How can I disable the "gii" code generator for a non-admin user?
2 answers
Follow these steps: -
- Copy gii module from system.gii ie framework / gii
- Paste it into the protected / modules folder of the project.
- Make the following changes to GiiModule.php in your gii module .
Change this
public function beforeControllerAction($controller, $action)
{
if(parent::beforeControllerAction($controller, $action))
{
$route=$controller->id.'/'.$action->id;
if(!$this->allowIp(Yii::app()->request->userHostAddress) && $route!=='default/error')
throw new CHttpException(403,"You are not allowed to access this page.");
$publicPages=array(
'default/login',
'default/error',
);
if(Yii::app()->user->isGuest && !in_array($route,$publicPages))
Yii::app()->user->loginRequired();
// check your admin conditions here
elseif(!isset(Yii::app()->user->isAdmin) || !Yii::app()->user->isAdmin)
throw new CHttpException(403,"You are not allowed to access this page.");
else
return true;
}
return false;
}
-
In config / main.php
'modules' => array( 'gii'=>array( 'class'=>'application.modules.gii.GiiModule', 'password'=> Your password, 'ipFilters'=>array('127.0.0.1','::1'), ), ),
Note: I have not tested it. But it can give you an idea of how to proceed.
+2
source to share
You can restrict user by IP or choose a password for Gii tool according to it documentation
return array(
......
'modules'=>array(
'gii'=>array(
'class'=>'system.gii.GiiModule',
'password'=>'pick up a password here',
// 'ipFilters'=>array(...a list of IPs...),
),
),
);
0
source to share