Yii Framework Forum: Model Based Access - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Model Based Access Rate Topic: -----

#1 User is offline   sanguina 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 42
  • Joined: 22-July 12

Posted 02 March 2013 - 07:31 AM

I have a lessons controller, where the access rule restricts only logged in users to see the lessons.

	public function accessRules()
	{
		return array(
			array('allow',  // allow all users to perform 'index' actions
				'actions'=>array('index'),
				'users'=>array('*'),
			),
			
			array('allow', // allow authenticated user to 'view' actions
				'actions'=>array('view'),
				'users'=>array('@'),
			),
			array('allow', // allow admin user to perform 'admin' 'delete', 'create','update' actions
				'actions'=>array('admin','delete', 'create','update' ),
				'users'=>array('admin'),
			),
			array('deny',  // deny all users
				'users'=>array('*'),
			),
		);
	}



the lesson database has lesson->type which can be either a text lesson - 't' or video lesson represented by 'v'

I now want to modify the rule so that if lesson->type == 't', anyone can see it, but if lesson->type == 'v', only logged in users can see it.

How do i achieve this ?

thanks a lot for your reply
until I become certain that there is no certainty.
0

#2 User is offline   seenivasan 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 620
  • Joined: 17-June 12
  • Location:Chennai,TamilNadu,India.

Posted 02 March 2013 - 01:41 PM

Dear My Friend

The following solution is actually what you did not intend.

Anyway it would serve the purpose.

public function accessRules()
        {
                return array(
                        array('allow',  // allow all users to perform 'index' actions
                                'actions'=>array('index','view'), //BRING BACK VIEW HERE...
                                'users'=>array('*'),
                        ),
                        
                         //WE CAN COMMENTOUT THE FOLLWING RULE...
                        /*array('allow', // allow authenticated user to 'view' actions
                                'actions'=>array('view'),
                                'users'=>array('@'),
                        ),*/
                        array('allow', // allow admin user to perform 'admin' 'delete', 'create','update' actions
                                'actions'=>array('admin','delete', 'create','update' ),
                                'users'=>array('admin'),
                        ),
                        array('deny',  // deny all users
                                'users'=>array('*'),
                        ),



Then in controller.

public function actionView($id)
	{   
		$model=$this->loadModel($id);
		if(!Yii::app()->user->getIsGuest() || $model->type=='t')
			$this->render('view',array(
			'model'=>$model,
			));
		else throw new CHttpException(": You are not authorised to perform this action.");
		
	}


Regards.
1

#3 User is offline   sanguina 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 42
  • Joined: 22-July 12

Posted 02 March 2013 - 02:00 PM

you are god send.. as usual :)
worked right out of the box :)

thanks sir :)
until I become certain that there is no certainty.
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users