Hi,
I am almost solving this but I must have slighted a few things.
I have created a User.php model with several access listed as below
'view_permit' => 'Allows user to view requisition record',
'edituser_permit' => 'Allows user to edit their role',
'control_permit' => 'Allows user to manage requisition',
'maint_demo' => 'Allows user to maintain demo unit',
'view_demopool' => 'Allows user to view demo pool',
These will return boolean values and they are stored in the database.
I have also created a function in User.php to obtain this boolean value and use this function on the accessRules() in UserController.php . The function is as below
public function getCreateUser()
{
$canCreate = 'edituser_permit';
if ($canCreate != 1)
return false;
else return true;
}
The access rules (edituser_permit) is defined as follows
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions' => array('index','view'),
'users' => array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions' => array('create','update'),
'users' => array('@'),
'expression' => 'User::getCreateUser()',
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions' => array('admin','delete'),
'users' => array('@'),
),
array('deny', // deny all users
'users' => array('*'),
),
);
}
The result:
So far I have been getting rather odd results. Having made the admin with all access rights, I am unable to gain access to create/update the records. Is there something wrong with the logic expressions? or am I missing something?
Cheers and thanks