Clever Geek Handbook

Yii framework - how to specify the same access rules for all controllers of a module?

I have created a module for specific admin operations. I don't want to write the same access rules for every controller, this is not very coding style.

+2


source to share


4 answers


One solution would be to extend the generic BaseClass controller for each authenticated class.



This way you can write once.

+3


source


A module is like a sub-application with a split directory structure. It is not responsible for filtering or checking permission.

The only vital decision is to define the new abstraction that Ismael proposed.



class ExtendedController
{
    public function rules()
    {
        return array_merge(parent::rules(), array(
           // your rules
        ));
    }
}
+3


source


The Ismael and pestaa choices are very good, even quick to implement, however I always recommend more powerful alternatives like the RBAC model. You can find a very good GUI for Yii RBAC at http://code.google.com/p/srbac/

+1


source


This worked for me:

class extendedController extends baseController
{
    public function accessRules()
    {
        return array_merge(

            // This controller rules are added first:
            // Allow all users to call the 'hello' action.
            array(
                array('allow',
                    'actions'=>array('hello'), 
                    'users'=>array('*'),
                ),
            ),

            // BaseController rules are added last, especially
            // if the last rule in the baseController denies all
            // users that were not allowed yet.
            parent::accessRules()
        );
    }

    public function actionHello()
    {
        echo('Hello!');
    }
}
0


source






More articles:


All Articles