Accessrules()

Yii 1.1 General Discussion
1

Hey guys!

In one of my controllers, i’m trying to redirect the user instead of displaying the default 403 error (Error 403: You are not authorized to perform this action.) that shows when a rule fails on the accessRules(). For that i’m using the deniedCallback but for some reason it’s not working!




...

return array(

    array('allow', // allow anonymous user to perform 'login' and 'register' actions

        'actions' => array('login', 'register'),

        'users' => array('?'),

        'deniedCallback' => function() { $this->redirect(Yii::app()->homeUrl); }

    ),                    

);

...

Any clue what’s going on?

2

I guess that because this is an “allow” rule rather than a “deny” rule that the deniedCallback is never being called. A user can’t be denied by this rule, they can either be allowed access or evaluation will continue with the next rule in the chain.

Try applying the deniedCallback on a deny rule further down.

3

Oh damn… you’re totally right Keith, i was calling on the wrong place! Applying the callback on a deny rule work perfectly.

Here’s the accessRules()




public function accessRules()

{

                return array(

                    array('allow', // allow anonymous user to perform 'login' and 'register' actions

                        'actions' => array('login', 'register'),

                        'users' => array('?'),                        

                    ),

                    array('allow', // allow authenticated user to perform 'logout' action

                        'actions' => array('logout'),

                        'users' => array('@'),

                    ),

                    array('deny', // deny all users

                        'users' => array('*'),

                        'deniedCallback' => function() { $this->redirect(Yii::app()->homeUrl); }

                    ),

                );

}

Ty for the tip Keith!