0
votes

I installed ZfcRbac instead of BjyAuthorize. Toolbar of ZendDeveloperTools is partially working. I cannot find a reason for the following warning. What is missing in my setup ?

  1. Warning: Invalid argument supplied for foreach() in C:\dev\xampp\htdocs\OnlineFieldEvaluation\vendor\zf-commons\zfc-rbac\view\zend-developer-tools\toolbar\zfc-rbac.phtml on line 94

  2. Notice: Undefined index: guards in C:\dev\xampp\htdocs\OnlineFieldEvaluation\vendor\zf-commons\zfc-rbac\view\zend-developer-tools\toolbar\zfc-rbac.phtml on line 38

  3. Guest role
    ( ! ) Notice: Undefined index: options in C:\dev\xampp\htdocs\OnlineFieldEvaluation\vendor\zf-commons\zfc-rbac\view\zend-developer-tools\toolbar\zfc-rbac.phtml on line 19

enter image description here

enter image description here

enter image description here

EDIT 1: This part of my changes related to ZfcRbac which broke ZendDeveloperTools:

zfc_rbac.global.php

<?php
/*
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 * This software consists of voluntary contributions made by many individuals
 * and is licensed under the MIT license.
 */
use ZfcRbac\Guard\GuardInterface;
/**
 * Copy-paste this file to your config/autoload folder (don't forget to remove the .dist extension!)
 */
return [
    'zfc_rbac' => [
        /**
         * Key that is used to fetch the identity provider
         *
         * Please note that when an identity is found, it MUST implements the ZfcRbac\Identity\IdentityProviderInterface
         * interface, otherwise it will throw an exception.
         */
        'identity_provider' => 'ZfcRbac\Identity\AuthenticationIdentityProvider',
//        'identity_provider' => 'Application\Entity\Systemuser',
        /**
         * Set the guest role
         *
         * This role is used by the authorization service when the authentication service returns no identity
         */
        'guest_role' => 'guest',
        /**
         * Set the guards
         *
         * You must comply with the various options of guards. The format must be of the following format:
         *
         *      'guards' => [
         *          'ZfcRbac\Guard\RouteGuard' => [
         *              // options
         *          ]
         *      ]
         */
        // 'guards' => [],
        'guards' => [
            'ZfcRbac\Guard\RouteGuard' => [
                'zfcuser/login' => ['guest'],
                'zfcuser' => ['guest'],
                'home' =>  ['student'],

            ],


        ],
        /**
         * As soon as one rule for either route or controller is specified, a guard will be automatically
         * created and will start to hook into the MVC loop.
         *
         * If the protection policy is set to DENY, then any route/controller will be denied by
         * default UNLESS it is explicitly added as a rule. On the other hand, if it is set to ALLOW, then
         * not specified route/controller will be implicitly approved.
         *
         * DENY is the most secure way, but it is more work for the developer
         */
        'protection_policy' => \ZfcRbac\Guard\GuardInterface::POLICY_DENY,
        /**
         * Configuration for role provider
         *
         * It must be an array that contains configuration for the role provider. The provider config
         * must follow the following format:
         *
         *      'ZfcRbac\Role\InMemoryRoleProvider' => [
         *          'role1' => [
         *              'children'    => ['children1', 'children2'], // OPTIONAL
         *              'permissions' => ['edit', 'read'] // OPTIONAL
         *          ]
         *      ]
         *
         * Supported options depend of the role provider, so please refer to the official documentation
         */
//        'role_provider' => [],

        'role_provider' => [

            'ZfcRbac\Role\ObjectRepositoryRoleProvider' => [
                'object_manager' => 'doctrine.entitymanager.orm_default', // alias for doctrine ObjectManager
                'class_name' => 'Application\Entity\MyHierarchicalRole',
                'role_name_property' => 'name'
            ],

        ],

        /**
         * Configure the unauthorized strategy. It is used to render a template whenever a user is unauthorized
         */
        'unauthorized_strategy' => [
            /**
             * Set the template name to render
             */

            'template' => 'error/no-auth'
        ],

        /**
         * Configure the redirect strategy. It is used to redirect the user to another route when a user is
         * unauthorized
         */
        'redirect_strategy' => [
            /**
             * Enable redirection when the user is connected
             */
             'redirect_when_connected' => true,

            /**
             * Set the route to redirect when user is connected (of course, it must exist!)
             */
            'redirect_to_route_connected' => 'zfcuser',

            /**
             * Set the route to redirect when user is disconnected (of course, it must exist!)
             */
            'redirect_to_route_disconnected' => 'zfcuser/login',

            /**
             * If a user is unauthorized and redirected to another route (login, for instance), should we
             * append the previous URI (the one that was unauthorized) in the query params?
             */
             'append_previous_uri' => true,

            /**
             * If append_previous_uri option is set to true, this option set the query key to use when
             * the previous uri is appended
             */
             'previous_uri_query_key' => 'redirectTo'
        ],

        /**
         * Various plugin managers for guards and role providers. Each of them must follow a common
         * plugin manager config format, and can be used to create your custom objects
         */
        // 'guard_manager'               => [],
        // 'role_provider_manager'       => []
    ]
];

This my zdt.local.php :

<?php
return array(
    'zenddevelopertools' => array(
         /**
          * General Profiler settings
          */
        'profiler' => array(
            /**
             * Enables or disables the profiler.
             *
             * Expects: bool
             * Default: true
             */
            'enabled' => true,

            /**
             * Enables or disables the strict mode. If the strict mode is
             * enabled, any error will throw an exception, otherwise all
             * errors will be added to the report (and shown in the toolbar).
             *
             * Expects: bool
             * Default: true
             */
            'strict' => true,

            /**
             * If enabled, the profiler tries to flush the content before the it
             * starts collecting data. This option will be ignored if the Toolbar
             * is enabled.
             *
             * Note: The flush listener listens to the MvcEvent::EVENT_FINISH event
             *       with a priority of -9400. You have to disable this function if
             *       you wish to modify the output with a lower priority.
             *
             * Expects: bool
             * Default: false
             */
            'flush_early' => false,

            /**
             * The cache directory is used in the version check and for every storage
             * type that writes to the disk.
             *
             * Note: The default value assumes that the current working directory is the
             *       application root.
             *
             * Expects: string
             * Default: 'data/cache'
             */
            'cache_dir' => 'data/cache',

            /**
             * If a matches is defined, the profiler will be disabled if the
             * request does not match the pattern.
             *
             * Example: 'matcher' => array('ip' => '127.0.0.1')
             *          OR
             *          'matcher' => array('url' => array('path' => '/admin')
             *
             * Note: The matcher is not implemented yet!
             */
            'matcher' => array(),

            /**
             * Contains a list with all collector the profiler should run.
             * Zend Developer Tools ships with 'db' (Zend\Db), 'time', 'event', 'memory',
             * 'exception', 'request' and 'mail' (Zend\Mail). If you wish to disable a default
             * collector, simply set the value to null or false.
             *
             * Example: 'collectors' => array('db' => null)
             *
             * Expects: array
             */
            'collectors' => array(),
        ),
         /**
          * General Toolbar settings
          */
        'toolbar' => array(
            /**
             * Enables or disables the Toolbar.
             *
             * Expects: bool
             * Default: false
             */
            'enabled' => true,

            /**
             * If enabled, every empty collector will be hidden.
             *
             * Expects: bool
             * Default: false
             */
            'auto_hide' => false,

            /**
             * The Toolbar position.
             *
             * Expects: string ('bottom' or 'top')
             * Default: bottom
             */
            'position' => 'bottom',

            /**
             * If enabled, the Toolbar will check if your current Zend Framework version
             * is up-to-date.
             *
             * Note: The check will only occur once every hour.
             *
             * Expects: bool
             * Default: false
             */
            'version_check' => false,

            /**
             * Contains a list with all collector toolbar templates. The name
             * of the array key must be same as the name of the collector.
             *             *
             * Example: 'profiler' => array(
             *              'collectors' => array(
             *                  // My_Collector_Example::getName() -> mycollector
             *                  'MyCollector' => 'My_Collector_Example',
             *              )
             *          ),
             *          'toolbar' => array(
             *              'entries' => array(
             *                  'mycollector' => 'example/toolbar/my-collector',
             *              )
             *          ),
             *
             * Expects: array
             */
            'entries' => array(),
        ),
    ),
);
1
Did you configiured your module properly following the module's configuration ? github.com/ZF-Commons/zfc-rbac/tree/master/docsGreco Jonathan
Probably, I did not, but I cannot understand where I missed anything.vlr

1 Answers

2
votes

This issue has started after this commit:

https://github.com/zendframework/ZendDeveloperTools/commit/d3432681aa32177a741ad23604a40af9ad454acb

However, there are a fix waiting to be merge:

https://github.com/ZF-Commons/zfc-rbac/pull/297

In the same pull request there are a temporary fix:

I don't think this has been fixed yet, so as a temporary solution I have made the following changes: In ./module/Application/config/module.config.php:

'view_manager' => array(    'template_map' => array(
      // Temp fix until this is approved: https://github.com/ZF-Commons/zfc-rbac/pull/296
      'zend-developer-tools/toolbar/zfc-rbac' => __DIR__ . '/../view/zend-developer-tools/toolbar/zfc-rbac.phtml',     ), ),

Then copy the zfc-rbac.phtml file from the ./vendor directory into ./module/Application/view/zend-developer-tools/toolbar (note: 'Application' in the application.config.php must be loaded after 'ZfcRbac')

In the newly created zfc-rbac.phtml , modify the top few lines to look like this:

$this->collector->unserialize($this->collector->serialize()); /* @var
$collection \ZfcRbac\Collector\RbacCollector */ $collection =
$this->collector->getCollection();