Authentication for databasse users

Yii 1.1 General Discussion
1

Hi all,

   I'm new in Yii. I have one confusion that is i authenticate user from my database using their email and password and i know that user roles in db(admin, normal user, super admin). I want to know how can i set them  Yii admin like we define roles for user. Like if admin login to system he can manage all things. I'm unable to set roles.

public function accessRules()

{

	return array(


		array('allow',  // allow all users to perform 'index' and 'view' actions


			'actions'=>array('index','view'),


			'users'=>array('*'),


		),


		array('allow', // allow authenticated user to perform 'create' and 'update' actions


			'actions'=>array('create','update'),


			'users'=>array('@'),


		),


		array('allow', // allow admin user to perform 'admin' and 'delete' actions


			'actions'=>array('admin','delete'),


			'users'=>array('admin'),


		),


		array('deny',  // deny all users


			'users'=>array('*'),


		),


	);


}

I was unable to set this thing

                    array('allow', // allow admin user to perform 'admin' and 'delete' actions


			'actions'=>array('admin','delete'),


			'users'=>array('admin'),


		)

I hope you understand my question if yes please help me.

Best Regards

Ghulam Rasool

2

read this section from ‘Definitive guide’ - http://www.yiiframework.com/doc/guide/1.1/en/topics.auth

Relevant quote from the page - “users: specifies which users this rule matches. The current user’s name is used for matching.”

You will need to change your UserIdentity.php (stored in Components folder) in order to authenticate the user.

This might also be helpful - http://www.yiiframework.com/doc/blog/1.1/en/prototype.auth

3

you can use RBAC ( role base access control ) for your application.

4

Hi thanks for your replies. I just want a basic example like xyz is a user(admin) in db when this user log in to system i will set its role to admin. I shall be thankful to you if you provide me help about it. I read the documentation but i didn’t got what i need or didn’t understand it.

Thanks and Regards

Ghulam Rasool

5

You can solve your problem as I solved on customizing this function in this manner.

public function accessRules(){

	// this is defined in a parent controller function to set key on the basis of user type


            // i am using for admin, member, guest users.


            $this->accessKey(); 





	return array(


		array('allow',  // allow all users to perform 'index' and 'view' actions


			'actions'=>array('view','search','downloadFile'),


			'users'=>array('*'),


		),


		array('allow', // allow authenticated user to perform 'create' and 'update' actions


			'actions'=>array('create','update','getCategoryPositions','suggestKeywords','delete','viewJob','userJobs','disable'),


			'users'=>array($this->userMemberAllow),


		),


		array('allow', // allow admin user to perform 'admin' and 'delete' actions


			'actions'=>array('create','update','getCategoryPositions','suggestKeywords','admin','delete','viewJob','userJobs','disable'),


			'users'=>array($this->userAdminAllow),


		),


		array('deny',  // deny all users


			'users'=>array('*'),


		),


	);


}

parent controller function

public function accessKey()

{

if(Yii::app()->user->name === self::USER_ADMIN){

$this->userAdminAllow = '@';

}

else if(Yii::app()->user->name === self::USER_MEMBER)

{

$this->userMemberAllow = '@';

}

else if(Yii::app()->user->name === self::USER_GUEST)

{

$this->userGuestAllow = '*';

}

}

I am using this way.

Hope it will be helpful.