-
grimpirate
Junior Member
-
Posts: 28
Threads: 9
Joined: Nov 2020
Reputation:
4
04-21-2023, 08:23 AM
(This post was last modified: 04-22-2023, 08:22 AM by grimpirate.)
I'm using the following spark command to create three default users for testing purposes:
PHP Code: <?php
namespace App\Commands;
use CodeIgniter\CLI\BaseCommand; use CodeIgniter\CLI\CLI;
use CodeIgniter\Shield\Entities\User;
class SettingsCommand extends BaseCommand { protected $group = 'Setup';
protected $name = 'setup:initial';
protected $description = 'Initializes assorted defaults';
protected $usage = 'setup:initial';
public function run(array $params) {
helper('setting');
setting('Auth.allowRegistration', false);
$this->registerUser([ 'username' => 'admin', 'email' => '[email protected]', 'password' => 'omgapassword', ], 'superadmin');
$this->registerUser([ 'name_first' => 'JANE', 'name_last' => 'DOE', 'title_job' => 'Big Boss', 'username' => 'boss', 'email' => '[email protected]', 'password' => 'omgapassword', ], 'admin');
$this->registerUser([ 'name_first' => 'Jane', 'name_last' => 'Doe', 'title_job' => 'Little Cog', 'username' => 'user', 'email' => '[email protected]', 'password' => 'omgapassword', ], 'user'); }
private function registerUser($data, $group) { $users = auth()->getProvider(); $user = new User($data); $users->save($user); $user = $users->findById($users->getInsertID()); $user->syncGroups($group); } }
After successful login, I land on my homepage which issues:
PHP Code: print_r(auth()->user()->getPermissions());
However, the output is an empty array. Shouldn't this be an array with all the default permissions for shield for the particular group type of the user (I realize that the user group is empty, I'm getting the same result for admin and superadmin)? I'm also using a custom UserModel class that provides the extra fields: name_first, name_last, title_job
Same issue as described in this post.
-
datamweb
I'm interested in programming
-
Posts: 185
Threads: 12
Joined: Jun 2015
Reputation:
25
Permissions vary by Groups.
Your command creates the user with the desired group.
Therefore, you can use the following command to access the user group.
PHP Code: print_r(auth()->user()->getGroups());
If you want to access permissions, you must first add permissions for each user. In this command, you have not added permission for the user, so an empty array is returned.
see https://codeigniter4.github.io/shield/au...permission
-
grimpirate
Junior Member
-
Posts: 28
Threads: 9
Joined: Nov 2020
Reputation:
4
04-21-2023, 01:10 PM
(This post was last modified: 04-21-2023, 01:10 PM by grimpirate.)
-
datamweb
I'm interested in programming
-
Posts: 185
Threads: 12
Joined: Jun 2015
Reputation:
25
04-21-2023, 02:00 PM
(This post was last modified: 04-21-2023, 02:00 PM by datamweb.)
Using matrix is useful for checking access permissions with method can().
So if the user is in group superadmin and the permission is not registered in table
auth_permissions_users for it.
And you have AuthGroups.php settings as follows.
PHP Code: public array $matrix = [ 'superadmin' => [ 'admin.access', ], ];
You will get output yes. Even though the user is not registered for permissions(admin.access).
PHP Code: if ($user->can('admin.access')) { echo 'yes!!'; }
At least that's my impression. And I don't know anything more than that.
-
grimpirate
Junior Member
-
Posts: 28
Threads: 9
Joined: Nov 2020
Reputation:
4
@ datamweb and @ kenjis thank you both very much for explaining the nuance, that wasn't immediately apparent to me when I read through the documentation.
-
kenjis
Administrator
-
Posts: 3,681
Threads: 97
Joined: Oct 2014
Reputation:
228
|