abedi98
(Abedi98)
September 22, 2012, 9:37am
1
hi friends
i have one question about action permission .
i want set filters and accessRule automatic , from database .
I want every user to be able to see the action or does not
And
Want to control access to the database and automated actions to be
regards
linuor
(Linuor)
September 22, 2012, 11:26am
2
do you mean rbac? I dont quiet understand the so called ‘automated’.
tell some more details.
abedi98
(Abedi98)
September 23, 2012, 8:44am
3
hi
this is my structure for access to action [ controller:site / action:contact ] [size="1"]for example [/size]
Table Structure :
id = 20
action = contact
controller = site
role = superAdmin
type = deny
filters for check access to this action :
<?php
class ECheckActionPermissionFilter extends CFilter
{
protected function preFilter($filterChain)
{
//$this->preFilter($filterChain);
return parent::preFilter($filterChain);
}
protected function postFilter($filterChain)
{
$role = Yii::app()->user->role;
$controller = $filterChain->controller->id;
$action = $filterChain->action->id;
$user_id = Yii::app()->user->id;
$sql = 'SELECT * FROM tbl_action a
WHERE a.action=:action
AND a.controller=:controller
AND a.role=:role';
$command = Yii::app()->db->createCommand($sql);
$command->bindParam(":action", $action, PDO::PARAM_INT);
$command->bindParam(":controller", $controller, PDO::PARAM_STR);
$command->bindParam(":role", $role, PDO::PARAM_STR);
$permissions = $command->queryAll();
if(!empty($permissions)){
foreach($permissions as $p){
if($p['type'] == 'allow')
{
$allow = "allow";
break;
}
elseif($p['type'] == 'deny')
{
$allow = "deny";
break;
}
}
}
echo $allow;
if($allow == "deny" )
{
throw new CHttpException(403,Yii::t('yii','You are not authorized to perform this action.'));
}
parent::postFilter($filterChain);
}
}
if run this url : yii/index.php?r=site/contact
dublicate render view [ image attached ]
why dublicate ?
what problem ?
please idea !
thanks3244
abennouna
(Abennouna)
September 23, 2012, 10:15am
4
And what about your site controller’s code? Can you post it?
abedi98
(Abedi98)
September 23, 2012, 10:33am
5
what !? i dont underestand what u say , sry !?
zeroByte
(Dispyfree)
September 23, 2012, 11:48am
6
bennouna: Take a look at Yii filters, you simply include the filter in your controller, you don’t need to write any additional code for each controller.
ACL solution:
/**
* Assumes that Action is a model with its own table (id being the only required column)
*/
protected function postFilter($filterChain)
{
$controller = $filterChain->controller->id;
$action = $filterChain->action->id;
$id = $controller.'::'.$action;
$user = RestrictedActiveRecord::getUser();
if(!$user->may($id, 'exec'))
throw new CHttpException(403,Yii::t('yii','You are not authorized to perform this action.'));
parent::postFilter($filterChain);
}
abedi98
(Abedi98)
September 23, 2012, 12:58pm
7
if(!$user->may($id, 'exec'))
can u post it may function AND RestrictedActiveRecord::getUser();
?