if($model->id != Yii::app()->user->id)
{
if(!Yii::app()->user->isAdmin()) {
throw new CHttpException(403,'You are not authorized to perform this action.');
}
}
Tuesday, July 16, 2013
redirect 403 page yii authorized to perform this action
accessRules()method within the Controller class
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'controllers'=>array('issue','project','user'),
'actions'=>array('index', 'view', 'addUser'),
'users'=>array('@'),
),
array('allow', // allow authenticated user to perform 'create' and 'update' actions
'controllers'=>array('issue','project','user'),
'actions'=>array('create','update'),
'users'=>array('@'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
'controllers'=>array('issue','project','user'),
'actions'=>array('admin','delete'),
'users'=>array('admin'),
),
array('deny', // deny all users
'controllers'=>array('issue','project','user'),
'users'=>array('*'),
),
);
}
Saturday, July 13, 2013
CDbCriteria with condition
$sitelinks = Sitelink::model()->find('activation=:activation AND category=:category',
array(
':activation'=>1,
':category'=>$catname->id,
));
$criteria = new CDbCriteria;
$criteria->condition='activation=:activation AND category=:category';
$criteria->params=array(':activation'=>1, ':category'=>$catname->id);
$sitelinks = Sitelink::model()->find($criteria);
Subscribe to:
Posts (Atom)