Role based login not working'

Hi
I have been following the new video (https://www.youtube.com/watch?v=CCcE-zu0awo&t=475s) by @Hyperbytes (thanks Brain, if i get this working it’s just what I was looking for). I use PHP not node but same applies

can’t seem to get it to work for some reason.

I have a table called clients (not users), in this table I have column Roles, in here I have AEC (admin, employee, client).

I have my security enforcer all setup with roles admin, employee and client using the IN and looking for A, E or C as appropriate (screenshot).

my login works, you login, it gets your id and roles, and once logged in lands you on my page called dashboard which is security resricted but set to ANY. That all works, so far so good.

I then have a page called ‘view-clients’ - this is Admin or Employee page, so, in the app-> security provider enforcer I set this to ‘Employee’ but it does not work, I am signing in Admin (A), ‘A’ is in my Roles in the client table. the page is set to redirect back to dashboard if not authorized, which is what it does

21868×1646 106 KB

31496×1340 164 KB

12920×230 25.6 KB

i just cannot work out where it’s wrong, login works, if not signed in i cannot access dashboard, my security enforcer is set to IN, I have the roles column etc etc

thanks

But if you set the permission to employee and log in with another one, then it won’t work, as it expects the employee one

but i am using the IN operator for the security provider check as per Brians video, and signing in with my account which has role AEC, so I sign in and my role has E for employee IN the role, so, it should work?

Do they all check for user being active?

If not could it be the user is not active so it’s failing?

they all do the active check, and the user is active (as in the screeshot), i also tried removing that active permission on the security provider to see if that was affecting the IN clause somehow, but same out come.

if i set the security enforcer to ‘any’ on view-clients, it is secured (cannot access if not logged in), so security works, but, i want this page to be employee or admin only not clients, so, set to employee. i am signed in as admin, but my role has the ‘E’ IN it, which is the security enforcer check

i also attach the details returned when I sign in, so i have my roles AEC

1.11214×684 36.8 KB

code from view-clients page

		"Connections/db",
		"SecurityProviders/security",
		{
			"module": "auth",
			"action": "restrict",
			"options": {"permissions":"Employeee","loginUrl":"/dashboard/index","forbiddenUrl":"/dashboard/dashboard","provider":"security"}
		}
	]
}```

I am not sure how the permissions conditions work in Security Provider, but if it’s the same as in the query buiilder, the IN operator expects an array. So try using ['A', 'E', 'C'] for the Role value in the database instead of AEC to see if it makes any difference.

This tutorial is for node only.
As a much older technology, PHP doers not support the use of the server side security enforce to manage page security, it only deals with API actions.

In PHP your page security is set here in the page properties

just tried it, made no difference (and Brian had it working in node as i have it setup) thanks

I will check this out in PHP later but will be a few hours

Hi Brian
yeah, i set it up there,i used the page-> app security enforcer. so i followed the video except i setup page security as per the screenshot you supplied , so it should work if the ‘IN’ operator work in wappler php security enforcer, i am thinking it does not, so a bug

thanks

There’s a slight confusion i see here with Permission and Roles.
Security provider uses Permissions and Permissions based access control. You can even see the word Permission used everywhere in the UI.

With permission based access control you ask what permissions are required to access the page.

So for example define your roles in the users database table like Admin = 1, Employee = 2 and Client = 3 (same like you have now AEC but with numbers)

Screenshot_271119×223 5.11 KB

Create 2 permissions levels: Read and Edit

Screenshot_22756×563 13.4 KB

For the Read permission you want to have all user roles, so you enter Role in 1,2,3, which means this permission level should be applied to all the users whose role is 1,2 or 3:

Screenshot_23756×563 13.8 KB

For the Edit permission you want to have the Admin and Employee, so you enter Role in 1,2, which means this permission level should be applied to all the users whose role is 1 or 2:

Screenshot_24756×563 13.7 KB

On the pages where you want to have access for all users, select Read permission in Security Provider Enforcer:

Screenshot_25756×563 23.9 KB

On the pages, where you want to have access for Employees and Admins, select the Edit permission:

Screenshot_26756×563 23.6 KB

This should work just fine and hope it makes sense for you.

thanks, going to read and digest lol, thanks for taking time to do that, will give it a try, thanks

yeah that makes sense, to control page level access, was just hoping, like Brian did in his video to use the same setup for the conditional regions on pages, but i will just have to have another query to get the roles, so will have one column called permissions (1,2,3) and another called roles with aec, as some conditions on pages will be multiple ‘if’ statements instead of an ‘in’ , but will try to get page permissons setup first as you have suggested. shame it didnt work like Brian got it working on node, as was super simple in theory.

thanks

It’s a bit different how the page protection works on node and other server models. But it’s perfectly fine to just return the user level via a db query and use conditional regions based on this.

Just to clarify, there is an error in my video (sorry everyone, that will teach me not to hurry things and not test properly) and i will be releasing version 2 today

Video has been updated with an entire new approach as the logic in V1 was badly flawed.