Check Accessrules

Hey there,

I created a little Yii-powered site in the last weeks which has a backend for an admin to change its contents. There are only a few actions/sites accessible for everyone and the rest is for the admin.

What I did to protect the site was to block access to all my actions in my main Controller class and then permitting certain access to specific actions in the Controllers I extended from this Main-Controller.

Normally every action that isn’t mentioned exclusively shouldn’t be accessible by anonymous but you can never be shure so I’m asking myself if yii offers some kind of access-Check which lists all actions that can be seen by anyone or do I have to check every link manually?

Hope you can help my ;)


why didn’t use accessrules ?

for example

 public function accessRules()


        return array(







Allows all authenticated users to access all actions of the specific controller

Ah sry my fault of course I used Access Rules and Set my Controller to default deny but I’m Not sure that I really covered all situations correctly and so it would come in handy to have some automated accessrule check that tells me who has Access to which actions ;)

Hi again Willey

Tell us what exactly permissions you want foreach group users and actions

I will suggest you the corrected rules :)