Yii Framework Forum: Security Question - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Security Question Building Blog Tutorial Rate Topic: -----

#1 User is offline   frocco 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 227
  • Joined: 17-February 10

Posted 20 July 2010 - 10:48 AM

Hello,

I am on page http://www.yiiframew.../prototype.auth

I can successfully login to my mysql database users table.

However, when I try and create a new user, I am not authorized.
I do not see from the example, how to fix this.

Thanks
Regards,

Frank
0

#2 User is offline   zaccaria 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 2,232
  • Joined: 04-October 09
  • Location:Moscow

Posted 21 July 2010 - 02:02 AM

Edit public function accessRules() in your controller
0

#3 User is offline   frocco 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 227
  • Joined: 17-February 10

Posted 21 July 2010 - 07:02 AM

View Postzaccaria, on 21 July 2010 - 02:02 AM, said:

Edit public function accessRules() in your controller

Do you have an example?
Regards,

Frank
0

#4 User is offline   zaccaria 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 2,232
  • Joined: 04-October 09
  • Location:Moscow

Posted 21 July 2010 - 08:49 AM

Post the function rules of the controller that is not working, I will explain you how to fix
0

#5 User is offline   frocco 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 227
  • Joined: 17-February 10

Posted 21 July 2010 - 09:47 AM

/**
	 * @return array action filters
	 */
	public function filters()
	{
		return array(
			'accessControl', // perform access control for CRUD operations
		);
	}

	/**
	 * Specifies the access control rules.
	 * This method is used by the 'accessControl' filter.
	 * @return array access control rules
	 */
	public function accessRules()
	{
		return array(
			array('allow',  // allow all users to perform 'index' and 'view' actions
				'actions'=>array('index','view'),
				'users'=>array('*'),
			),
			array('allow', // allow authenticated user to perform 'create' and 'update' actions
				'actions'=>array('create','update'),
				'users'=>array('@'),
			),
			array('allow', // allow admin user to perform 'admin' and 'delete' actions
				'actions'=>array('admin','delete'),
				'users'=>array('admin'),
			),
			array('deny',  // deny all users
				'users'=>array('*'),
			),
		);
	}

Regards,

Frank
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users