): yii\base\ErrorHandler->handleError(8, 'Trying to get p...', '/var/www/tablo....', 821, Array)

1 /var/www/mysite/backend/controllers/AccessController.php(274): yii\rbac\DbManager->revoke('marketer', '1')

2 [internal function]: backend\controllers\AccessController->actionRevoke('marketer', '1')

3 /var/www/mysite/vendor/yiisoft/yii2/base/InlineAction.php(55): call_user_func_array(Array, Array)

4 /var/www/mysite/vendor/yiisoft/yii2/base/Controller.php(154): yii\base\InlineAction->runWithParams(Array)

5 /var/www/mysite/vendor/yiisoft/yii2/base/Module.php(454): yii\base\Controller->runAction('revoke', Array)

6 /var/www/mysite/vendor/yiisoft/yii2/web/Application.php(87): yii\base\Module->runAction('access/revoke', Array)

7 /var/www/mysite/vendor/yiisoft/yii2/base/Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))

8 /var/www/mysite/backend/web/index.php(18): yii\base\Application->run()

9 {main}

2016-10-18 06:27:43 [info][application] $_GET = [
'role' => 'marketer'
'userid' => '1'
]

Additional info

| Q | A |
| --- | --- |
| Yii version | 2.0.6 |
| PHP version | 7.0.11-1+deb.sury.org~xenial+1 |
| Operating system | Ubuntu 16.04 LTS xenial |

picture mogilka

Most helpful comment

revoke is expecting a yii\rbac\Role object not a string.

$role = $auth->getRole($roleName);
$res = $auth->revoke($role, $userid);
picture alex-code on 18 Oct 2016
👍4

All 4 comments

AccessController revoke method:

`/**
* Удаление роли пользователя
* @param string $role имя роли
* @param int $userid идентификатор пользователя
* @throws NotFoundHttpException
* @return \yii\web\Response
*/
public function actionRevoke($role, $userid) {
$auth = Yii::$app->authManager;
$model = $auth->getAssignment($role, $userid);
if (empty($model))
throw new NotFoundHttpException("There is no assignment \"$role\" for user \"$userid\".");

$res = $auth->revoke($role, $userid);
if (!$res)
    Yii::$app->session->setFlash('danger', Yii::t("yii", "Error"));
return $this->redirect(['assign', "userid"=>$userid]);
}`
mogilka picture mogilka on 18 Oct 2016
  • is the result of steps 1,2,3 visible in your DB?
  • what do you see
  • are you sure that the AuthManager is revoking from the right DB?
dynasource picture dynasource on 18 Oct 2016

revoke is expecting a yii\rbac\Role object not a string.

$role = $auth->getRole($roleName);
$res = $auth->revoke($role, $userid);
alex-code picture alex-code on 18 Oct 2016
👍4

Thank you, sorry it's my fault

mogilka picture mogilka on 18 Oct 2016
Was this page helpful?
0 / 5 - 0 ratings

Related issues

wartur picture wartur  ·  3Comments
sobit picture sobit  ·  3Comments
kminooie picture kminooie  ·  3Comments
AstRonin picture AstRonin  ·  3Comments
indicalabs picture indicalabs  ·  3Comments