yilliot
(Yilliot)
August 25, 2011, 5:36am
1
hi yii,
i guess this is a stupid question… but i already search for days…
i know i can do this
public function accessRules() {
return array(
array(
'allow',
'users'=>array('admin')
),array(
'deny',
'users'=>array('?')
),
);
}
but how yii know this person is admin?!
sorry, i really found all identity webuser class… i didn’t see a related function to call during login.
setState? group or role?
please help
re1nald0
(Reinld17)
August 25, 2011, 7:46am
2
Can you describe further what you try to achieve, please? Username can be obtained with Yii::app()->user->name. I guess it is set when Yii::app()->user->login() is called. CAuthManager can be used for setting up user’s roles.
yilliot
(Yilliot)
August 25, 2011, 8:16am
3
hi, i am trying to do access control. there is a module which only login’s admin can be access. so there is roles like admin, user, finance etc.
yes, i have set the state in Yii::app()->user->group_id;
but i have no idea how the accessRules work.
yilliot
(Yilliot)
August 25, 2011, 10:11am
4
hi, i learned that for simple access control i shall use expression right?
$isAdmin = "isset(Yii::app()->user->role) && (Yii::app()->user->role==='admin')";
return array(
array(
'allow',
'actions'=>array('login','logout','signup','page','captcha','error'),
'users'=>array('?')
),array(
'allow',
'actions'=>array('login','logout','signup','page','captcha','error'),
'expression'=>$isAdmin
),array(
'deny',
'expression'=>$isAdmin,
'message'=>' you are not user'
),array(
'allow',
'users'=>array('@')
),array(
'deny',
'users'=>array('?')
),
);
arg… i just feel that my accessRules is not clean or tidy…
it is very weird…
anyway… thank you.
re1nald0
(Reinld17)
August 25, 2011, 2:22pm
5
hi, i am trying to do access control. there is a module which only login’s admin can be access. so there is roles like admin, user, finance etc.
Please note that you can utilize RBAC extensions (like Rbam, Srbac, Rights, etc.) to manage your roles more easily. Then accessRules can be setup like:
array('allow',
'actions'=>array('admin', 'view'),
'roles'=>array('Admin', 'User', 'Finance'),
),
Good luck!