Hi,
In a book controller,
I’m trying to allow users to only view its own post and view other users who set view_mode to public.
As for edit, they could only edit their own file.
In the following code, I can’t get loadModel to work correctly, I’m not even sure if my logic is correct for the expression. I kinda felt my code is ugly:
public function accessRules()
{
$model = $this->loadModel($_GET['id']);
return array(
array('allow', // allow regular users to perform 'index' and 'view' actions
'actions'=>array('index','view','create','update','admin','delete'),
'users'=>array('@'),
'roles'=>array('2'),
'expression' => '($user->id === '.$model->author_id.
' && ('.$model->view_mode.' === '.self::MODE_PUBLIC.
' || '.$model->view_mode.' === '.self::MODE_PRIVATE.'))'.
' || ($user->id !== '.$model->author_id.
' && '.$model->view_mode.' === '.self::MODE_PUBLIC.')',
),
array('allow', // allow regular users to perform 'index' and 'view' actions
'actions'=>array('create','update','admin','delete'),
'users'=>array('@'),
'roles'=>array('2'),
'expression' => '$user->id === '.$model->author_id,
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
below is my loadModel
public function loadModel($id)
{
$model=Flowbook::model()->findByPk($id);
if($model===null)
throw new CHttpException(404,'The requested page does not exist.');
return $model;
}
If I refer to the blog tutorial I assumed that $id is just a $_GET[‘id’]
but I kept receiving
Undefined index: id
What seems to be the problem?