how 2 get ID of the post in controller

Yii 1.1 General Discussion
1

I need to do simple task that is giving me hard time for a long time now.

I need to get ID of the post in controller so I can compare it with user ID so only user who made post can update it (and delete)?

I know that post is 7 (localhost/yiitest/oglasi/update/7), I have tried every combination that I have encountered for this task without luck,


public function accessRules()

	{

		// only owner can update

		$controllerId = Yii::app()->controller->id;

		//if($controllerId){

		//if(Yii::app()->user->getId() === $controllerId) {

		if('7' === $controllerId) {

			//$user_updater = Yii::app()->user->name;

			$user_updater = 'test';

		}

			array('allow', // allow authenticated user to perform 'create' and 'update' actions

				'actions'=>array('update'),

				'users'=>array($user_updater,'admin'),

			),
2

I don’t understand what you are trying to do.

In normal cases a user can have multiple posts. So multiple post ids, too.

Maybe this helps: http://www.yiiframework.com/wiki/136/getting-to-understand-hierarchical-rbac-scheme ?

3

You mean the HTTP get var? $_GET[‘id’] but I prefer:




$id = Yii::app()->request->getParam('id');

at least I think this is what you are asking for.

4

Luke Jurgs, You are the MAN!

It looks like it will work like this!

I will try to set it up propertly now and keep you posted how did it go!

5

well we are getting so close 2 find out the answer.

I didnt realize sooner that I cant compare post’s id (url parametar)


Yii::app()->request->getParam('id')

with user id because its not the same thing. I need 2 compare post’s user_id field (db fields: id name cat_id price descr img user_id) so it would match user from post and logged user.

we are so close

6

This depends on how your user authentication works but:




$post = Post::model()->findByPk(Yii::app()->request->getParam('id'));

Yii::app()->user->getId() == $post->user_id;

This is assuming you are using an ActiveRecord for Post.

7

didnt I tell You already that You are the MAN:)

it works:)

Thanks alot m8!!!

So here is complete code for enabling only users who made post to update it (and delete):


	public function accessRules()

	{

		// Da samo vlasnik posta moze da ga updatuje

		$post = Oglasi::model()->findByPk(Yii::app()->request->getParam('id'));

		if(Yii::app()->user->getId() === $post->user_id) {

			$user_updater = Yii::app()->user->name;

			//$user_updater = 'test';

		}

		return array(

			array('allow',  // allow all users to perform 'index' and 'view' actions

				'actions'=>array('index','view'),

				'users'=>array('*'),

			),

			array('allow', // allow authenticated user to perform 'create' actions

				'actions'=>array('create'),

				'users'=>array('@'),

			),

			array('allow', // allow authenticated user to perform 'update' actions

				'actions'=>array('update'),

				'users'=>array($user_updater,'admin'),

			),

			array('allow', // allow admin user to perform 'admin' actions

				'actions'=>array('admin'),

				'users'=>array('admin'),

			),

			array('allow', // allow admin user to perform 'delete' actions

				'actions'=>array('delete'),

				'users'=>array($user_updater,'admin'),

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}