New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Filters and Access Rules #77
Comments
I just have created simplest possible access control definition on frontend, inside the public function actionFirst()
{
echo '1';
}
public function actionSecond()
{
echo '2';
}
public function actionLogin()
{
Yii::app()->user->login(new DemoIdentity('demo', 'demo'));
}
public function actionLogout()
{
Yii::app()->user->logout();
}
public function filters()
{
return array(
'accessControl'
);
}
public function accessRules()
{
return array(
array(
'allow',
'actions' => array('first', 'login')
),
array(
'allow',
'actions' => array('second', 'logout'),
'users' => array('@'),
),
array('deny'),
);
} class DemoIdentity extends CUserIdentity
{
public function authenticate()
{
return true;
}
} And get the expected behavior: "second" and "logout" actions accessible only when you're logged in. I did the same trick on backend: class AccessController extends BackendController
{
public function actionFirst()
{
echo '1';
}
public function actionSecond()
{
echo '2';
}
public function actionLogin()
{
Yii::app()->user->login(new DemoIdentity('demo', 'demo'));
}
public function actionLogout()
{
Yii::app()->user->logout();
}
public function filters()
{
return array(
'accessControl'
);
}
public function accessRules()
{
return array(
array(
'allow',
'actions' => array('first', 'login')
),
array(
'allow',
'actions' => array('second', 'logout'),
'users' => array('@'),
),
array('deny'),
);
}
}
class DemoIdentity extends CUserIdentity
{
public function authenticate()
{
return true;
}
} And got the same result. So I infer that you just have some misconfiguration in your own codebase. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm trying to use filters and access rules, but it seems to go wrong. Simply, it don't works. It don't recognize users and/or actions, i really don't know. I'm pretty sure about the name of the actions, so i don't know what's up here.
The text was updated successfully, but these errors were encountered: