Authorisation error messages

Yii 1.1 General Discussion
1

Hi,

In the Yii docs it states this …

When authorization fails, i.e., the user is not allowed to perform the specified action, one of the following two scenarios may happen:

If the user is not logged in and if the loginUrl property of the user component is configured to be the URL of the login page, the browser will be redirected to that page. Note that by default, loginUrl points to the site/login page.

Otherwise an HTTP exception will be displayed with error code 403.

Is it possible to get it to display an error message of my choice? Or rather different error messages for different "return falses"?

2

Isn’t this page from guide what you are looking for?

3

I do not think so …

Let me explain better, I have this code in my "accessRules" section …




array("allow",

				

	"controllers" => array("company"),

	"actions" => array("create"),

	"roles" => array("create_sub_company")

				

),

Now when a user is logged in it will display a 403 exception (the default) but I want it to display "You cannot create more sub companies"

4

You need to implement a validation function in your model, like explained in this article:

create-your-own-validation-rule

There you can throw your own informative error message.

5 



array(

  "allow",                              

  "controllers" => array("company"),

  "actions" => array("create"),

  "roles" => array("create_sub_company"),

  "message" => "You cannot create more sub companies",

),

Next create view file error403.php and theme it the way you like. I don’t know exactly but there must be variable $data passed to your view.




echo 'Exception page';

print_r($data);
6

Here’s a link to CAccessControlFilter.php

See what happens in protected function accessDenied($user,$message)

7

Ahh yes, I read this in the documentation but I could not get it to work.

Code was like this …




array(

  "allow",                              

  "controllers" => array("company"),

  "actions" => array("create"),

  "roles" => array("create_sub_company"),

  "message" => "You cannot create more sub companies",

),

And message in view was like this …




echo(Yii::app()->errorHandler->error["message"]);

And it still only displayed the default error message even when I did everything it said in the docs.

Gonna try creating the model validation rule now.

Thanks people.

8 



array("allow",

				

	"controllers" => array("company"),

	"actions" => array("create"),

	"roles" => array("create_sub_company"),

	"message" => "Hi"

				

),

I have this rule but its not setting the message and I do not know why? Any ideas?

I just get the default "You are not authorized to perform this action." message.

9

I reproduced the behavior and after some investigating figured out what was happening.

If the user isn’t logged in, i.e. it’s a guest user, then, instead of throwing exception with user defined message, Yii tries to redirect user to the login page:




protected function accessDenied($user,$message)

{

    if($user->getIsGuest())

        $user->loginRequired();

    else

        throw new CHttpException(403,$message);

}

This method belongs to CAccessControlFilter class. $message in this code snippet is user defined message, i.e. the message you want to show. As you see, loginRequired() method gets called, which redirects user to the login page and doesn’t carry your message.

EDIT

I think the only possible solution is to subclass CAccessControlFilter and override accessDenied() method. Also, you have to subclass CController and edit filterAccessControl method to use your new class instead of CAccessControlFilter.