Hello, this is my 2º post .
How can i deny acess to user to see other information users.
Ex : User can only see user/’.Yii::app()->user->id.’ not user/some other user id
thanks
Hello, this is my 2º post .
How can i deny acess to user to see other information users.
Ex : User can only see user/’.Yii::app()->user->id.’ not user/some other user id
thanks
$model = User::model()->findByPk(Yii::app()->user->id);
thanks , but the admin user can do it. i’ve try
array(‘deny’,
'actions' => array('update', 'index', 'view'),
'expression' => '$_GET[\'id\'] !== Yii::app()->user->id',
'message' => "Não Autorizado!",
),
array(‘allow’, // allow admin user to perform ‘admin’ and ‘delete’ actions
'actions' => array('admin', 'delete', 'index', 'create', 'view', 'update'),
'users' => array('admin'),
),
and it works so far.
Can we do this way. Theres drawbacks?
Just my yii first try
No Not working