how to prevent and show some record to some user?

[size="3"]Hi all,

Using Yii framework I want to know how to prevent some user (ex: demo) from update or delete record on some table (ex:product) ,

and I want to allow him to see list of only some record (ex: records that contain current date or some thing else ) …in public I need too know how can I control who see what and what he can do on it ?

Thank you

[/size]

Its not 100% clear what you are asking, but I will try and point you in the direction I think you asking.

To control access to your controller actions (eg: product/update, product/delete) you can use accessRules.

A good example of this is in the blog tutorial: http://www.yiiframework.com/doc/blog/1.1/en/post.create

I also recommend the docs on Authentication and Authorization 4. Access Control Filter: http://www.yiiframework.com/doc/guide/1.1/en/topics.auth#access-control-filter

also 6. Role-Based Access Control http://www.yiiframework.com/doc/guide/1.1/en/topics.auth#role-based-access-control

To control what is displayed in a list of records you could use CDbCriteria.

Building a Blog System Using Yii. Displaying Posts: http://www.yiiframework.com/doc/blog/1.1/en/post.display

Active Record: 4. Reading Record: http://www.yiiframework.com/doc/guide/1.1/en/database.ar#reading-record

Active Record: 11. Named Scopes: http://www.yiiframework.com/doc/guide/1.1/en/database.ar#named-scopes

An easy way to use escopes and CActiveDataProvider: http://www.yiiframework.com/wiki/173/an-easy-way-to-use-escopes-and-cactivedataprovider

Search method of a model for filters when using dates - unixtimestamp in database: http://www.yiiframework.com/wiki/142/search-method-of-a-model-for-filters-when-using-dates-unixtimestamp-in-database

I hope that helps.

thank you Nax ,with first look I think it will help,I’ll try it