Jump to content
Larry Ullman's Book Forums

Accessrules()'S - Good Or Evil


Recommended Posts

Hi all,

 

The more I'm dabbling with Yii, I'm disliking accessRules, it doesn't seem to work how I would like it and it is quite limiting, I don't like having to define specific usernames which can access an action.

 

I read an article on the Yii website which I can link to if I'm allowed. Showing how you can very simply perform a check from each individual actions method (1 line of code and a new method in the base Controller class). I just wanted to get some opinions and find out how other people get around this.

 

Thanks

Simon

Link to post
Share on other sites

I found them to be useful, you can allow any user to access a action by using the star symbol. The rule seems to be adaptable for all scenarios by fiddling with the the corespondent symbols.

 

What is the situation you are having trouble with?

Link to post
Share on other sites

Here you are typical simple usage scenario:

 


public function accessRules(){
return array(
array( // these pages are accessible by all (AJAX captcha is included here)
'allow',
'actions'=>array('index','about','help','contact','error','captcha',),
'users'=>array('*'),
),
array( // these pages are for non-logged-in users only
'allow',
'actions'=>array('login',),
'users'=>array('?'),
),
array( // these pages are for logged-in users only
'allow',
'actions'=>array('manage','logout',),
'users'=>array('@'),
),
array( // block access to everything what was not explicite allowed
// and send the user back to where he/she came from
'deny',
'deniedCallback' => array($this, 'redirectBack'),
'users'=>array('*'),
),
);
}

 

Please notice, the order of rules (from top to bottom) is important!

 

And of course you need to add the following to your 'Controller.php' in components folder:

 

public function filters(){
    return array('accessControl'); // perform access control on all controllers extending this class
   }

   public function redirectToHome(){ // send to homesite
       $this->redirect(Yii::app()->baseUrl);
   }

   public function redirectBack(){ // send the rejected user to where he/she came from
       $zs_referer = Yii::app()->request->urlReferrer;
       if($zs_referer == ''){
           $this->redirect(Yii::app()->baseUrl);
       }else{
           $this->redirect($zs_referer);
       }

   }

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...