Questions tagged [rbac]

RBAC is short for Role Based Access Control, an authorization and access control model in which access to restricted resources is granted or denied based on whether the requester's identity is associated with one or more role classifications required by the restricted resource.

Traditionally, security systems have often been structured to specify which individuals are allowed to access each restricted resource. As the number of restricted resources and number of individuals grows, this quickly becomes difficult to administer. When a person leaves the organization or joins the organization, the person must be removed from or added to all the relevant access control lists.

In Role Based Access Control, a level of abstraction in inserted between the restricted resource and the identities permitted to use that resource. A role descriptor is defined, typically aligned with job function (operator, manager, etc). The role descriptor is added to the access control list of the restricted resources. Individual identities are associated with or tagged with the role descriptor. When access to a restricted resource is requested, access can be granted by checking to see if the requesting identity is associated with one or more of the role definitions permitted to access the resource.

In this configuration, the number of role descriptors is relatively small even when there are a large number of users or resources involved, making the overall system easier to manage and administer than direct-reference access control lists.

1107 questions

votes

1 answer

Yii verify a child of child

I have role = "reporting", which has a task child = "reporting.task", which has an operation child = "reporting.task.create"; but the following: if(Yii::app()->authManager->hasItemChild($reportingRole,$reportingTaskCreateOperation)) evaluates to…

php yii rbac

asked Feb 19 '14 at 13:51

user3328359

votes

3 answers

How to implement Role Based Access Control with rails/java?

I'm working on new application with many users, a few roles and specific permissions for those roles. I would like to know the best practices to implement RBAC. My requirements are: I will have set of roles assigned to users say, user1=superadmin,…

java ruby-on-rails authentication authorization rbac

asked Jan 29 '14 at 18:46

Kiran

20,167
11
67
99

votes

1 answer

Yii RBAC operation in different tasks

I ran into interesting situation. I have 2 roles. First - child, second - parent. And i have operation 'users.update' in task 'own.profile' in my child-role, like this: Task: own.profile Operation: users.update Operation: users.view So, there…

yii role rbac

asked Jan 28 '14 at 10:33

Anton Abramov

2,251
6
24
27

votes

1 answer

Laravel 4 How to use Authority package

I have created model User and table users to store user information I also have executed the migration script. I have no idea how to log user in and make authority recognize the user. I really need tutorial or sample application or anything that…

laravel acl rbac authority

asked Jan 19 '14 at 12:19

Weldan Jamili

votes

1 answer

RBAC system with two parameters

I’m looking for an example or best practices for a RBAC system with two parameters. Rather than simply having a user associated with a role, and that role associated with a group of permissions; a user can be associated with a role “for a specific…

access-control rbac abac role-based-access-control

asked Jan 14 '14 at 10:17

jcropp

1,236
2
10
29

votes

1 answer

Yii complex authorization

I'm working with YII framework. Let's say we have: VideoController PhotoController ContentController CategoryController What I need is to create user access control system based on controller group privileges. I mean, lets say, user named john…

php yii authorization rbac

asked Jan 05 '14 at 22:43

demonoid

votes

2 answers

How to prevent unauthorized users from specific actions by assigning a role to them?

I am developing a web application by Yii php framework. In this application, I uses Right module for the role management of it. I define some roles and assign proper operation and tasks to them. I did it via the Right module UI and finally when each…

php yii rbac rights

asked Dec 09 '13 at 16:24

ghedas

votes

0 answers

yii rights extension rights.php

I am trying to install yii rights and followed what the documentation says but it shows an error "include(Rights.php): failed to open stream: No such file or directory" it is there... the extension is under protected/modules/rights and rights.php is…

yii rbac

asked Dec 04 '13 at 18:51

jaime

votes

1 answer

Access Control List (ACL) for specific object

I would like to use a ACL system with LARAVEL framework. I understand that I can control the rights to resources such as the entity "Comment". My "Moderator" role could "delete", "edit" any comment. However, how can I manage the rights for a…

php object laravel acl rbac

asked Nov 06 '13 at 09:54

Bastien D

1,395
2
14
26

votes

1 answer

Getting An Error When Yii Tries To Read The User Role

I'am a new in Yii and I'm trying to do a RBAC control in my web application. I write an authorization and registration pages and everything working perfect. But when I trying to read current user's role using Yii::app()->user->role I'm getting an…

php web yii role rbac

asked Oct 17 '13 at 17:20

Tequila

votes

1 answer

Parse.com Role Base access not working

I am experiencing problems with accessing an object i created with role ACL. I created the object like this var Enquiry = Parse.Object.extend("Enquiry"); var enquiry = new Enquiry(); enquiry.set("first", firstName); enquiry.set("last",…

parse-platform role rbac

asked Oct 03 '13 at 19:42

Raghvendra Singh

1,775
4
26
53

votes

1 answer

"CDbAuthManager.AuthAssignment" is read only

I just uploaded my website to the cloud. It was working fine on localhost. But it gives me this error in views containing RBAC. I'm not sure why (see code). I tried changing the model permissions from 644 to 777 for AuthAssignment model to see if…

yii rbac

asked Oct 02 '13 at 09:56

marooned

votes

1 answer

How to access operations for a particular role from database in Yii?

I am trying to develop a real-time enterprise application which has rich Role Based Access Control features so i chosen Yii, which is rich in RBAC Support. I have a use case where operations(Features) may differ with each users. A particular user…

php yii roles rbac

asked Sep 26 '13 at 09:17

Raju.allen

votes

1 answer

RBAC for openstack via http verbs proxy

I'm currently working on a project based on openstack. In the project I would like to extend the openstack REST API with some RBAC (Role Based Access Control) mechanism. But what is the best way? I don't want to touch all the openstack code and by…

authorization openstack rbac

asked Jul 30 '13 at 15:30

Jan Wilhelm

votes

1 answer

RBAC Implementation

In the book "Agile web applications with Yii 1.1 and PHP5 the RBAC is implemented though authassignment and a bizrule. This should support the possibility of granting users with different roles in each project. but whenever a user is assigned a…

yii rbac

asked Jun 16 '13 at 18:06

user2491251

Prev 1 2 3

…

73 74 Next