The following code isn’t working. I would like the ‘Users’ link to only display if the logged in user has been granted access to the ‘admin’ action of the ‘users’ model. However, the link is never displayed.
array('label'=>'Users', 'url'=>array('user/admin'), 'visible'=>Yii::app()->user->checkAccess('user/admin'));
Any ideas what I am doing wrong?
Thanks.
Do you have the auth system set up?
You have to be using CPhpAuthManager, CDbAuthManager or roll up your own.
If you want to use CDbAuthManager, which I’d would recommend, you need an operation for this, e.g. userAdmin (AuthItem-table). Then you need to assign that auth item to a role (AuthChild-table) and assign that role to the respective users (AuthAssignment-table).
I would suggest you read this:
Thank you both for your replies.
So if checkAccess() requires the use of either CDbAuthManager or CPhpAuthManager, is there another way to check against the accessRules defined in a controller? I am using the default UserIdentify component for authentication.
As far as I know the Controller’s accessControl-function is only called to check if the user is allowed to run the requested action or not. In other words you need to use an Auth Manager to use checkAccess().
Please correct me if I’m wrong.
You have a couple of extensions that can help you get going.
Check out srbac which provides a front end to the rbac provided by Yii framework
http://www.yiiframework.com/extension/srbac/
or try Yii User Management which provides registration, login, messaging and it’s own version of rbac.
Ignore: dupe posted due to internet trouble.
Thank you, I will take a look at these.