Throw 404 error on "permission denied" by accessRules

narkomanC · April 26, 2011, 11:23am

I have accessRules defined in my AdminController


  

public function accessRules()

     {

                

         return array(

                array('allow',

                    'actions'=>array('dashboard','manage'),

                    'users'=>array('admin')

                    'ips'=>array('127.0.0.1'),

                ...

                # All users

                array('deny','users'=>array('*')), //all actions deny from all users by default

         );

     }

and i want to throw "404 - Page not found" error if ips dont have such IP.

narkomanC · April 27, 2011, 2:31pm

bump

sorry, cant find if solution is in documentation… (bow)

mikl · April 28, 2011, 7:12am

403 is the right error code in this situation. If you want something different, you need to extend CAccessControlFilter and override the accessDenied() method there. Then you have to use your custom filter class instead. To do so you can override filterAccessControl() in your base controller.

narkomanC · April 28, 2011, 10:33am

thanks, now i understand how to do that, but one more question. How can i say to yii to use my

AccessControlFilter not his CAccessControlFilter ?

I tried this in my config/main.php without suceess




..

'components' => array(

  ...

  'accessControl'=> array(

     'class'=>'AccessControlFilter ',

  ),

  ...

}

And couldn’t find anything like “access control” here http://www.yiiframework.com/doc/api/1.1/CApplication

mikl · April 28, 2011, 10:37am

Please read again what i wrote about overriding filterAccessControl above.

narkomanC · April 28, 2011, 10:41am

ok, sorry. i understood. smth like this in my base Controller




	function filterAccessControl($filterChain) {

		$rules = $this->accessRules();

	 

		$filter = new MyAccessControlFilter;

		$filter->setRules( $rules );

		$filter->filter($filterChain);		

	}

thanks