Yii Accessrules Delete Option Only For Authenticated User.


I have designed my view as, every logged user can post their own post. and when the user don’t want or delete the particular post, that has been posted by the same user. I want to restrict all other users to delete other users post… Only i want delete option in the particular post of particular users…


public function accessRules() {

	return array(

	array('allow', // allow all users to perform 'index' and 'view' actions

		'actions' => array( 'view'),

		'users' => array('*'), ),

	array('allow', // allow authenticated user to perform 'create' and 'update' actions

		'actions' => array('create','index', 'update'),

		'users' => array('@'), ),

	array('allow', // allow admin user to perform 'admin' and 'delete' actions

		'actions' => array('admin', 'delete'),

		'users' => array('admin'), ),

	array('deny', // deny all users

		'users' => array('*'), ), );



public function actionDeletePost($id) {

	$this -> loadModel($id) -> delete();



[html]<img src="<?php echo Yii::app()->request->baseUrl;?>/images/site/delete-icon.png" alt=“Delete this post” onclick=“javascript: deletePost(this, <?php echo ($data->id) ? $data->id : ‘\‘null\’’ ?>);”>[/html]


[html]function deletePost(row,postId) {

if (confirm('Are you sure want to delete this post?')) {

    if (postId &#33;= 'null') {

        //call an ajax request to delete the row...


            'type' : 'post',

            'url'  : '?r=forumPost/deletePost&amp;id='+ postId,

            'dataType' : 'data',

            'beforeSend' : function() {},

            'success' : function(data) {

                        jQuery(&quot;#list-of-post&quot;).load(&quot;&lt;?php echo Yii::app()-&gt;createUrl('//forumPost/forumPostDisplay'); ?&gt;&quot;);


              'error': function(data){

              	alert(&quot;Error Occurred... Please try again later...&#33;&quot;);




    // Remove UI component

    // &#036;(row).parent().parent().parent().remove();



Please help me to delete only the particular user post in the view page… :(

I hope you are storing author_id for every post.

When you delete the post, just if author_id is equal to current logged in user id.

public function actionDeletePost($id) {

        $this -> loadModel($id) -> delete();


public function actionDeletePost($id) {

       $model= $this -> loadModel($id) ;


        // delete here



     // throw exception or error message for ajax call.



thanks hemc… it’s working fine now… :)