By default there is no such thing as 'role'.
To add role to accessRules() in controller you could use expressions... smth like this: 'expression' => function(){return Yii::app()->user->getState("role") == 'admin';}
My accessRules():
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('index','view'),
'users'=>array('*'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'actions'=>array('create','update'),
'users'=>array('@'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'actions'=>array('admin','delete'),
//Check if user role is admin
'expression' => function(){return Yii::app()->user->getState("role") == 'admin';},
),
array('deny', // deny all users
'users'=>array('*'),
),
);
BTW, you need to set state for user's role in userIdentity component in authenticate.. like this $this->setState('role', $user->role);
My authenticate() in userIdentity.php:
public function authenticate()
{
$user = User::model()->findByAttributes(array('email'=>$this->username));
if ($user===null) { // No user found!
$this->errorCode=self::ERROR_USERNAME_INVALID;
} else if ($user->password !== md5($this->password) ) { // Invalid password!
$this->errorCode=self::ERROR_PASSWORD_INVALID;
} else { // Okay!
$this->errorCode=self::ERROR_NONE;
$this->setState('email', $user->email);
$this->setState('username', $user->username);
// Store the role in a session:
$this->setState('role', $user->role);
$this->_id = $user->id;
}
return !$this->errorCode;
}
Комментариев нет:
Отправить комментарий