Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How i can allow a specific role of users to update only their account? #23

Closed
giwrgos88 opened this issue Mar 30, 2015 · 1 comment
Closed

How i can allow a specific role of users to update only their account? #23

giwrgos88 opened this issue Mar 30, 2015 · 1 comment
Labels
question

Comments

@giwrgos88
Copy link

Hello, I have two types of roles, the administrator and the editor. I want the editor to be able to view his/her profile only on the index page where the administrator can see all the users. Next I want the editor to be able to edit only his profile and denied any try to change other accounts. I want the administrator to have full access.

Therefore so far what i did is this
$authority->allow('manage', 'all'); for the administrator

But for the editor how i can allow him to use the index, edit, update functions of the User controller but only for his account?

One idea that I have is to check the role of the use inside of each controller and in case where the role is editor to redirect him on a specific page with an error message. Is there any other way with the authority-controller?

thank you
@tortuetorche
Copy link
Contributor

Hi @giwrgos88,

This Wiki doc section will answer your question.

Take time to read the Wiki docs please, it'll answer almost all your questions.

Have a good day,
Tortue Torche

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@giwrgos88 @tortuetorche