Im trying to implement RBAC in Yii (using the rights module).
When trying to authorize an unauthenticated user (Guest), CWebUser calls CDbAuthManager:
$access=Yii::app()->getAuthManager()->checkAccess($operation,$this->getId(),$params);
CDbAuthManager then tries to get the authassignments of the user
$assignments=$this->getAuthAssignments($userId);
The problem is, because the user is a Guest, $userId is null, and $assignments is an empty array. Therefore i can not i cannot authorize a guest user to any action (unless declaring allowedActions())
What am i doing wrong?
Make sure Guest is added to the defaultRoles in your config. Also make sure the Guest role has a bizRule which has the expression
return Yii::app()->user->isGuest