Jump to content
Larry Ullman's Book Forums

Rbac Loadmodel() And Redirect


Recommended Posts

  1. Is there a reason why "$model=$this->loadModel($id);" has to go before the checkAccess line or can it go after (as in my example)?  I noticed it works both ways. 

Also, is it a bad idea to redirect users to the home page if they are trying to access a restricted page (as shown below)?


public function
actionUpdate($id)
{
 
// Checks to see if user can update
page
    if (!Yii::app()->user->checkAccess('user_update', array('id'=>$id))){
       
// Redirects user to home page if denied access
       
$this->redirect(array('site/index'));
    }
 
    $model=$this->loadModel($id);
 
    if(isset($_POST['User']))
{
       
$model->attributes=$_POST['User'];

       
if($model->save())
           
$this->redirect(array('view','id'=>$model->id));
        }

   
$this->render('update',array(
   
'model'=>$model,
    ));
}

 

Link to post
Share on other sites

Thanks for your questions. This all looks fine to me. As for redirecting to the home page, it's really a matter of whether you want to make the permission denied overt or not. You could use a flash message to indicate that on the home page, though.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...