How to check if user has access using accessRules()?

Yii 1.1 General Discussion
1

Hi everybody,

I created an extension (YiiSmartMenu) to autocheck permissions and show/hide any cmenu options automatically. But an additional feature requested for that extension is to be able to work when webapp is not using CAuthManager but accessRules.

I have read all documentation about CController and CAccessRulesFilter and I could not found an available way to check if a user has or not access to some action before it to be executed and I simply have no idea where to start that to implement that new feature on YiiSmartMenu. [i]I need something like checkAccess() but for accessRules filters.

[/i]

Can anyone help, please? Any help should be useful to hundreds of people using the extension.

Thanks.

2

There is this: http://www.yiiframework.com/doc/api/1.1/CController#accessRules-detail

Try a var_dump($this->accessRules()) in your view. As a matter of fact, you can test the $this->accessRules() array in your controller or whatever you like.

I don’t know if it helps.

Cheers.

3

Hi bennouna.

I was looking better into CAccessControlFilter and I found some useful methods that i could use (after instantiate it) or make my own implementation. But it would have some cost for the extension performance and that is my worry.

Please, look at the CAccessControlFilter::preFilter(). I think it should be the way. I would have to turn the accessRules array into CAccessRules objects to use that. Its implementation is:




protected function preFilter($filterChain)

{

    $app=Yii::app();

    $request=$app->getRequest();

    $user=$app->getUser();

    $verb=$request->getRequestType();

    $ip=$request->getUserHostAddress();


    foreach($this->getRules() as $rule)

    {

        if(($allow=$rule->isUserAllowed($user,$filterChain->controller,$filterChain->action,$ip,$verb))>0) // allowed

            break;

        else if($allow<0) // denied

        {

            $this->accessDenied($user,$this->resolveErrorMessage($rule));

            return false;

        }

    }


    return true;

}

What do you think?

4

Hi sidtj.

Honestly? I don’t know. I’m not an expert by any means. I’ve just seen your post and thought I’d share with you how you could access accessRules array :)

Cheers ;)