Protect Model Fields

I would like to protect the field role only for admins,

When I declare it in the model, if an user fake the form, he will be able to change it.

How can I protect Yii Forms over fake inputs?

array('role', 'numerical', 'integerOnly'=>true), //(0 - User, 1 - Admin)


Remove it from the ‘rules’ array, including from the ‘safe’ array

Hi lucianocn

I think that is responsibility of Controller rather than of model.

So you can set array(‘role’, ‘unsafe’) and fill by controller the field of your model $InstanceModel->role with appropriate value checking the user permission

Sorry I didn’t undersand, could you clarify?

That’s probably not a good idea because then you wouldn’t be able to change that property, even if you were an admin user.

I suggest you consider: