We Keep Coding

How to define a user with SELECT privileges with puppet?

I want to create a user in postgres who can only made SELECT in all the tables of the current database.
How can specify ALL tables in puppet?
Here an extract of my puppet file:
...
postgresql::server::database_grant { 'PnBP':
privilege => 'CREATE',
db => 'db',
role => 'role',
}
postgresql::server::table_grant { 'SELECT':
privilege => 'SELECT',
table => 'ALL',
db => 'db',
role => 'role',
}
...
But when I specify the word ALL it doesn't work.
Here the error:
Error: /Stage[main]/Main/Node[default]/Postgresql::Server::Table_grant[PnBP]/Postgresql::Server::Grant[table:PnBP]/Postgresql_psql[grant:table:PnBP]: Could not evaluate: Error evaluating 'unless' clause, returned pid 30443 exit 1: 'ERROR: relation "all" does not exist
'
I check the doc, but it doesn't specify how to apply the privileges for all the tables.
table : Specifies the table to which you are granting access.
postgresql::server::table_grant

The Puppet documentation for Postgresql describes a postgresql::server::grant option that looks more flexible than the table_grant which assumes a single table.
Looks to be something like:
postgresql::server::grant{ 'SELECT':
object_type => 'ALL TABLES IN SCHEMA',
object_name => 'public',
privilege => 'SELECT',
db => 'db',
role => 'role',
}
https://github.com/puppetlabs/puppetlabs-postgresql#postgresqlservergrant

RBAC tables in yii2

How to create permissions, roles and rules in yii2 using gii?
How to assign roles in yii2?
How to implement all these using below 4 tables?
auth_item
auth_item_child
auth_assignment
auth_rule
Consider the case:
There are two users Admin and FieldOfficer:
I have SHGProfile CRUD application.
FieldOfficer can access only create and view actions in SHGProfile.
Whereas Admin can access all create, view, update and delete actions.
Here Roles are Admin and FieldOfficer.
Permissions are createGroup, viewGroup, updateGroup, and deleteGroup
Here in which table we need to create Roles and Permissions and how to assign it to user?

I will explain here which tables contains role and permissions and how to assign permissions to user :
Insert your all roles in auth_item table i.e Admin , FieldOfficer , createGroup , viewGroup , updateGroup , deleteGroup.
Assign createGroup, viewGroup, updateGroup, and deleteGroup to Admin role in auth_item_child table.
Assign createGroup, viewGroup to FieldOfficer role in auth_item_child table.
Assign permission to user in auth_assignment table with role id and user id . Assign only parent role like Admin or FieldOfficer.
Now in your controller use AccessControl for give access to logged in user as per their role
public function behaviors()
{
return [
'access' => [
'class' => \yii\filters\AccessControl::className(),
'only' => ['create', 'view' , 'update' , 'delete'],
'rules' => [
// allow all actions to Admin role users
[
'allow' => true,
'actions' => ['create', 'view' , 'update' , 'delete'],
'roles' => ['Admin'],
],
// allow create , view actions to FieldOfficer role users
[
'allow' => true,
'actions' => ['create', 'view'],
'roles' => ['FieldOfficer'],
],
// everything else is denied
],
],
];
}

CakePHP 3.0 - Compare Database Password with the old password while changing password

I am working on CakePHP 3.0 and I would like to compare the database password with the old password entered in the form in "Change Password" functionality. But I am not able to do so since the password is hashed and the hashed password is different every time even if we use the same password.
Please help me in this.
Thanks in advance,
Melee

I would do this in the validator of your UsersTable.
src/Model/Table/UsersTable.php
$validator
->notEmpty('current_password')
->add('current_password', 'custom', [
'rule' =>
function($value, $context) {
$query = $this->find()
->where([
'id' => $context['data']['id']
])
->first();
$data = $query->toArray();
return (new DefaultPasswordHasher)->check($value, $data['password']);
},
'message' => 'Current password is incorrect!'
]);
Custom validation rules

Adding new fields to Admin User Info in magento

By default when you try to add a new User in magento, it accepts only the following fields:
Username, FirstName, LastName, Email, New Password and Password Confirmation.
I want to add some more field here, e.g. About Me, PhoneNumber, etc where we will add additional information about this role specific users we add to magento.
Has anyone already done this? How should I go about doing this?
I know additional fields will need to be created in the database. The adminhtml userinfo.phtml doesn't mention fields like Username, FirstName etc, so where it is picking it up from?
Please advice.
Thanks,
Neet

You can start with following tutorial to create registration field
http://www.magentocommerce.com/wiki/5_-_modules_and_development/customers_and_accounts/registration_fields

a) Adding new fields to Admin User Info in magento
b) Adding new fields to Admin User Info in Magento
You will need to add a column to the admin_user table. Make a table with the following code:
<?php
$installer->getConnection()->addColumn($installer->getTable('admin/user'),
'location', array(
'type' => Varien_Db_Ddl_Table::TYPE_TEXT,
'length' => 256,
'nullable' => true,
'default' => null
));
?>
Then, if you want to add/edit this field from the backend you need to
rewrite the method Mage_Adminhtml_Block_System_Account_Edit_Form::_prepareForm and add a new
element in there:
<?php
$fieldset->addField('location', 'select', array(
'name' => 'location',
'label' => Mage::helper('adminhtml')->__('Location'),
'id' => 'location',
'title' => Mage::helper('adminhtml')->__('Location'),
'class' => 'input-select',
'style' => 'width: 80px',
'options' => array('1' =>
Mage::helper('adminhtml')->__('Russia'), '0' =>
Mage::helper('adminhtml')->__('India')),
));
?>
Clear the cache and run the code. You can add new fields to Admin User Info in Magento.

Lastest news for classes zfcuser, bjyauthorize and orm

I am working with zfcuser, zfcuser-doctrine-orm and bjyauthorize but I'm not sure on how to handle all the configurations. I have setted
return array(
'bjyauthorize' => array(
// default role for unauthenticated users
'default_role' => 'guest',
// default role for authenticated users (if using the
// 'BjyAuthorize\Provider\Identity\AuthenticationIdentityProvider' identity provider)
'authenticated_role' => 'user',
// identity provider service name
'identity_provider' => 'BjyAuthorize\Provider\Identity\AuthenticationDoctrineEntity',
// Role providers to be used to load all available roles into Zend\Permissions\Acl\Acl
// Keys are the provider service names, values are the options to be passed to the provider
'role_providers' => array(
/* here, 'guest' and 'user are defined as top-level roles, with
* 'admin' inheriting from user
*/
'BjyAuthorize\Provider\Role\DoctrineEntity' => array(
'role_entity_class' => 'Application\Entity\Role',
),
[...]
(I am using BjyAuthorize\Provider\Role\DoctrineEntity as suggested by #ocramius on Add BjyAuthorize Roles (using ZfcUser and Doctrine))
But "BjyAuthorize\Provider\Role\DoctrineEntity" does not exists in the module and it's not in the factories. I tried to use:
'BjyAuthorize\Provider\Role\DoctrineEntity' => 'BjyAuthorize\Service\DoctrineEntityRoleProviderFactory',
But it does not work:
Fatal error: Uncaught exception 'Zend\ServiceManager\Exception\ServiceNotCreatedException' with message 'While attempting to create bjyauthorizeproviderroledoctrineentity(alias: BjyAuthorize\Provider\Role\DoctrineEntity) an invalid factory was registered for this instance type.' in D:\wamp\www\vidum\src\vendor\zendframework\zendframework\library\Zend\ServiceManager\ServiceManager.php on line 860
Does anyone know which is the class for this factory?

The correct class to hook up a Doctrine role provider is
BjyAuthorize\Provider\Role\ObjectRepositoryProvider
You can see an example setup in the docs.