So I created users table and all login thing with username and password. It all works fine and now I want to add roles, admin, user. I’ve reserched that for couple hours now, followed many tutorials and I have no Idea, how to make admin rights.
I have table
users{
id
username
pwd_hash
level (int) 0 - user and 2 - admin
}
I managed to do this:
UserIdentify.php:
<?php
/**
* UserIdentity represents the data needed to identity a user.
* It contains the authentication method that checks if the provided
* data can identity the user.
*/
class UserIdentity extends CUserIdentity
{
private $_id;
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$record=User::model()->findByAttributes(array('username'=>$this->username));
if($record===null)
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if(!$record->check($this->password))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
$this->_id=$record->id;
$this->setState('role', self::_getRole($record->level) );
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}
public function getId(){
return $this->_id;
}
private function _getRole($id)
{
if ( $id == 0 )
return 'user';
else if ( $id == 2 )
return 'admin';
else
return '';
}
}
and in controller:
public function accessRules()
{
if( Yii::app()->user->getState('role') =="admin")
{
$arr =array('create','update','index','view','delete'); // give all access to admin
}
else
{
$arr = array(''); // no access to other user
}
// print_r($arr);
// die('');
return array(
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>$arr,
'users'=>array('@'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
and a new component:
<?php
class WebUser extends CWebUser
{
/**
* Overrides a Yii method that is used for roles in controllers (accessRules).
*
* @param string $operation Name of the operation required (here, a role).
* @param mixed $params (opt) Parameters for this operation, usually the object to access.
* @return bool Permission granted?
*/
public function checkAccess($operation, $params=array())
{
if (empty($this->id)) {
// Not identified => no rights
return false;
}
$role = $this->getState("roles");
if ($role === 'admin') {
return true; // admin role has access to everything
}
// allow access if the operation request is the current user's role
return ($operation === $role);
}
}
But I want to do same thing without:
if( Yii::app()->user->getState('role') =="admin")
{
$arr =array('create','update','index','view','delete'); // give all access to admin
}
else
{
$arr = array(''); // no access to other user
}
How can I do that?