Seperate Frontend And Backend

phabion · November 28, 2012, 2:25am

Hello everyone!

First I’ve followed this guide to setup role access . It works fine.

I’ve followed this guide to organize directories for application with font end and back end. http://www.yiiframework.com/wiki/33/organize-directories-for-applications-with-front-end-and-back-end. It works fine.

This is frontend’s look:

3545

Now I’m going to login with admin role. Now you can see that on the main menu there is a link to go to admin’s section (backend). Only admin can see this link. (see the picture please)

3546

Now I’m going to that admin’s section.(see the picture please)

3547

Now I have to log in to use back end’s functionalities. Here is the question. Is this fine to log in again when I’m already admin. If user’s not admin so he/she cannot see the link to go to admin’s section. Is there a way to get rid of requirement to log in twice for admin?

OK, thank you for your time!

Any suggestion would be appreciated!

Cheers!

LastDay · November 28, 2012, 3:29am

Hello,

Could you show accessRules of your backend and frontend controllers?

If you are already logged in as admin in frontend (or vise versa) you shouldn’t have to relogin in backend (or vice versa).

phabion · November 28, 2012, 3:26pm

For the front end. Here is the accessRules of HotelController




        public function accessRules()

	{

		return array(

			array('allow',  // allow all users to perform 'index' and 'view' actions

				'actions'=>array('index','view'),

				'users'=>array('*'),

			),

			array('allow', // allow admin user to perform 'create', 'update', 'admin' and 'delete' actions

				'actions'=>array('create', 'update', 'admin', 'delete'),

				'users'=>array('admin'),

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}

And now for the back end.

This is accessRules() inside HotelController




        public function accessRules()

	{

		return array(

			array('allow', // allow admin user to perform every action

				'actions'=>array('index', 'view', 'create', 'update', 'admin', 'delete',),

				'users'=>array('admin'),

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}

So to access to index view we need to have admin right. The admin right we have got from font end seems to be nothing to the back end.

I’m still thinking and have no solution for now.

Cheers!