Reverse detail from Kakelbont MS 1, a fifteenth-century French Psalter. This image is in the public domain. Daniel Paul O'Donnell

Forward to Navigation

Yii Authentication

Posted: Feb 19, 2012 23:02;
Last Modified: May 23, 2012 18:05


admin authentication

In the controllers established by gii, yii’s scaffolding tool, there is a standard method called accessRules() that defines what users can do what actions. A common set is:

public function accessRules()
		return array(
			array('allow',  // allow all users to perform 'index' and 'view' actions
			array('allow', // allow authenticated user to perform 'create' and 'update' actions
			array('allow', // allow admin user to perform 'admin' and 'delete' actions
			array('deny',  // deny all users

The comments explain what each array means. An interesting question, however, is how you get a user to count as an ‘admin’? Is there some method or class somewhere that store this information? And if so, how do I get in it?

If you create new users you might devote considerable amount of time trying to get them into the admin class, all to no avail. As far as I can tell, the ‘admin’ refers to usernames rather than a class of user. So if your username is ‘admin’ you can do the restricted actions. If it isn’t, you can’t.

There are a couple of choices here. One is to keep a user whose name is ‘admin’: this has the virtue of simplicity and, since yii will always generate this condition everytime you generate a new site, it also means you’ll not have to go changing ever constructor in your new site as well.

The other choices are to change the code, either to allow some other determinant there. One approach, modified very slightly from an example in Larry Ullman’s blog, is to change ‘admin’ to the wildcard '<nowiki>‘@ (=logged in users) and then add an expression for some other condition:

    'expression'=>'isset($user->role) && ($user->role==="editor")'

You could even just hardwire somebody’s name in or some other attribute:

bc.. array('allow',
    'expression'=>'isset($user->email) && ($user->role==="")'

For more discussion, see


Back to content

Search my site


Current teaching

Recent changes to this site


anglo-saxon studies, caedmon, citation, citation practice, citations, composition, computers, digital humanities, digital pedagogy, exercises, grammar, history, moodle, old english, pedagogy, research, student employees, students, study tips, teaching, tips, tutorials, unessay, universities, university of lethbridge

See all...

Follow me on Twitter

At the dpod blog