letscode
(Janwiebedehaan)
1
Hello all,
I'm developing a Yii-app with simple usermanagement.
I only have 2 groups of users: admins and users.
In my table Users a field 'UsrIsAdmin' with value 0 for user and 1 for admin.
In my accessrules function in my controller I want to check if a user is admin and can perform this action, or not.
I think I don't need RABC for this because I have only 2 groups.
What do I need to do to get this working?
qiang
(Qiang Xue)
2
You can use 'expression' option in your access rules.
letscode
(Janwiebedehaan)
3
Thanks for you anwer, I think I am doing wrong something.
I have the following code.
Only users with $user->isAdmin === 0 may have access to action createUser.
I have isAdmin = 1 and I can access this action.
What is my mistake?
public function accessRules()
{
return array(
array('deny', // only allow registered users to perform 'index', 'show' and 'createuser' actions
'actions'=>array('index','show', 'createuser'),
'users'=>array('?'),
),
array('deny', // allow admin user to perform 'createuser'
'actions'=>array('createuser'),
'users'=>array('expression' => '!isset(Yii::app()->user->isAdmin) OR Yii::app()->user->isAdmin !== 0')
),
);
}
will
(Phpwindcn)
4
I think you meant to do this:
public function accessRules()
{
return array(
array('deny', // only allow registered users to perform 'index', 'show' and 'createuser' actions
'actions'=>array('index','show', 'createuser'),
'users'=>array('?'),
),
array('deny', // allow admin user to perform 'createuser'
'actions'=>array('createuser'),
'expression' => '!isset(Yii::app()->user->isAdmin) OR Yii::app()->user->isAdmin !== 0',
),
);
}
letscode
(Janwiebedehaan)
5
Yes, that works! Thanks a lot!
romanoza
(Romanoza)
6
hi, i have forums model and forum owners (uid column in table)
how can i in expression check whether is current user is owner of forum
smthng like this:
Forum::model()->findByPk('.$_GET['id'].')->uid==Yii::app()->user->id
qiang
(Qiang Xue)
7
$forum->ownerID==Yii::app()->user->id ?
romanoza
(Romanoza)
8
Quote
$forum->ownerID==Yii::app()->user->id ?
where do i need to define $forum in this case?
qiang
(Qiang Xue)
9
It should be passed as parameters when you call checkAccess.
romanoza
(Romanoza)
10
Quote
It should be passed as parameters when you call checkAccess.
hmmm, i didn’t call it manualy 
so i need to?
PS i add rule in accessRules in my controller for manage action
array('allow',
'actions'=>array('manage'),
'expression'=>'$user->id==$forum->uid'
),