the users of my website may create their own elements (e.g. teams, players). These elements have IDs. For example if the user want to delete an player of his team:

<?php echo CHtml::link('Delete', '#', array('submit'=>array('trip/deleteplayer', 'teamid'=>$team->id, 'playerid'=>$player->id)')

Now is the question how can I check that the user is the creator or owner of the team.

My approach was something like this:

Class WebUser extends CWebUser{

function getIsOwner($teamid){

  return ( $this->user->teams->findByPK($teamid));


class TeamController extends Controller









I guess that this approach is pretty wrong?!


Hi Franker

[size=“2”]Well, first of all, I think [/size][size=“2”] $this in getIsOwner() function will be CAccessRules object, so you won’t be able to get id from it.[/size]

[size=“2”]Second, you should use correct function name if you won’t to call it and to pass argument. You have isOwner() instead of getIsOwner() at the moment.[/size]

[size="2"]Also please read [/size]this thread[size="2"], I think it may give you some interesting ideas regarding your implementation.[/size]

[size=“2”]Am I clear you don’t use RBAC and owner ID is stored together with each team/player record?[/size]


I’m still not sure how to solve my problem. First of all, I have to add a owner id column to every table to check whether the User is the owner, right? (Team, Player etc.)

Is it easier to solve my problem with the RBAC-concept? Has the Yii-Rights extension a solution?

I examined the WACF-Extension but I’m not really understand the concept and I don’t want to use if it’s not clear for me.

I’m suprised that YII has no integrated solution.

Problem solved with RCAB. THX!