Access rules for the module

r0n9.GOL · August 12, 2010, 3:55pm

How can I do this ?

accessRules doesn’t works

omko · August 12, 2010, 4:09pm

What do you mean?

omko · August 12, 2010, 4:10pm




/**

	 * @return array action filters

	 */

	public function filters()

	{

		return array(

			'accessControl', // perform access control for CRUD operations

		);

	}

	/**

	 * Specifies the access control rules.

	 * This method is used by the 'accessControl' filter.

	 * @return array access control rules

	 */

	public function accessRules()

	{

		return array(

			array('allow', // allow admin user to perform 'admin' and 'delete' actions

				'actions'=>array('admin','delete','create','update','view'),

				'users'=>UserModule::getAdmins(),

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}

All works

r0n9.GOL · August 13, 2010, 1:29pm

Thank you for replay was problem because backend url without <_m>

jim · August 15, 2010, 12:02am

omko:




/**

	 * @return array action filters

	 */

	public function filters()

	{

		return array(

			'accessControl', // perform access control for CRUD operations

		);

	}

	/**

	 * Specifies the access control rules.

	 * This method is used by the 'accessControl' filter.

	 * @return array access control rules

	 */

	public function accessRules()

	{

		return array(

			array('allow', // allow admin user to perform 'admin' and 'delete' actions

				'actions'=>array('admin','delete','create','update','view'),

				'users'=>UserModule::getAdmins(),

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}

All works

I was testing this today and if I am a guest user I was allowed to do everything. The reason it turns out is that I didn’t have a admin user in the database so UserModule::getAdmins() was returning a empty array. Is this a bug in the accessControl filter? I looked at the code for CAccessControlFilter and for any rule a empty array returns true so I guess it is by design. That does mean that if you have a allow rule you better make sure you never return a empty array or all actions will be allowed.

fiesh · January 3, 2011, 8:21pm

This too surprised me tremendously – you’d think allow’s work for the array they logically should, allow for each element. And if it’s the empty set (array), then it allows for nothing. Instead it allows for everything. This cannot really be intended?!

mmujawer · March 15, 2014, 6:27am








public function filters()

	{

		return array(

			'accessControl',

		);

	}


	/**


	 * Specifies the access control rules.

	 * This method is used by the 'accessControl' filter.

	 * @return array access control rules

	 */

	public function accessRules()

	{

		return array(

			array('allow', // allow authorized user to access 

				'actions'=>array('index','layout','title','selectLayout', 'configLayout'),

				'users'=>array('@'),

			),

			array('allow', // alow any user to access

				'actions'=>array('login','logout','error','maintenance'),

				'users'=>array('*'),	

			),

			array('deny', // deny all users

				'users'=>array('*'),

			),

		);

	}

The above function located in admin module’s controller. When I accessing index page its redirecting to login page.

But Its redirecting to main login page instead of module login page. I have used ‘@’ for authentication. So how can i redirect to module login page. what should i in place of @

phtamas · March 15, 2014, 9:27am

Set CWebUser::$loginUrl before filters are invoked:




class AdminModule extends CWebModule

{

	public function beforeControllerAction($controller, $action)

	{

     	Yii::app()->user->loginUrl = array('/route/to/admin/login/action');

     	return parent::beforeControllerAction($controller, $action);

	}

}