I have two tables (and models) user and file. user has following relation to file:
'file' => array(self::HAS_MANY, 'File', 'user_id')
How can I best make sure that a logged in user can only delete the files related to him?
I was looking into accessRules but couldn’t find anything for specific files, just for general access of actions.
Should I check in my controller if Yii::app()->user->id is the same as the user_id of the requested file?
But I’m sure there is an elegant Yii solution for it. If possible I would rather not use the authManager.