Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
[OrmAuth] Error when actions = null
  • sdekkerssdekkers
    Hi, I've tried to upgrade to 1.7, and I get the following error:

    ERROR - 2013-10-21 10:34:39 --> Warning - array_flip() expects parameter 1 to be array, null given in /***/fuel/packages/auth/classes/auth/acl/ormacl.php on line 187

    This is when the actions field is set to null (example: user.create doesn't need additional actions, system.manage does (clean_db, or whatever)

    I've also noted that it doesn't add any actions at all for the users' rights, so I've put back ormacl.php from 1.6.1, which works so far..

    Any fix for this?
  • sdekkerssdekkers
    I've converted from NULL to empty serialized arrays in the DB, error is gone, but now actions are never set as actual right (licence.manage shows up, licence.manage.transfer doesn't)


  • HarroHarro
    If you use the supplied ORM models to access the tables (userpermission, rolepermission and grouppermission), this will be handled automatically. If you create records manually, you have to make sure all values are stored correctly.

    If your permission contains a list of actions, you obviously need to assign them before you can use them

    If, in your case, there is no right that assigns the action "transfer", it's logical that no user will have that right, and has_access("licence.manage.transfer") will return false.
  • sdekkerssdekkers
    The thing is, the rights are assigned, I've re-created all rights via the classes supplied, still no actions are visible when logged in. When i put /packages/auth/classes/auth/acl/ormacl.php from 1.6.1 it does, with 1.7 it doesn't.

    There's a few things that changed in that file since 1.7, example:

    code in 1.6.1:
    isset($revoked_rights[$permission->area]) or $revoked_rights[$permission->area] = array();
    if ( ! in_array($permission->permission, $revoked_rights[$permission->area]))
    {
    $revoked_rights[$permission->area][$permission->permission] = $role->rolepermission['['.$role->id.']['.$permission->id.']']->actions;
    }

    code in 1.7:
    isset($revoked_rights[$permission->area][$permission->permission]) or $revoked_rights[$permission->area][$permission->permission] = array();
    $revoked_rights[$permission->area][$permission->permission] = array_merge(
    $revoked_rights[$permission->area][$permission->permission],
    array_intersect_key(
    $role->rolepermission['['.$role->id.']['.$permission->id.']']->permission->actions,
    array_flip($role->rolepermission['['.$role->id.']['.$permission->id.']']->actions)
    )
    );
  • HarroHarro
    Accepted Answer
    This is about revoked rights, so not relevant unless you're talking about that.

    How do actions work?

    The permission record defines the possible actions for that permission. For example: array('add', 'edit', 'delete'). The permission relation record (userpermission, rolepermission or grouppermission model) then defines which of these actions are assigned (to that user, role or group), by listing the array keys.

    So if your permission assignment should give access to 'edit' only, it's action column should contain: array(1).

    For revoke rules it works exactly the same.
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion