Access rule problem

Hi everyone,

i want to make some dynamic things to accessrules function in yii’s controllers :

i want to give access to dynamic list of users to specific views, this list is imported from database.

I give an example (in controller) :




public function accessRules()

	{

            $users=array();

            $usersFromDB= Account::model()->findAll();

            foreach ($usersFromDB as $key=>$val)

            {

                    $users[]=$val->name;

            }

		return array(

			array('allow',  // allow all users to perform 'index' and 'view' actions

				'actions'=>array(),

				'users'=>array('*'),

			),

			

			array('allow', // allow admin user to perform 'admin' and 'delete' actions

				'actions'=>array('admin','delete','deleteLogo'),

				'users'=>$users,

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}



But nothing works !

i thought that when i give a list of names to access rules it will take this list, but nothing happened.

P.S : controllers are generated with Gii

At first, don’t write this code in accessRules method.

Create a dynamic property in controller, as example:




public function getusers(){

            $usersFromDB= Account::model()->findAll();

            foreach ($usersFromDB as $val)

            {

                    $users[]=$val->name;

            }

            retutn $users;

}



After that your method accessRules will work:




public function accessRules()

        {

            return array(

                        array('allow',  // allow all users to perform 'index' and 'view' actions

                                'actions'=>array(),

                                'users'=>array('*'),

                        ),

                        

                        array('allow', // allow admin user to perform 'admin' and 'delete' actions

                                'actions'=>array('admin','delete','deleteLogo'),

                                'users'=>$this->users,

                        ),

                        array('deny',  // deny all users

                                'users'=>array('*'),

                        ),

                );

        }



But if you do this to allow or deny ALL users to perform some actions, the best way to do this is ‘users’=>array(’*’), in your acces rule.

the code


 array('allow',  // allow all users to perform 'index' and 'view' actions

                                'actions'=>array(),

                                'users'=>array('*'),

                        ),



means that all user have access to all action.

That is maybe problem.

Oh, and I overlooked this bug in karim gioca’s code ;)

That’s a really bug)

you can use this for importing record from database




	public function accessRules()

	{

		$models = User::model()->findAll(array('order' => 'user_id'));

		$list = CHtml::listData($models,'user_id', 'user_name');


		return array(

			array('allow',  // allow all users to perform 'index' and 'view' actions

				'actions'=>array('index','view'),

				'users'=>array('*'),

			),

			array('allow', // allow authenticated user to perform 'create' and 'update' actions

				'actions'=>array('create','update'),

				'users'=>array('@'),

			),

			array('allow', // allow admin user to perform 'admin' and 'delete' actions

				'actions'=>array('admin','delete'),

				'users'=>$list,

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}