TechQA.

How to prevent unauthorized users from specific actions by assigning a role to them?

175 views Asked by At

I am developing a web application by Yii php framework. In this application, I uses Right module for the role management of it. I define some roles and assign proper operation and tasks to them. I did it via the Right module UI and finally when each user fill the registration form a proper role assign to it, So for logged in users everything is ok.

The problem is for Guest and unauthorized users. I set the default role in main.php configuration file only to 'Guest' and also set operations of 'Guest' role with Right module UI, but Guest users can do other not permitted actions! How can I do it for Guest users?


Thanks in Advance

php yii rbac rights
Original Q&A
2

There are 2 answers

0
kiamoz On

I suggest you used your own UserIdentity class ...

it's so simple !

1
Jenno Richi Benat On

You Can Do like this

array('allow', 
            'actions'=>array('update'),
            'expression'=>Yii::app()->user->uType = 'mydefinedtype',
));

This can be set when the Login action done in useridentity.php

$this->setState('utype', $user->UTtype->typename);

Related Questions in PHP

Related Questions in YII

Related Questions in RBAC

Related Questions in RIGHTS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions