Yii2: RBAC: cannot revoke assingment

Created on 18 Oct 2016  路  4Comments  路  Source: yiisoft/yii2

What steps will reproduce the problem?

  1. Create an user 'jam' (successful)
  2. Create a role 'marketer', no matter with or without permissions (successful)
  3. Assign the user 'jam' with the role 'marketer' (successful)
  4. Revoke the assignment 'jam-marketer' (fail)

    What is the expected result?

The assignment revoked, the user 'jam' has no role by name 'marketer'.

What do you get instead?

All Rbac functions works perfectly except the revoke.

2016-10-18 06:27:43 [error][yii\base\ErrorException:8] exception 'yii\base\ErrorException' with message 'Trying to get property of non-object' in /var/www/mysite/vendor/yiisoft/yii2/rbac/DbManager.php:821

Stack trace:

0 /var/www/mysite/vendor/yiisoft/yii2/rbac/DbManager.php(821): yii\base\ErrorHandler->handleError(8, 'Trying to get p...', '/var/www/tablo....', 821, Array)

1 /var/www/mysite/backend/controllers/AccessController.php(274): yii\rbac\DbManager->revoke('marketer', '1')

2 [internal function]: backend\controllers\AccessController->actionRevoke('marketer', '1')

3 /var/www/mysite/vendor/yiisoft/yii2/base/InlineAction.php(55): call_user_func_array(Array, Array)

4 /var/www/mysite/vendor/yiisoft/yii2/base/Controller.php(154): yii\base\InlineAction->runWithParams(Array)

5 /var/www/mysite/vendor/yiisoft/yii2/base/Module.php(454): yii\base\Controller->runAction('revoke', Array)

6 /var/www/mysite/vendor/yiisoft/yii2/web/Application.php(87): yii\base\Module->runAction('access/revoke', Array)

7 /var/www/mysite/vendor/yiisoft/yii2/base/Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))

8 /var/www/mysite/backend/web/index.php(18): yii\base\Application->run()

9 {main}

2016-10-18 06:27:43 [info][application] $_GET = [
'role' => 'marketer'
'userid' => '1'
]

Additional info

| Q | A |
| --- | --- |
| Yii version | 2.0.6 |
| PHP version | 7.0.11-1+deb.sury.org~xenial+1 |
| Operating system | Ubuntu 16.04 LTS xenial |

picture mogilka

Most helpful comment

revoke is expecting a yii\rbac\Role object not a string.

$role = $auth->getRole($roleName);
$res = $auth->revoke($role, $userid);
picture alex-code on 18 Oct 2016
👍4

All 4 comments

AccessController revoke method:

`/**
* 校写邪谢械薪懈械 褉芯谢懈 锌芯谢褜蟹芯胁邪褌械谢褟
* @param string $role 懈屑褟 褉芯谢懈
* @param int $userid 懈写械薪褌懈褎懈泻邪褌芯褉 锌芯谢褜蟹芯胁邪褌械谢褟
* @throws NotFoundHttpException
* @return \yii\web\Response
*/
public function actionRevoke($role, $userid) {
$auth = Yii::$app->authManager;
$model = $auth->getAssignment($role, $userid);
if (empty($model))
throw new NotFoundHttpException("There is no assignment \"$role\" for user \"$userid\".");

$res = $auth->revoke($role, $userid);
if (!$res)
    Yii::$app->session->setFlash('danger', Yii::t("yii", "Error"));
return $this->redirect(['assign', "userid"=>$userid]);
}`
mogilka picture mogilka on 18 Oct 2016
  • is the result of steps 1,2,3 visible in your DB?
  • what do you see
  • are you sure that the AuthManager is revoking from the right DB?
dynasource picture dynasource on 18 Oct 2016

revoke is expecting a yii\rbac\Role object not a string.

$role = $auth->getRole($roleName);
$res = $auth->revoke($role, $userid);
alex-code picture alex-code on 18 Oct 2016
👍4

Thank you, sorry it's my fault

mogilka picture mogilka on 18 Oct 2016
Was this page helpful?
0 / 5 - 0 ratings

Related issues

newscloud picture newscloud  路  3Comments
Kolyunya picture Kolyunya  路  3Comments
schmunk42 picture schmunk42  路  3Comments
kminooie picture kminooie  路  3Comments
dryu picture dryu  路  3Comments