Jump to content
Larry Ullman's Book Forums

Rbac Loadmodel() And Redirect


Cody
 Share

Recommended Posts

  1. Is there a reason why "$model=$this->loadModel($id);" has to go before the checkAccess line or can it go after (as in my example)?  I noticed it works both ways. 

Also, is it a bad idea to redirect users to the home page if they are trying to access a restricted page (as shown below)?


public function
actionUpdate($id)
{
 
// Checks to see if user can update
page
    if (!Yii::app()->user->checkAccess('user_update', array('id'=>$id))){
       
// Redirects user to home page if denied access
       
$this->redirect(array('site/index'));
    }
 
    $model=$this->loadModel($id);
 
    if(isset($_POST['User']))
{
       
$model->attributes=$_POST['User'];

       
if($model->save())
           
$this->redirect(array('view','id'=>$model->id));
        }

   
$this->render('update',array(
   
'model'=>$model,
    ));
}

 

Link to comment
Share on other sites

Thanks for your questions. This all looks fine to me. As for redirecting to the home page, it's really a matter of whether you want to make the permission denied overt or not. You could use a flash message to indicate that on the home page, though.

Link to comment
Share on other sites

 Share

×
×
  • Create New...