Acces Rules Depending On Model And User/rol

Yii 1.1 General Discussion
1

Hi everyone, I’m trying to use RBAC system, I’ve read a couple of tutorials but I didn’t find the answer that I was looking for…

Using this:




public function accessRules()

    {

      array('allow',

                'actions'=>array('create','update','admin','delete'),

 

                'expression'=>'Yii::app()->user->checkAccess("adminWhatever")',

                // or

                // 'roles'=>array('adminWhatever'),

 

            ),

        );

    }

I want to set where (model) this accessRule works.

Does anyone know anything?

Thanks!

2

you should try the rights or the auth extension !

and this wiki will give you a help :Simple authorization system

good luck :D

3

thanks yiqing95, someone else?

4

Hi ferminako

Could you give us an example that you want to do?

do you want to use roles in Accessrules ? post an example for that too

5

I want to use something like :




Public function accessRules()

    {

      array('allow',

                'actions'=>array('create','update','admin','delete'),

 

                'expression'=>'Yii::app()->user->checkAccess("adminWhatever")',

                // or

                // 'roles'=>array('adminWhatever'),

 

            ),

        );

    }

But setting the "scope" or models in where this user can do CRUD.

Take a look at this example, I want that the user "adminWhatever" can create,update,admin and delete with the following models:model1,model2,model3 and model4:


Public function accessRules()

    {

      array('allow',

                'actions'=>array('create','update','admin','delete'),

 

                'expression'=>'Yii::app()->user->checkAccess("adminWhatever")',

                // or

                // 'roles'=>array('adminWhatever'),

                'models'=>array('model1','model2','model3','model4'),

 

            ),

        );

    }

That’s it! it could be possible something like that?

6

Hi ferminako

I think you should re-design this part of your application

According to MVC (model - viewer - controller) you can restrict the permissions of user on model by actions not Directly in Controller’s rules.

Therefore the user can access of model through action (of controllers), so you could check the permission for each model in controller/action OR make a Controller for each model

If you have specific reason, please tell us :)

7

Thanks but I didn’t understand anything sorry …

8

http://www.yiiframework.com/wiki/250/yii-for-beginners/#hh3

http://www.yiiframework.com/doc/guide/1.1/en/basics.mvc#a-typical-workflow

In Summary for your issue, you have to create a Controller for each Model and each Controller has actions ‘create’,‘update’,‘admin’,‘delete’

Then set the appropriate permission for each above action by ‘roles’ like this

http://www.yiiframework.com/wiki/328/simple-rbac/#hh4

9

thx!!! :D