I want to display the pages based on the user roles [ I have created roles, operations and assigned them to users.]. Say for eg: User who is not an editor should not be able to see the edit page.
public function defaultAccessRules()
{
return array(
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update','admin','delete'),
'users'=>array('admin'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('update'),
'users'=>array('translator'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update'),
'users'=>array('content_verifier'),
),
array('deny', // deny authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update'),
'users'=>array('vendor'),
),
);
}
function beforeAction($action){
$accessRule = $action->id;
if(Yii::app()->user->checkAccess($accessRule)){
return true;
}else{
throw new CHttpException(403, 'You are not authorized to view this page');
}
}