I’m building an authorisation setup for my site which i will populate from database.
I’m following this guide but I’m not really sure where I put the following code:
$auth=Yii::app()->authManager;
$auth->createOperation('createPost','create a post');
$auth->createOperation('readPost','read a post');
$auth->createOperation('updatePost','update a post');
$auth->createOperation('deletePost','delete a post');
$bizRule='return Yii::app()->user->id==$params["post"]->authID;';
$task=$auth->createTask('updateOwnPost','update a post by author himself',$bizRule);
$task->addChild('updatePost');
...
It should run one time, but I’ll need access to the db to fill in my authManager object.
Where would be the preferred place to put this?
I was thinking to put it in controllers/SiteController.php but if I do put it there, how can I make sure it only gets executed once (and before login or any other action)?
It depends on if you want to initialize the authmanager with your operations/tasks on every request (performance?) or want to load from a php-file (CPhpAuthManager) or from the db (CDbAuthManager).
If you call
$auth->save()
after executing your code above, you have to execute your code above in a install procedure of your application, not on every request.
The init() method of the authmanager calls load(), so the saved items will be loaded always from file/db when using the authmanager.
If you choose to save the authitems you have to implement actions like actionInstall, actionCreatePermissions … in your SiteController or an extra InstallController.
But you should add an actionRecreatePermissions where you call
