accessRules

saham · February 9, 2012, 3:36pm

Hi Guys

I am trying to get the user access permission from database.

I have a field call userRoler which contains an integer. Suppose I want to give create and update access to whoever logs in with userRole==3.

I dont know why the following does not work:

public function accessRules()

return array(

…

array('allow',


      'actions'=&gt;array('create','update'),


      'users'=&gt;array('@'),


      'expression'=&gt;'&#036;user-&gt;userRole===3',


  ),

…

I get the following error:

CException

Property "CWebUser.userRole" is not defined.

Any idea?

Thank you

bettor · February 9, 2012, 9:55pm

userRole is not defined within the core CWebUser class. You have to either extend the framework class and define userRole or you can set userRole to be a session variable such as

UserIdentity.php


Yii::app()->user->setState('userRole', $user->userRole);

Controller




array('allow',

'actions'=>array('create','update'),

'expression'=>'!$user->isGuest && $user->getState(\'userRole\')==3',

not tested but should work!

bettor · February 9, 2012, 9:56pm

If you decide to extend cwebuser.php read this wiki:

http://www.yiiframework.com/wiki/60/add-information-to-yii-app-user-by-extending-cwebuser

saham · February 10, 2012, 7:17pm

Thank you.It solved the problem but there was more evolved.It didnt know what $user is. So I had to define $user in LoginForm.php inside

public function login()

{

if($this->_identity->errorCode===UserIdentity::ERROR_NONE)

	{


		&#036;user=User::model()-&gt;findByAttributes(array('username'=&gt;&#036;this-&gt;username));


		Yii::app()-&gt;user-&gt;setState('userRole', &#036;user-&gt;userRole);

…

}

Then use the expression as you said

That’s what I was trying to understand.

Thank you anyway. Now I am back to learn how to record user’s last Logout date/time into the Database