Well, beside i had no answer, i got this problem solved. There’s how i did it:
As AuthManager seemed to be too complicated, I decided to create a more simple thing, based on Larry Ulman’s solution. So here is it:
First, i have a field in my table called usr_tipo, that has numeric values for each user type:
1 = musician
2 = band
3 = other
4 = admin
In UserIdentity.php, inside the authenticate() method, I set a state on user’s session to identify it’s role. I also set a getter to get the user’s id from the table:
private $_id;
public function authenticate()
{
$record = Usuarios::model()->findByAttributes(array('login'=>$this->username));
if (is_null($record))
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if ($record->senha !== md5($this->password))
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
{
$this->_id = $record->id;
/** Define o role de acordo com o usr_tipo **/
switch ($record->usr_tipo) {
case 0: $role = 'musico'; break;
case 1: $role = 'banda'; break;
case 2: $role = 'outro'; break;
case 3: $role = 'admin'; break;
default:
$role = '';
}
$this->setState('role', $role);
$this->setState('nome', $record->nome);
$this->errorCode=self::ERROR_NONE;
}
return !$this->errorCode;
}
public function getId()
{
return $this->_id;
}
Then, in my controller, i set some variables with expressions that validates using that value set in user’s session:
public function accessRules()
{
/** regras **/
$isMusico = "isset(Yii::app()->user->role) && (Yii::app()->user->role==='musico')";
$isBanda = "isset(Yii::app()->user->role) && (Yii::app()->user->role==='banda')";
$isOutro = "isset(Yii::app()->user->role) && (Yii::app()->user->role==='outro')";
$isAdmin = "isset(Yii::app()->user->role) && (Yii::app()->user->role==='admin')";
return array(
array('allow', // allow all users to perform 'list' and 'show' actions
'actions'=>array('list','show','listaCidades','captcha','create'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'update' and 'delete' actions
'actions'=>array('update', 'delete'),
'users'=>array('@'),
'expression'=>$this->isOwnerOrAdmin(),//$isOwnerOrAdmin,
),
array('allow', // allow admin user to perform 'admin' action
'actions'=>array('admin'),
'users'=>array('@'),
'expression'=>$isAdmin,
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
Finally, you can see there’s a method in one of those blocks. $this->isOwnerOrAdmin() is a method I created to allow access either if the user is owner of that page, or if he’s admin. There’s the function:
private function isOwnerOrAdmin()
{
return ( isset(Yii::app()->user->role) && (Yii::app()->user->role==='admin') ) || ( isset($_GET['id']) && (Yii::app()->user->id==$_GET['id']) );
}
That’s it. I hope to help people with the same problem.
Cheers