Access Rules Expression

Yii 1.1 General Discussion
1

hi there.

i’ve follow this implementation http://www.yiiframework.com/wiki/356/how-to-create-front-and-admin-side-login-form/

then set this is the rules


 public function accessRules() {

        return array(

            array('allow', // allow all users to perform 'index' and 'view' actions

                'actions' => array('index', 'view', 'dynamicTipo','dynamicTipoVenda','dynamicTipoArrenda', 'dynamicLocalidade','dynamicLocalidadeArrenda','dynamicLocalidadeVenda', 'search'),

                'users' => array('*'),

            ),

            array('allow', // allow authenticated user to perform 'create' and 'update' actions

                'actions' => array('create', 'update', 'admin', 'uploadcasaimages', 'uploadimg', 'MostraImages', 'Sesschange'),

                'users' => array('@'),

            ),

            array('allow', // allow admin user to perform 'admin' and 'delete' actions

                'actions' => array('admin', 'delete', 'update'),

                'users' => array('leoneldomingos@sapo.pt'),

            ),

            array('deny', // deny all users

                'users' => array('*'),

            ),

          

            array('deny',

                'actions' => array('update', 'index', 'view', 'create','delete'),

                'expression' => '$_GET[\'id\'] !== Yii::app()->user->id ',

                'expression' => "Yii::app()->user->name !==  'leoneldomingos@sapo.pt'",

                'expression' => "Yii::app()->user->isAdmin !==  'Back'",

                'message' => "Não Autorizado!",

            ),

            

        );

    }



 public function authenticate()

    {

        

       

        //$users=array(

            // username => password

            //'demo'=>'demo',

            //'admin'=>'admin',

        //);

if($this->userType=='Back') // This is front login

        

    {

        $user = Proprietario::model()->findByAttributes( array( 'email' => $this->username,'activo'=>1));

        if ($user===null) { // No user was found!

            $this->errorCode=self::ERROR_USERNAME_INVALID;

        }

        // $user->Password refers to the "password" column name from the database

        else if($user->senha !== $this->password)

        {   

            $this->errorCode=self::ERROR_PASSWORD_INVALID;

        }

        else { // User/pass match

            $this->errorCode=self::ERROR_NONE;

            $this->_id = $user->propid;

            $this->setState('isAdmin','Back');

        }

        

               

        return !$this->errorCode;

    }

    

    if($this->userType=='Front') // This is front login

        

    {

        $user = Cliente::model()->findByAttributes( array( 'email' => $this->username,'activo'=>1));

        if ($user===null) { // No user was found!

            $this->errorCode=self::ERROR_USERNAME_INVALID;

        }

        // $user->Password refers to the "password" column name from the database

        else if($user->senha !== $this->password)

        {   

            $this->errorCode=self::ERROR_PASSWORD_INVALID;

        }

        else { // User/pass match

            $this->errorCode=self::ERROR_NONE;

            $this->_id = $user->clienteid;

           $this->setState('isAdmin','Front');

        }

        

               

        return !$this->errorCode;

    }


}

but rules don’t work

help please

2

Maybe you should try like this


            array('deny',

                'actions' => array('update', 'index', 'view', 'create','delete'),

                'expression' => "( $_GET['id'] !== Yii::app()->user->id ) || ( Yii::app()->user->name !==  'leoneldomingos@sapo.pt' ) || ( Yii::app()->user->isAdmin !==  'Back' )",

                'message' => "Não Autorizado!",

            ),
3

thanks