Question about filters

Yii 1.1 General Discussion
1

Hello.

I trying to write filter for "updateOwnPost". I know that easy to do it by RBAC, but…

PostController.php




public function filters()

	{

		return array(

                        'updateOwn + update', // Apply this filter only for the update action

			'accessControl', // perform access control for CRUD operations

                        

		);

	}

.......

.....

public function filterUpdateOwn($filterChain)

    {

        $id = ( !empty($_GET['Post']) ? (int) $_GET['Post'] : 0);

        $Model = Post::model()->findByPk($id);


        if( Yii::app()->user->getId() == $Model->author_id ) {

        $filterChain->removeAt(1);

        }

         $filterChain->run();

    }

Looks like everything’s good. But it doesn’t work.

Help please. Where i’m wrong ?

2

Found easy way

In action update




if ($model->author_id == Yii::app()->user->id)

{

...

..

}

else {

                    throw new CHttpException(403,'Invalid request. You are not allowed to delete this event.');

                }

But, is it right?