Yii Framework Forum: Page 211, Section checking authorization level - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Page 211, Section checking authorization level problem with Yii::app()->user->checkAccess

#1 User is offline   AmeL 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 8
  • Joined: 02-February 11

Posted 03 February 2011 - 03:11 AM

Sorry, the problem is on page 212.

I am using Yii 1.1.6 r2877, and I have practiced through the book, but get stuck on page 211, in section checking authorization level.
The purpose of that section is to restrict users from gaining access to createUser.
So I tried my own way like this:

File: ProjectController.php
Action: actionAdduser()

public function actionAdduser($id)
{	
		$project = $this->loadModel($id);
		//$params=array('project'=>$project);	
		
                if(!$project->isUserInRole('owner'))
		{
			throw new CHttpException(403,'Damn You!, you are not authorized to perform this action.');
		}
	
		$form=new ProjectUserForm;
		
		// collect user input data
		if(isset($_POST['ProjectUserForm']))
		{
			$form->attributes=$_POST['ProjectUserForm'];
			$form->project = $project;
			// validate user input and set a sucessfull flassh message if valid
			if($form->validate())
			{
				Yii::app()->user->setFlash('success',$form->username . " has been added to the project." );
				$form=new ProjectUserForm;
			}
		}
		// display the add user form
		$users = User::model()->findAll();
		$usernames=array();
		foreach($users as $user)
		{
			$usernames[]=$user->username;
		}
		$form->project = $project;
		$this->render('adduser',array('model'=>$form, 'usernames'=>$usernames));
}

This works because in my table tbl_project_user_role, I have manually inserted this row:

mysql> select * from tbl_project_user_role;
+------------+---------+-------+
| project_id | user_id | role  |
+------------+---------+-------+
|          1 |       1 | owner |
+------------+---------+-------+
1 row in set (0.02 sec)


But after I tried this way, as instructed in the book, nothing works.
public function actionAdduser($id)
{	
		$project = $this->loadModel($id);
		
		/*
		if(!$project->isUserInRole('owner'))
		{
			throw new CHttpException(403,'Damn You!, you are not authorized to perform this action.');
		}
		*/
		if(!Yii::app()->user->checkAccess('createUser', array('project'=>$project)))
		{
			throw new CHttpException(403,'You are not authorized to perform this action.');
		}
		$form=new ProjectUserForm;
		
		// collect user input data
		if(isset($_POST['ProjectUserForm']))
		{
			$form->attributes=$_POST['ProjectUserForm'];
			$form->project = $project;
			// validate user input and set a sucessfull flassh message if valid
			if($form->validate())
			{
				Yii::app()->user->setFlash('success',$form->username . " has been added to the project." );
				$form=new ProjectUserForm;
			}
		}
		// display the add user form
		$users = User::model()->findAll();
		$usernames=array();
		foreach($users as $user)
		{
			$usernames[]=$user->username;
		}
		$form->project = $project;
		$this->render('adduser',array('model'=>$form, 'usernames'=>$usernames));
}


No matter which account i used to login, I always get prompted with Error 403. It looks like that I have to look into something more about Yii::app()->user->checkAccess() to make it communicate with db, but I can't find anyway to fix it.
0

#2 User is offline   AmeL 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 8
  • Joined: 02-February 11

Posted 04 February 2011 - 09:07 AM

Anyone knows why?
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users