1

I am a newbie and i just read about creating operation for defining the authorization rules...there was a code in the book which is as follows

# protected/controllers/SiteController.php::actionSetup()
$auth = Yii::app()->authManager;
$auth->createOperation('createPage',"create a new page");
$auth->createOperation('updatePage',"update a page");

The first argument is the identifier that specifies the operation uniquely...second is the description of the operation....
NOW my QUESTION is
where is the ACTION attached to the operation..it just consists of the name and the description...?? Even if i assign this operation to a user....how will the rule identify that which action has been assigned to him???

Let me see
  • 5,063
  • 9
  • 34
  • 47

1 Answers1

0

See nice tutorial here: http://www.yiiframework.com/wiki/65/how-to-setup-rbac-with-a-php-file/

You have two main points:

  1. In accessRules() method

  2. In concrete action, where you just call something like if(Yii::app()->user->checkAccess('createPost'))

Also as a good demo/tutorial with sources you can try this: https://github.com/thyseus/yii-user-management/blob/master/user/docs/install_tutorial.txt

gaRex
  • 4,144
  • 25
  • 37