Enable access to module for unauthorized users in

2019-08-31 05:36发布

问题:

I'm trying to use hybridauth extension in Yii. Without srbac extension is everything fine, problem is that I need to enable access to this module for unauthorized users using it. I've tried setting property alwaysAllowed as stated in srbac guide:

The operations are named as [ModuleId]/[Subdirectory].[ContollerId][Action]

like this:

'alwaysAllowed'=>array( //default: array()
            'SiteLogin','SiteLogout','SiteIndex','SiteAdmin',
            'SiteError', 'SiteContact','hybridauth@controllers.DefaultLogin'),

(my delimiter is @), it doesn't work. I've been debugging it and it seems that the Hybridauth controller (DefaultController) is not recognized as SBaseController in function _extendsSBaseController (modules/srbac/controllers/AuthItemController.php):

if ($cont instanceof SBaseController) {
  return true;
}

My Controller class is extending the SBaseController and it works for controllers which are not in a module, but not for this. I've also tried to directly extend the DefaultController with SBaseController with no luck.

How to set the module to be alwaysAllowed?

回答1:

I've added hybridauth@DefaultIndex and hybridauth@DefaultCallback to allways allowed list and now it works. The construction of this string can be seen in srbac/Controllers/SBaseController.php in function beforeAction:

$access = $mod . $controller . ucfirst($this->action->id);