Hi everyone,
I’m using RBAC in my project, but I have to improve the system because If I allow the users with the rol… fe:“edit”
for admin and update posts as here:
//Posts Controller…
public function accessRules()
{
return array(
array('allow',
'actions'=>array('admin','update'),
'roles'=>array('edit_rol'),
),
These users can admin and edit all the posts , but I want that they only can edit and admin his own posts, so I need to add some "php logic" like if(postOwner->id== user->id…).
Is it possible to add a parameter in the allow array with a call to a function that runs this "php logic" in order to return true or false to the array, and with that RBAC can allow or not the user.
Thanks!