What's the correct way with BizRule?

For first, I want to say Hello! to all of you! I’m new here, i’m new to MVC and frameworks and I started with Yii.

I want my site to have the following roles:

author - can add content and update/delete just their own.

moderator - can edit any content, exept user management.

administrator - can do anythnig.

And any user has a status:

inactive - for e-mail activation

active - normal users

banned - banned users

Only active users can have the "author" role.

The user_access and user_status are stored into the users table in the db.

I thought to do this using RBAC with BizRules and the following methods at Users class:




	public function isAdmin() {

		return $this->user_access==Users::ACCESS_ADMIN;

	}

	public function isModerator() {

		return $this->user_access==Users::ACCESS_MODERATOR || $this->isAdmin();

	}

	public function isActive() {

		return $this->user_status==Users::STATUS_ACTIVE;

	}



Oh, and the constants:




const ACCESS_ADMIN=2;

const ACCESS_MODERATOR=1;

const ACCESS_NORMAL=0;


const STATUS_BANNED=2;

const STATUS_ACTIVE=1;

const STATUS_INACTIVE=0;



I have tried the following bizRules:




$biz="return Yii::App()->user->isModerator();";

$role=$auth->createRole("moderator","moderator",$biz);


$biz="return Yii::App()->user->isAdmin();";

$role=$auth->createRole("admin","administrator",$biz);


$biz="return Yii::App()->user->isActive();";

$role=$auth->createRole("author","author",$biz);



But I got this error: Property "CWebUser.isModerator" is not defined.


OK, i did the methods to check the accesses this way:


return Users::Model()->findbyPk($uid)->user_access==Users::ACCESS_MODERATOR;

And it works, but I think there is a better way to do this.


What’s the right solution for that?

Thank you!

Are these methods on your User model or WebUser?


        public function isAdmin() {

                return $this->user_access==Users::ACCESS_ADMIN;

        }

        public function isModerator() {

                return $this->user_access==Users::ACCESS_MODERATOR || $this->isAdmin();

        }

        public function isActive() {

                return $this->user_status==Users::STATUS_ACTIVE;

        }

Are you configuring Yii to use the custom WebUser?


        'user' => array(

            'class' => 'WebUser',

            'allowAutoLogin' => true,

            'loginUrl' => array('site/login'),

        ),

  1. The methods are on the Users model. (for no reason I use Users instead of User - I think this is not a problem)

  2. No.

Follow this guide by emix for your solution: http://www.yiiframework.com/doc/cookbook/80/

"Yii::app()->user" is a reference to CWebUser which is a $_SESSION wrapper. Also, "App()" should be "app()", some php configurations will give you trouble for case-sensitivity.