Simple authorization system

How-tos

auth, authorization, security

In your components folder ( protected/components ) create a 'WebUser.php' file and a class like this:


```php
class WebUser extends CWebUser{/**
 
 * @property boolean $isAdmin
 
 * @property boolean $isSuperAdmin
 
 * @property User $user
 
 */
 
class WebUser extends CWebUser{
 
 /**
 
  * cache for the logged in User active record
 
  * @return User
 
  */ private $_user; //**
 
  * is the user a superadmin ?   * @return boolean
 
  */
 
function getIsSuperAdmin(){ return ( $this->user && $this->user->accessLevel === User::LEVEL_SUPERADMIN ); } //**
 
  * is the user an administrator ?   * @return boolean
 
  */
 
function getIsAdmin(){ return ( $this->user && $this->user->accessLevel >= User::LEVEL_ADMIN ); } //**
 
  * get the logged user   * @return User|null the user active record or null if user is guest
 
  */
 
function getUser(){ if( $this->isGuest ) return null;
if( $this->_user === null ){
$this->_user = User::model()->findByPk( $this->id );const LEVEL_REGISTERED=0, LEVEL_AUTHOR=1, LEVEL_ADMIN=6, LEVEL_SUPERADMIN=99;

//**
 
  * define the label for each level   * @param int $level the level to get the label or null to return a list of labels
 
  * @return array|string
 
  */
 
static function getAccessLevelList( $level = null ){
$levelList=array(
self::LEVEL_REGISTERED => 'Registered',### Links
[Chinese Version](http://www.yiiwiki.com/wiki/view/id/19/title/%E7%AE%80%E5%8D%95%E7%9A%84%E7%94%A8%E6%88%B7%E6%8E%88%E6%9D%83%E7%B3%BB%E7%BB%9F "")