Difference between #2 and #4 of
How to use Expression in default AccessControl to allow only the owner to do some action

Changes

Title unchanged

How to use Expression in default AccessControl to allow only the owner to do some action

Category unchanged

How-tos

Yii version unchanged

Tags unchanged

expression, owner, only owner, access control, tutorial, RBAC

Content changed

[...]
In this ExampleController, it uses the default accessControl and accessRule.

In this default accessRule, add actions to allow ( 'view', 'update', 'delete' ) and expression for it ( array('ExampleController','allowOnlyOwner') ).

"ExampleController" is the class where the method 'allowOnlyOwner' is.
These can be any other class and method.
 You can use $this instead of "ExampleController" if 'allowOnlyOwner" is in the same controller as accessRules.

In function allowOnlyOwner, I assumed that the user class has 'isAdmin' property ( Yii::app()->user->isAdmin ). This can be any other condition if you can check if the user is 'admin'.

For example,
[...]
6 1
9 followers
Viewed: 59 612 times
Version: 1.1
Category: How-tos
Written by: whatif
Last updated by: DineshR
Created on: Jul 29, 2013
Last updated: 9 years ago
Update Article

Revisions

View all history