yii: authenticated user only access to a module

to allow authenticated user only to the whole module, instead of repeating codes to define access rules in all controller files, just add the following code to the module file in beforeControllerAction() function:

PHP:

public function beforeControllerAction($controller, $action)
{
    if(parent::beforeControllerAction($controller, $action))
    {
        if (Yii::app()->user->isGuest)
            throw new CHttpException(403,'You are not authorized to perform this action.');
        return true;
    }
    else
        return false;
}

if you want to display login page

replace line 6 from the code with:

PHP:

Controller::redirect(Controller::createUrl(Yii::app()->user->loginUrl));

createUrl() was used to correctly generate url path with the correct php script, if the main script is not index.php.

	`public function beforeControllerAction($controller, $action)`
	`{`
	`if(parent::beforeControllerAction($controller, $action))`
	`{`
	`if (Yii::app()->user->isGuest)`
	`throw new CHttpException(403,'You are not authorized to perform this action.');`
	`return true;`
	`}`
	`else`
	`return false;`
	`}`

yii: authenticated user only access to a module

if you want to display login page

No feedback yet

Leave a comment