Authenticate Admin In Useridentify

Yii 1.1 General Discussion
1

I just installed Yii and a new webapp and I did read a lot of tutorial stuff. I also made some nice changes especially in the views.

But now I need your help:

How can I set an user as an admin when I use my own authenticate method?

I removed the normal code with fixed access data of two users.


public function authenticate()

    {

        $username=strtolower($this->username);

        $user=User::model()->find('LOWER(benutzername)=?',array($username));

        if($user===null)

            $this->errorCode=self::ERROR_USERNAME_INVALID;

        else if(!$user->validatePassword($this->password))

            $this->errorCode=self::ERROR_PASSWORD_INVALID;

        else

        {

            $this->_id=$user->id;

            $this->username=$user->benutzername;

            $this->errorCode=self::ERROR_NONE;

            $this->setState("isAdmin", 1);

        }

        return $this->errorCode==self::ERROR_NONE;

    }

For testing, I would see every user as admin. But this is not working. I can’t, as an logged in user, edit and view things the admin can.

Isn’t the setState(“isAdmin”) right?

Regards

2

The wiki page http://www.yiiframework.com/wiki/328/simple-rbac is exactly what you need.

3

just take a look at rbac : http://www.yiiframework.com/wiki/328/simple-rbac

if you set ‘isAdmin’=1 to the admin user, then access control will be needed before admin actions. That is:




if (Yii::app()->user->isAdmin===1)

  //do some admin actions.

else

  //throw a HttpException to promote that the user is not allowed to do this action.