Using The Same Model For Site Login And For Admin Login

Hi, i use the same model to login the users and to login in admin module.

For admin i have a row where 1 = admin 0 = user.

how can i restrict users to login in the admin module where the admin row in users table is 0?

Hi

How check the access for each controller/action ?

please give us more details…

This are acces rules for default controller in admin module


public function accessRules()

	{

		return array(

			array('allow',  // allow all users to perform 'index' and 'view' actions

				'actions'=>array('index'),

				'users'=>array('@'),

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}

Like this for example:


public function accessRules() {

    return array(

        array('allow',

            'expression' => '$user->getState("isAdmin") == 1',

        ),

        array('deny',

            'users' => array('*'),

        ),

    );

}

More on that here: http://www.yiiframework.com/doc/api/1.1/CAccessRule#expression-detail

Thank you

For me worked so:


public function accessRules()

	{

		return array(

			array('allow',  // allow all users to perform 'index' and 'view' actions

				'actions'=>array('index'),

				'expression' => 'Yii::app()->user->isAdmin()',

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}

Also If you use RBAC (see http://www.yiiframework.com/wiki/328/simple-rbac/)

you could just use


 'roles'=>array('admin', 'or_whatever_role_you_want'),