this is represent haw add user access for specific users in to page
i have 2 table
- 1.user table
- 2.user level table
user table
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(20) NOT NULL,
`password` varchar(128) NOT NULL,
`email` varchar(128) NOT NULL,
`Telephone` varchar(12) NOT NULL,
`create_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`ModifiedDate` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
`lastvisit_at` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
`superuser` int(1) NOT NULL DEFAULT '0',
`UserLevel` int(1) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`),
UNIQUE KEY `email` (`email`),
KEY `status` (`status`),
KEY `superuser` (`superuser`)
);
Userlevel table
CREATE TABLE IF NOT EXISTS `userlevels` (
`UserLevelId` int(11) NOT NULL AUTO_INCREMENT,
`UserLevels` varchar(45) DEFAULT NULL,
`CreateDate` datetime NOT NULL,
`ModifiedDate` datetime NOT NULL,
`Status` enum('0','1') NOT NULL DEFAULT '0',
PRIMARY KEY (`UserLevelId`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=7 ;
--
-- Dumping data for table `userlevels`
--
INSERT INTO `userlevels` (`UserLevelId`, `UserLevels`, `CreateDate`, `ModifiedDate`, `Status`) VALUES
(0, 'Guest', '0000-00-00 00:00:00', '0000-00-00 00:00:00', '0'),
(1, 'Admin', '2014-06-16 09:10:23', '0000-00-00 00:00:00', '1'),
(2, 'Staff', '2014-12-10 00:00:00', '0000-00-00 00:00:00', '1');
i created
Userrule.php file under protect -> components folder
class Userrule extends CWebModule
{
static private $_getaccess;
public static function getAccess($userlevel) {
if(is_array($userlevel))
{
if (!self::$_getaccess)
{
$criteria = new CDbCriteria;
$criteria->addInCondition('UserLevel',$userlevel,true);
// $criteria->params = array(':userlevel' => $userlevel);
//Apply To Model
$usernames = Users::model()->findAll($criteria);
// echo ''. print_r($usernames,1).'
';
// die();
$Access_name = array();
foreach ($usernames as $username)
array_push($Access_name,$username->username);
self::$_getaccess = $Access_name;
}
return self::$_getaccess;
}
else {
if (!self::$_getaccess)
{
$criteria = new CDbCriteria;
$criteria->condition = 'UserLevel='.$userlevel;
//Apply To Model
$usernames = Users::model()->findAll($criteria);
$Access_name = array();
foreach ($usernames as $username)
array_push($Access_name,$username->username);
self::$_getaccess = $Access_name;
}
return self::$_getaccess;
}
}
}
in above param function define which user should be access
now you can call this function in to accessRules() in every controller & add which user level will be access
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('index','view'),
'users'=> Userrule::getAccess(array(0,1,6)),//send as array
),
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('create'),
// 'users'=> Userrule::getAccess(1),
'users'=> Userrule::getAccess(array(1,6)),//send as array
// 'users'=>array('admin','channa'),
),
array('allow', // allow admin user to perform 'admin' and 'delete' actions
// 'actions'=>array('admin','delete'),
'actions'=>array('delete','update'),
'users'=> Userrule::getAccess(1),//send as variable
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
sd