distortionzzz Posted December 8, 2012 Share Posted December 8, 2012 Hi all, The more I'm dabbling with Yii, I'm disliking accessRules, it doesn't seem to work how I would like it and it is quite limiting, I don't like having to define specific usernames which can access an action. I read an article on the Yii website which I can link to if I'm allowed. Showing how you can very simply perform a check from each individual actions method (1 line of code and a new method in the base Controller class). I just wanted to get some opinions and find out how other people get around this. Thanks Simon Link to comment Share on other sites More sharing options...
Edward Posted December 8, 2012 Share Posted December 8, 2012 I found them to be useful, you can allow any user to access a action by using the star symbol. The rule seems to be adaptable for all scenarios by fiddling with the the corespondent symbols. What is the situation you are having trouble with? Link to comment Share on other sites More sharing options...
Solid Posted December 9, 2012 Share Posted December 9, 2012 Have you seen this? http://www.larryullm...-yii-framework/ Allso a forum-topic about it here.. http://www.larryullm...in-accessrules/ In short its about assigning roles to the users, and allowing them access trough the roles. If i dident missunderstand your question, that would help you getting use of the accessRules. Link to comment Share on other sites More sharing options...
Ziggi Posted December 9, 2012 Share Posted December 9, 2012 Here you are typical simple usage scenario: public function accessRules(){ return array( array( // these pages are accessible by all (AJAX captcha is included here) 'allow', 'actions'=>array('index','about','help','contact','error','captcha',), 'users'=>array('*'), ), array( // these pages are for non-logged-in users only 'allow', 'actions'=>array('login',), 'users'=>array('?'), ), array( // these pages are for logged-in users only 'allow', 'actions'=>array('manage','logout',), 'users'=>array('@'), ), array( // block access to everything what was not explicite allowed // and send the user back to where he/she came from 'deny', 'deniedCallback' => array($this, 'redirectBack'), 'users'=>array('*'), ), ); } Please notice, the order of rules (from top to bottom) is important! And of course you need to add the following to your 'Controller.php' in components folder: public function filters(){ return array('accessControl'); // perform access control on all controllers extending this class } public function redirectToHome(){ // send to homesite $this->redirect(Yii::app()->baseUrl); } public function redirectBack(){ // send the rejected user to where he/she came from $zs_referer = Yii::app()->request->urlReferrer; if($zs_referer == ''){ $this->redirect(Yii::app()->baseUrl); }else{ $this->redirect($zs_referer); } } Link to comment Share on other sites More sharing options...
Recommended Posts