Thursday, February 10, 2022

[FIXED] Yii1 accessRules

      , ,      No comments   

Issue

I need to allow a certain kind of user access to a controller's actions, while denying other users who have the same roles plus an additional role. For example, user x has the role 'building', and user y has the role 'building' and 'admin'. I want to allow the 'building' role, except those who also have the 'manager' role. There is also a "super user" role that should be allowed access.

The following code block is equivalent to what I have right now:

        array('allow',
            'actions' => array('frontdesk', 'cabinet', 'replace', 'discard'),
            'expression' => array('User', 'isSuperStatic')
        ),
        array('allow',
            'actions' => array('frontdesk', 'cabinet', 'replace', 'discard'),
            'roles' => array('building')
        ),
        array('deny',
            'users' => array('*')
        )

Solution

The solution that I came up with is to use another role that is unique to who I would consider in the 'building' department. So, instead of using 'building', I would use 'building_front_desk', for example. The manager doesn't have that role, but the desired users do.



Answered By - hutch90

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...