Just wondering if this is a flaw in my application. For controller access rules I use something like this:
array( 'allow',
'actions'=>array('omgWOW'),
'users'=>array('@'),
'expression'=>'in_array($user->type, AuthTypes::$internalTypes))',
)
and the same kind of thing for visible menu options:
array(
...
'visible'=>in_array(Yii::app()->user->type, AuthTypes::$clientTypes)
...
),
with the types being defined like:
class AuthTypes extends CActiveRecord
{
public static $internalTypes = array(1,2,3,10);
public static $clientTypes = array(4,7,9);
...
}
Is there any problem with this? It’s worked so far, and seems pretty scalable to me, but what do you think?