Dynamic Accessrules

Yii 1.1 General Discussion
#1

Hi i’m developing a user management and its defined by database, i want to know if have a better way of doing it and how can i do it for all controllers of my module?

Now i gonna show what i’m doing:

in my ‘Usuario’ model, i have a property that holds user access detail like this:




 public $usuarioPermissoes['controller_access']=>array('action_access']);

And in access rules i defined the expression:




	public function accessRules()

	{

		return array(

			array('allow', // permite usuarios que tenha o controller e a acao atual cadastrada no banco de dados

				'expression'=>'array_key_exists(Yii::app()->controller->id,Usuario::model()->findByPk($user->getId())->permissoesUsuario) && in_array(Yii::app()->controller->action->id,Usuario::model()->findByPk($user->getId())->permissoesUsuario[Yii::app()->controller->id])',

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}
#2

Hi my friend

check the below links

http://sudwebdesign.com/yii-access-rules-isadmin/882

http://www.yiiframework.com/wiki/191/implementing-a-user-level-access-system/

or better use roles

http://www.yiiframework.com/wiki/328/simple-rbac/

Best regards

#3

Thanks man, but is’nt what i realy want. I’m making this way:




class AController extends CController

{


	public function filters()

	{

		return array(

			'accessControl', 

			'postOnly + delete', 

		);

	}

	

	public function accessRules()

	{

		return array(

			array('allow', 

				'expression'=>'Yii::app()->controller->verificaAcesso()',

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}

	

	public function verificaAcesso()

	{

		$usuarioPermissoes = Usuario::model()->findByPk(Yii::app()->user->getId())->permissoesUsuario;

		if (array_key_exists($this->id,$usuarioPermissoes) && in_array($this->action->id,$usuarioPermissoes[$this->id])) {

			return true;

		} else {

			return false;

		}

	}

}

All controllers extends AController, it’s ok that way?

#4

Your code seems ok! And this way is one of the most appropriate for this action :)

#5

Thanks.

#6

Thanks for your votes :)

Did you check your code in fact?


 public function verificaAcesso()

        {

                $usuarioPermissoes = Usuario::model()->findByPk(Yii::app()->user->getId())->permissoesUsuario;

                if (array_key_exists($this->id,$usuarioPermissoes) && in_array($this->action->id,$usuarioPermissoes[$this->id])) {

                        return true;

                } else {

                        return false;

                }

        }

I assume the permissoesUsuario is an array (!?) that has all permitted actions id’s for the specified user?

#7

No i didn’t, i just make that method for post as example. Yeas is an


array('controller_access'=>array('action1','action2'));
#8

its ok! I think that you want to achieve something that bizrule on RBAC does, but without database and internal (by Yii) eval function :)

check this to see what I mean :)

http://www.yiiframework.com/wiki/136/getting-to-understand-hierarchical-rbac-scheme/