Adding A Filter (Chapter 5, Page ~ 98)

Hello people,

I’m trying to follow the book (for the trackstar application), and i’m stuck in a part where we need to add a filter to the project.

According to the book, i should get a "403 error", however i am getting a 400…

Below is my IssueController pasted, please tell me if i’m missing something…

Many thanks!


<?php


class IssueController extends Controller

{

	/**

	 * @var string the default layout for the views. Defaults to '//layouts/column2', meaning

	 * using two-column layout. See 'protected/views/layouts/column2.php'.

	 */

	public $layout='//layouts/column2';


	private $_project = null;


	protected function loadProject($projects)

	{

		if($this->_project===null)

		{

			$this->_project=Project::model()->findByPk($projectId);

			if($this->_project===null)

			{

				throw new CHttpException(404, 'The requested project does not exist');

			}

		}

		return $this->_project;

	}


	


	/**

	 * @return array action filters

	 */

	public function filters()

	{

		return array(

			'accessControl', // perform access control for CRUD operations

			'postOnly + create', // we only allow deletion via POST request

		);

	}


	/**

	 * Specifies the access control rules.

	 * This method is used by the 'accessControl' filter.

	 * @return array access control rules

	 */

	public function accessRules()

	{

		return array(

			array('allow',  // allow all users to perform 'index' and 'view' actions

				'actions'=>array('index','view'),

				'users'=>array('*'),

			),

			array('allow', // allow authenticated user to perform 'create' and 'update' actions

				'actions'=>array('create','update'),

				'users'=>array('@'),

			),

			array('allow', // allow admin user to perform 'admin' and 'delete' actions

				'actions'=>array('admin','delete'),

				'users'=>array('admin'),

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}


	/**

	 * Displays a particular model.

	 * @param integer $id the ID of the model to be displayed

	 */

	public function actionView($id)

	{

		$this->render('view',array(

			'model'=>$this->loadModel($id),

		));

	}


	/**

	 * Creates a new model.

	 * If creation is successful, the browser will be redirected to the 'view' page.

	 */

	public function actionCreate()

	{

		$model=new Issue;


		// Uncomment the following line if AJAX validation is needed

		// $this->performAjaxValidation($model);


		if(isset($_POST['Issue']))

		{

			$model->attributes=$_POST['Issue'];

			if($model->save())

				$this->redirect(array('view','id'=>$model->id));

		}


		$this->render('create',array(

			'model'=>$model,

		));

	}


	/**

	 * Updates a particular model.

	 * If update is successful, the browser will be redirected to the 'view' page.

	 * @param integer $id the ID of the model to be updated

	 */

	public function actionUpdate($id)

	{

		$model=$this->loadModel($id);


		// Uncomment the following line if AJAX validation is needed

		// $this->performAjaxValidation($model);


		if(isset($_POST['Issue']))

		{

			$model->attributes=$_POST['Issue'];

			if($model->save())

				$this->redirect(array('view','id'=>$model->id));

		}


		$this->render('update',array(

			'model'=>$model,

		));

	}


	/**

	 * Deletes a particular model.

	 * If deletion is successful, the browser will be redirected to the 'admin' page.

	 * @param integer $id the ID of the model to be deleted

	 */

	public function actionDelete($id)

	{

		$this->loadModel($id)->delete();


		// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser

		if(!isset($_GET['ajax']))

			$this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin'));

	}


	/**

	 * Lists all models.

	 */

	public function actionIndex()

	{

		$dataProvider=new CActiveDataProvider('Issue');

		$this->render('index',array(

			'dataProvider'=>$dataProvider,

		));

	}


	/**

	 * Manages all models.

	 */

	public function actionAdmin()

	{

		$model=new Issue('search');

		$model->unsetAttributes();  // clear any default values

		if(isset($_GET['Issue']))

			$model->attributes=$_GET['Issue'];


		$this->render('admin',array(

			'model'=>$model,

		));

	}


	/**

	 * Returns the data model based on the primary key given in the GET variable.

	 * If the data model is not found, an HTTP exception will be raised.

	 * @param integer $id the ID of the model to be loaded

	 * @return Issue the loaded model

	 * @throws CHttpException

	 */

	public function loadModel($id)

	{

		$model=Issue::model()->findByPk($id);

		if($model===null)

			throw new CHttpException(404,'The requested page does not exist.');

		return $model;

	}


	/**

	 * Performs the AJAX validation.

	 * @param Issue $model the model to be validated

	 */

	protected function performAjaxValidation($model)

	{

		if(isset($_POST['ajax']) && $_POST['ajax']==='issue-form')

		{

			echo CActiveForm::validate($model);

			Yii::app()->end();

		}

	}


	public function filterProjectContext($filterChain)

	{

		if(isset($_GET['pid']))

			$this->loadProject($_GET['pid']);

		else

			throw new CHttpException(403, 'Must specify a project before specifying this action');

		$filerChain->run();

	}


	

}

If this is pasted - do you know you have got here $filerChain->run(); instead of $filterChain->run(); ?

Hello, thank you for catching another error. No, the code was not copy/pasted - and hence the typo…

I’m still trying to figure out, why is the “403 error” not displaying

…could someone help me out? I’m really stuck bad here.

Thanks :)

You didn’t apply the filter (filterProjectContext).

add ‘profectContext’ //apply filter here!

inside public function filters()

What I found is that 404 error is not due to loadProject and filterProjectContext functions, its due to getUserOption function which has to populate owner and requester dropdown in issue creation form, because user table is inaccessible and I am still trying to figure out how to get it right?