Yii crud 400 update error
I created a CRUD with Gii, I changed the access rules and now I cannot update the user details. Here's what I changed:
public function accessRules()
{
return array(
array('allow',
'users'=>array('@'),
'expression'=>'!$user->isGuest && Yii::app()->user->privilages >= 5 && Yii::app()->user->status == 1',
),
array('deny',
'users'=>array('*'),
),
);
}
everything else looks like the default, but when I click on the pencil icon in the user dashboard, I get this error:
Error 400
Your request is invalid.
and the url is:
http://www.example.com/admin/update/35
What am I doing wrong?
source to share
This error is not because of your array accessRules
. Make sure you have the appropriate action named correctly, check if the params match the action, check your config file for url rules i.e. UrlManager, check if you are sending the parameter from the link correctly.
Also you can use $user
directly instead of Yii::app()->user
.
If there is an authorization error, you get a 403 error. This is 400 :
400 Bad Request Request could not be completed due to strong syntax ...
Edit: Add this to your urlManager:
'rules'=>array(
'<controller:\w+>/<id:\d+>'=>'<controller>/view',
'<controller:\w+>/<action:\w+>/<id:\d+>'=>'<controller>/<action>', // this is the rule you absolutely need for update to work
'<controller:\w+>/<action:\w+>'=>'<controller>/<action>',
'<action>'=>'site/<action>'
),
source to share
/**
* @return array action filters
*/
public function filters()
{
return array(
'accessControl', // perform access control for CRUD operations
'postOnly + delete', // we only allow deletion via POST request
);
}
The delete action can only be accessed via POST; You can check it out.
source to share