yii access control filter rules in controllers

Question

When writing rules for access control in yii controllers, possible parameters to be set for a rule are 'action' - sets to which action the rule applies; 'users', 'roles', etc.

Now, both the yii guide (pdf) and reference (I have chm file) say that it's possible to set, also, a controller id for the controller the rule should apply to.

Now, if we are already putting these rules in a controller class/file, how would we be able to put some other controller (other than the current one) as the parameter here, meaning how would some other controller whose id we mention here - how would it know there is a rule that applies to it, since it's written in a completely other controller class/file?

How would the controller be aware of a rule that mentions it, if it's written outside of it, in a completely different controller?

Answer 1

One case where you could use this is if you set some rules in a base controller and extend it. Maybe you have some admin-only controllers, then you can save a little code by just adding these rules into a base Controller that all other controllers extend?

Also, this might be used if you are attaching Behaviors to the controller?

I've never used this rule though, I'm just hypothesizing. :)

Answer 2

Dear Friend, Yii give us 3 type of user groups (*)- for All(guest), (@)- for registered, (admin)- for super user we can use it from Controller / public function accessRules()

add if you wanna custom user rights than u can also use 1)ttp://www.yiiframework.com/extension/yii-user-management/ and u can also use "Yii-Rights" which is best for customization 2)http://www.yiiframework.com/forum/index.php?/topic/10556-extension-rights/page_p_51869#entry51869

Regard, Bhavik Chauhan