Using Rbac

ferminako · April 5, 2013, 2:47pm

Hi everyone,

I’m using RBAC in my project, but I have to improve the system because If I allow the users with the rol… fe:“edit”

for admin and update posts as here:

//Posts Controller…

public function accessRules()

    {


            return array(


                    array('allow',  


                            'actions'=&gt;array('admin','update'),


                            'roles'=&gt;array('edit_rol'),


                    ),

These users can admin and edit all the posts , but I want that they only can edit and admin his own posts, so I need to add some "php logic" like if(postOwner->id== user->id…).

Is it possible to add a parameter in the allow array with a call to a function that runs this "php logic" in order to return true or false to the array, and with that RBAC can allow or not the user.

Thanks!