Access Control Filter Check

Hi,

I have Yii setup with basic Access Control Filter. I have no plans to use the RBAC, but I can’t find a way to know whether they have access to a page or not. Let me give an example:

I have a cmenu that takes you different places.

Now if they don’t have access to that page, I don’t want to show the menu item. They will get a Access Denied page if they visit the page, which is good, but I don’t want to show the link in the first place. Is there a simple way to check if they have access to a page.

Thanks

Maybe you can instantiate [font="Courier New"]CAccessControlFilter[/font] with the array returned from [font="Courier New"]CController::accessRules()[/font] (use $this inside your layout) and then call [font="Courier New"]CAccessControlFilter::isUserAllowed($user,$controller,$action,$ip,$verb)[/font].

I have not tried though!

Well you pushed me in the right direction, but it looks like it is not going to be able to scale easily. I would need to set the rules from a different controller than I currently am in, so it doesn’t look possible.

I will have to use a different method.

Thanks for the help.

This is how they do it in the default application generated by Yiic:


$this->widget('zii.widgets.CMenu',array(

    'items'=>array(

	array('label'=>'Home', 'url'=>array('/site/index')),

	array('label'=>'About', 'url'=>array('/site/page', 'view'=>'about')),

	array('label'=>'Contact', 'url'=>array('/site/contact')),

	array('label'=>'Login', 'url'=>array('/site/login'), 'visible'=>Yii::app()->user->isGuest),

	array('label'=>'Logout ('.Yii::app()->user->name.')', 'url'=>array('/site/logout'), 'visible'=>!Yii::app()->user->isGuest)

    ),

));

Look at the login and logout urls.

It will surely sortout your problem.


$this->widget('zii.widgets.CMenu', array(

    'items'=>array(

        // Important: you need to specify url as 'controller/action',

        // not just as 'controller' even if default acion is used.

        array('label'=>'Home', 'url'=>array('site/index')),

        // 'Products' menu item will be selected no matter which tag parameter value is since it's not specified.

        array('label'=>'Products', 'url'=>array('product/index'), 'items'=>array(

            array('label'=>'New Arrivals', 'url'=>array('product/new', 'tag'=>'new')),

            array('label'=>'Most Popular', 'url'=>array('product/index', 'tag'=>'popular')),

        )),

        array('label'=>'Login', 'url'=>array('site/login'), 'visible'=>Yii::app()->user->isGuest),

    ),

));

Reference

Ok that is not what I was asking, but thanks for the replies.

Simple use case why that doesn’t solve my problem:

array(‘allow’,

‘users’=>array(’@’),

‘ip’=>array(‘10.10.0.*’),

),

It is possible to add this into the visible, but it doesn’t scale easily.

Then I would consider using RBAC rules, they’re not that hard! Cheers